23 lines
515 B
Plaintext
23 lines
515 B
Plaintext
|
Configure sudoers:
|
||
|
file.managed:
|
||
|
- name: /etc/sudoers
|
||
|
- source: salt://files/sudoers
|
||
|
- user: root
|
||
|
- group: root
|
||
|
- mode: "0440"
|
||
|
|
||
|
add sudoers.d file for {{ pillar['username'] }}:
|
||
|
file.managed:
|
||
|
- name: /etc/sudoers.d/{{ pillar['username'] }}
|
||
|
- source: salt://files/user_sudo
|
||
|
- template: jinja
|
||
|
- user: root
|
||
|
- group: root
|
||
|
- mode: 0640
|
||
|
|
||
|
remove root password:
|
||
|
cmd.run:
|
||
|
- name: usermod -p '!' root
|
||
|
- unless: '[[ $(grep root /etc/shadow | cut -f2 -d":") == "!" ]]'
|
||
|
|