kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-03-31 14:24:16 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized .mds and meta/main.yml for sudo

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-03-14 12:19:23 +01:00
parent 36c76fd00e
commit d014d25e40
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
2 changed files with 44 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
roles/sudo/README.md Normal file
View File

@ -0,0 +1,20 @@
# Sudo
## Description
This role installs the [sudo](https://en.wikipedia.org/wiki/Sudo) package and deploys a default sudoers file to ensure secure and consistent privilege escalation on the target system. It uses a preconfigured sudoers file that follows best practices and includes directives to read drop-in files from `/etc/sudoers.d`.
## Overview
Optimized for security and ease of administration, this role guarantees that sudo is installed and configured according to recommended practices. The provided sudoers file includes essential comments, host/user aliases, and defaults to help prevent misconfigurations.
## Purpose
The primary purpose of this role is to ensure that the target system has a reliable sudo configuration. By installing the [sudo](https://en.wikipedia.org/wiki/Sudo) package and deploying a standard sudoers file, the role facilitates proper administrative access and minimizes potential security risks.
## Features
- **Sudo Package Installation:** Installs the [sudo](https://en.wikipedia.org/wiki/Sudo) package if it is not already present.
- **Default Sudoers Configuration:** Deploys a default sudoers file with best-practice settings.
- **Drop-in Inclusion:** Ensures that configuration files from `/etc/sudoers.d` are included.
- **Security Focus:** Provides commented guidelines to avoid common sudo misconfigurations.

24
roles/sudo/meta/main.yml Normal file
View File

@ -0,0 +1,24 @@
---
galaxy_info:
author: "Kevin Veen-Birkenbach"
description: "Installs and configures the sudo package with a default sudoers file to ensure secure privilege escalation and system administration."
license: "CyMaIS NonCommercial License (CNCL)"
license_url: "https://s.veen.world/cncl"
company: |
Kevin Veen-Birkenbach
Consulting & Coaching Solutions
https://www.veen.world
min_ansible_version: "2.9"
platforms:
- name: Linux
versions:
- all
galaxy_tags:
- sudo
- security
- administration
- configuration
repository: "https://s.veen.world/cymais"
issue_tracker_url: "https://s.veen.world/cymaisissues"
documentation: "https://s.veen.world/cymais"
dependencies: []