From 1664affcf7624a639a537d73d77566bd5526bbec Mon Sep 17 00:00:00 2001
From: Chris Hines <chris.hines@monash.edu>
Date: Wed, 10 Feb 2016 06:56:36 +0000
Subject: [PATCH] a new role to allow one of our ldap groups to sudo. Define a
 variable called sudo_group to use

---
 roles/enable_sudo_group/tasks/main.yml              | 4 ++++
 roles/enable_sudo_group/templates/10-admin_group.j2 | 1 +
 2 files changed, 5 insertions(+)
 create mode 100644 roles/enable_sudo_group/tasks/main.yml
 create mode 100644 roles/enable_sudo_group/templates/10-admin_group.j2

diff --git a/roles/enable_sudo_group/tasks/main.yml b/roles/enable_sudo_group/tasks/main.yml
new file mode 100644
index 0000000..4456e42
--- /dev/null
+++ b/roles/enable_sudo_group/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+- name: template sudoers file
+  template: src=10-admin_group.j2 dest=/etc/sudoers.d/10-admin_group
+  become: true
diff --git a/roles/enable_sudo_group/templates/10-admin_group.j2 b/roles/enable_sudo_group/templates/10-admin_group.j2
new file mode 100644
index 0000000..624588d
--- /dev/null
+++ b/roles/enable_sudo_group/templates/10-admin_group.j2
@@ -0,0 +1 @@
+%{{ sudo_group }} ALL=(ALL) ALL
-- 
GitLab