Try SpotterManage FreeIPA sudo command
| "added in version" 2.3 of ansible.builtin"
Authors: Thomas Krahn (@Nosmoht)
preview | supported by community
pipInstall with pip install ansible==2.3.2.0.post1
Add, modify or delete sudo command within FreeIPA server using FreeIPA API.
# Ensure sudo command exists
- ipa_sudocmd:
name: su
description: Allow to run su via sudo
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
# Ensure sudo command does not exist
- ipa_sudocmd:
name: su
state: absent
ipa_host: ipa.example.com
ipa_user: admin
ipa_pass: topsecret
state:
choices:
- present
- absent
default: present
description: State to ensure
required: false
sudocmd:
aliases:
- name
description:
- Sudo Command.
required: true
ipa_host:
default: ipa.example.com
description: IP or hostname of IPA server
required: false
ipa_pass:
description: Password of administrative user
required: true
ipa_port:
default: 443
description: Port of IPA server
required: false
ipa_prot:
choices:
- http
- https
default: https
description: Protocol used by IPA server
required: false
ipa_user:
default: admin
description: Administrative account used on IPA server
required: false
description:
description:
- A description of this command.
required: false
validate_certs:
default: true
description:
- This only applies if C(ipa_prot) is I(https).
- If set to C(no), the SSL certificates will not be validated.
- This should only set to C(no) used on personally controlled sites using self-signed
certificates.
required: false
sudocmd: description: Sudo command as return from IPA API returned: always type: dict