{"id":18555161,"url":"https://github.com/arillso/ansible.sudoers","last_synced_at":"2025-04-09T23:32:00.779Z","repository":{"id":25747575,"uuid":"106416947","full_name":"arillso/ansible.sudoers","owner":"arillso","description":"Manage sudoers and sudoers.d in Debian-like systems.","archived":false,"fork":false,"pushed_at":"2024-01-28T10:07:20.000Z","size":69,"stargazers_count":7,"open_issues_count":3,"forks_count":7,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-24T13:43:59.867Z","etag":null,"topics":["ansible","ansible-role","sudores"],"latest_commit_sha":null,"homepage":"","language":"Jinja","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/arillso.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-10-10T12:53:35.000Z","updated_at":"2024-12-11T12:17:32.000Z","dependencies_parsed_at":"2024-11-06T21:32:22.310Z","dependency_job_id":"5ecbe2eb-c9c6-4ceb-a5c7-b3d3b56e6327","html_url":"https://github.com/arillso/ansible.sudoers","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arillso%2Fansible.sudoers","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arillso%2Fansible.sudoers/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arillso%2Fansible.sudoers/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/arillso%2Fansible.sudoers/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/arillso","download_url":"https://codeload.github.com/arillso/ansible.sudoers/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248129893,"owners_count":21052655,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["ansible","ansible-role","sudores"],"created_at":"2024-11-06T21:25:28.939Z","updated_at":"2025-04-09T23:31:59.644Z","avatar_url":"https://github.com/arillso.png","language":"Jinja","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Ansible Role: sudoers\n\n\u003c!-- markdownlint-disable MD013 --\u003e\n\n[![license](https://img.shields.io/github/license/mashape/apistatus.svg?style=flat-square\u0026logo=Open%20Source%20Initiative)](LICENSE) [![Ansible Role](https://img.shields.io/ansible/role/54450?label=role%20name\u0026style=flat-square\u0026logo=ansible)](https://galaxy.ansible.com/arillso/sudoers) [![Ansible Role](https://img.shields.io/ansible/role/d/54450.svg?style=flat-square\u0026logo=ansible)](https://galaxy.ansible.com/arillso/sudoers) [![Ansible Quality Score](https://img.shields.io/ansible/quality/54450?label=role%20quality\u0026style=flat-square\u0026logo=ansible)](https://galaxy.ansible.com/arillso/sudoers) [![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/arillso/ansible.sudoers?style=flat-square\u0026logo=github)](https://github.com/arillso/ansible.sudoers/releases) [![GitHub Workflow Status (branch)](https://img.shields.io/github/workflow/status/arillso/ansible.sudoers/Role%20Tests/main?label=integration%20tests\u0026style=flat-square\u0026logo=github)](https://github.com/arillso/ansible.sudoers/actions?query=workflow%3A%22Role+Tests%22)\n\n\u003c!-- markdownlint-enable MD013 --\u003e\n\n## Description\n\nManage sudoers and sudoers.d in Linux.\n\n## Installation\n\n```bash\nansible-galaxy install arillso.sudoers\n```\n\n## Requirements\n\nNone\n\n## Role Variables\n\n### sudoers_package\n\nName of package\n\n```yml\nsudoers_package: sudo\n```\n\n### sudoers_sudoers\n\nsudores file declarations\n\n```yml\nsudoers_sudoers_file: '/etc/sudoers'\n```\n\n### sudoers_use_os_defaults\n\nIncludes default rules that ship with target distro (boolean)\n\n```yml\nsudoers_use_os_defaults: true\n```\n\n### sudoers_sudoers\n\nDefault configuration options\n\n#### sudoers_sudoers.defaults\n\ndefault configuration options\n\n```yml\nsudoers_sudoers:\n  defaults: []\n```\n\n#### sudoers_sudoers.defaults_*\n\nSupport for additional default types.\n\nSudoers manual excerpt:\n\n```yml\nDefault_Type ::= 'Defaults' |\n                 'Defaults' '@' Host_List |\n                 'Defaults' ':' User_List |\n                 'Defaults' '!' Cmnd_List |\n                 'Defaults' '\u003e' Runas_List\n```\n\nVariables:\n\n```yml\nsudoers_sudoers:\n  defaults_host: []\n  defaults_user: []\n  defaults_cmnd: []\n  defaults_runas: []\n```\n\n#### sudoers_sudoers.host_aliases\n\nA list of aliases of type `Host_Alias`\n\n| Variable                               | Comments (type)        |\n| :------------------------------------- | :--------------------- |\n| `sudoers_sudoers.host_aliases.name`:   | Name of the alias      |\n| `sudoers_sudoers.host_aliases.members` | Member(s) of the alias |\n\n#### `sudoers_sudoers.user_aliases`\n\nA list of aliases of type `User_Alias`\n\n| Variable                               | Comments (type)        |\n| :------------------------------------- | :--------------------- |\n| `sudoers_sudoers.user_aliases.name`    | Name of the alias      |\n| `sudoers_sudoers.user_aliases.members` | Member(s) of the alias |\n\n#### sudoers_sudoers.cmnd_aliases\n\nA list of aliases of type `Cmnd_Alias`\n\n| Variable                               | Comments (type)        |\n| :------------------------------------- | :--------------------- |\n| `sudoers_sudoers.cmnd_aliases.name`    | Name of the alias      |\n| `sudoers_sudoers.cmnd_aliases.members` | Member(s) of the alias |\n\n#### sudoers_sudoers.runas_aliases\n\nA list of aliases of type `Runas_Alias`\n\n| Variable                                | Comments (type)        |\n| :-------------------------------------- | :--------------------- |\n| `sudoers_sudoers.runas_aliases.name`    | Name of the alias      |\n| `sudoers_sudoers.runas_aliases.members` | Member(s) of the alias |\n\n#### sudoers_sudoers.privileges`\n\nList of privileges\n\n| Variable                           | Comments (type)                                           |\n| :--------------------------------- | :-------------------------------------------------------- |\n| `sudoers_sudoers.privileges.name`  | Name of user or group (group should be prefixed with '%') |\n| `sudoers_sudoers.privileges.entry` | A privilege entry                                         |\n\n### Example\n\n```yml\nsudoers_sudoers:\n  defaults:\n    - env_reset\n    - exempt_group=sudo\n    - mail_badpass\n    - secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n  defaults_host:\n    - host_list: SERVERS\n      entry: log_year, logfile=/var/log/sudo.log\n  defaults_user: \n    - user_list: FULLTIMERS\n      entry: '!lecture'\n  defaults_cmnd: \n    - cmnd_list: PAGERS\n      entry: noexec\n  defaults_runas:\n    - runas_list: root\n      entry: '!set_logname'\n  host_aliases:\n    - name: CUNETS\n      members: 128.138.0.0/255.255.0.0\n    - name: SERVERS\n      members: master, mail, www, ns\n  user_aliases:\n    - name: FULLTIMERS\n      members: millert, mikef, dowdy\n    - name: PARTTIMERS\n      members: bostley, jwfox, crawl\n  cmnd_aliases:\n    - name: KILL\n      members: /usr/bin/kill\n    - name: HALT\n      members: /usr/sbin/halt\n  privileges:\n    - name: root\n      entry: 'ALL=(ALL:ALL) ALL'\n    - name: '%admin'\n      entry: 'ALL=(ALL) ALL'\n    - name: '%sudo'\n      entry: 'ALL=NOPASSWD:ALL'\n```\n\n### sudoers_sudoers_d_files\n\n`/etc/sudoers.d/*` file(s) declarations\n\n### sudoers_sudoers_d_files.key\n\nThe name of the sudoers configuration file (e.g `vagrant`)\n\n```yml\nsudoers_sudoers_d_files:\n  key:\n```\n\n| Variable                                            | Default | Comments (type)                                           |\n| :-------------------------------------------------- | :------ | :-------------------------------------------------------- |\n| `sudoers_sudoers_d_files.key.defaults`              | `[]`    | Default configuration options                             |\n| `sudoers_sudoers_d_files.key.defaults_host`         | `[]`    | Defaults@ configuration options                           |\n| `sudoers_sudoers_d_files.key.defaults_user`         | `[]`    | Defaults: configuration options                           |\n| `sudoers_sudoers_d_files.key.defaults_cmnd`         | `[]`    | Defaults! configuration options                           |\n| `sudoers_sudoers_d_files.key.defaults_runas`        | `[]`    | Defaults\u003e configuration options                           |\n| `sudoers_sudoers_d_files.key.host_aliases`          | `[]`    | A list of aliases of type `Host_Alias`                    |\n| `sudoers_sudoers_d_files.key.host_aliases.name`     |         | Name of the alias                                         |\n| `sudoers_sudoers_d_files.key.host_aliases.members`  |         | Member(s) of the alias                                    |\n| `sudoers_sudoers_d_files.key.user_aliases`          | `[]`    | A list of aliases of type `User_Alias`                    |\n| `sudoers_sudoers_d_files.key.user_aliases.name`     |         | Name of the alias                                         |\n| `sudoers_sudoers_d_files.key.user_aliases.members`  |         | Member(s) of the alias                                    |\n| `sudoers_sudoers_d_files.key.cmnd_aliases`          | `[]`    | A list of aliases of type `Cmnd_Alias`                    |\n| `sudoers_sudoers_d_files.key.cmnd_aliases.name`     |         | Name of the alias                                         |\n| `sudoers_sudoers_d_files.key.cmnd_aliases.members`  |         | Member(s) of the alias                                    |\n| `sudoers_sudoers_d_files.key.runas_aliases`         | `[]`    | A list of aliases of type `Runas_Alias`                   |\n| `sudoers_sudoers_d_files.key.runas_aliases.name`    |         | Name of the alias                                         |\n| `sudoers_sudoers_d_files.key.runas_aliases.members` |         | Member(s) of the alias                                    |\n| `sudoers_sudoers_d_files.key.privileges`            | `[]`    | List of privileges                                        |\n| `sudoers_sudoers_d_files.key.privileges.name`       |         | Name of user or group (group should be prefixed with '%') |\n| `sudoers_sudoers_d_files.key.privileges.entry`      |         | A privilege entry                                         |\n\n### Example\n\n```yml\nsudoers_sudoers_d_files:\n  test:\n    defaults:\n      - env_reset\n      - exempt_group=sudo\n      - mail_badpass\n      - secure_path=\"/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"\n    defaults_user:\n      - user_list: test\n        entry: '!authenticate'\n    host_aliases:\n      - name: WORKSTATIONS\n        members: 128.138.0.0/255.255.0.0\n    privileges:\n      - name: test\n        entry: 'ALL=(ALL:ALL) ALL'\n```\n\n## Dependencies\n\nNone\n\n## Example Playbook\n\n```yaml\n---\n- hosts: all\n  roles:\n    - arillso.sudoers\n```\n\n## Author\n\n- [Simon Bärlocher](https://sbaerlocher.ch)\n- Mark van Driel\n- Mischa ter Smitten\n\n## License\n\nThis project is under the MIT License. See the [LICENSE](licence) file for the full license text.\n\n## Copyright\n\n(c) 2022, Arillso\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farillso%2Fansible.sudoers","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Farillso%2Fansible.sudoers","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Farillso%2Fansible.sudoers/lists"}