Last Updated: February 25, 2016

Distribute sudoers file safely

When templating a sudoers file onto machines, I (now) make sure the file is only installed to its final location if visudo has checked it.

I do something like this in my playbook:

- action: template src=sudoers.in dest=/etc/sudoers.tmp
- action: shell visudo -q -c -f /etc/sudoers.tmp && cp /etc/sudoers.tmp /etc/sudoers

#ansible

Written by JP Mens

Say Thanks

Respond

Related protips

Ansible retry task

78.84K

updating PATH with ansible - system wide

78.35K

Dump all variables

62.37K

1 Response

Add your response

bcoca

in 1.2 you can use:

- action: templates src=sudoers.in dest=/etc/sudoers validate="visudo %s"

let there be cake anyways!

over 1 year ago ·

Have a fresh tip? Share with Coderwall community!

Post

Post a tip

Best #Ansible Authors

130.7K

113K

92.41K

78.83K

73.25K

Related Tags

Filed Under

Awesome Job

Post a job for only $299

#native_title# #native_desc#

#native_cta#

Distribute sudoers file safely

Written by JP Mens

Related protips

Ansible retry task

updating PATH with ansible - system wide

Dump all variables

1 Response Add your response

Have a fresh tip? Share with Coderwall community!

1 Response

Add your response