Last Updated: February 25, 2016

Distribute sudoers file safely

When templating a sudoers file onto machines, I (now) make sure the file is only installed to its final location if visudo has checked it.

I do something like this in my playbook:

- action: template src=sudoers.in dest=/etc/sudoers.tmp
- action: shell visudo -q -c -f /etc/sudoers.tmp && cp /etc/sudoers.tmp /etc/sudoers

#ansible

Written by JP Mens

Say Thanks

Respond

Related protips

Ansible retry task

78.16K

updating PATH with ansible - system wide

77.4K

Dump all variables

62.12K

1 Response

Add your response

bcoca

in 1.2 you can use:

- action: templates src=sudoers.in dest=/etc/sudoers validate="visudo %s"

let there be cake anyways!

over 1 year ago ·

Have a fresh tip? Share with Coderwall community!

Post

Post a tip

Best #Ansible Authors

128.9K

111.3K

91.03K

77.99K

72.64K

Related Tags

Filed Under

Awesome Job

Post a job for only $299

#native_title# #native_desc#

#native_cta#

Distribute sudoers file safely

Written by JP Mens

Related protips

Ansible retry task

updating PATH with ansible - system wide

Dump all variables

1 Response Add your response

Have a fresh tip? Share with Coderwall community!

1 Response

Add your response