mirror of
https://github.com/rocky-linux/infrastructure
synced 2024-12-22 19:08:30 +00:00
commit
66d0d80807
2
.github/workflows/yamllint.yml
vendored
2
.github/workflows/yamllint.yml
vendored
@ -1,6 +1,6 @@
|
||||
---
|
||||
# https://github.com/ibiqlik/action-yamllint
|
||||
name: YAMLlint
|
||||
name: YAML Lint
|
||||
|
||||
on:
|
||||
push:
|
||||
|
@ -31,6 +31,7 @@
|
||||
{{ ( force_purge | bool ) | ternary('--force','') }}
|
||||
--role-file {{ installation_prefix }}roles/requirements.yml
|
||||
--roles-path {{ installation_prefix }}{{ roles_installation_dir }}
|
||||
changed_when: false
|
||||
|
||||
- name: Install needed collections
|
||||
command: >
|
||||
@ -38,6 +39,7 @@
|
||||
{{ ( force_purge | bool ) | ternary('--force-with-deps','') }}
|
||||
-r {{ installation_prefix }}roles/requirements.yml
|
||||
-p {{ installation_prefix }}{{ collection_installation_dir }}
|
||||
changed_when: false
|
||||
|
||||
- name: cleanup old ssh known_hosts - remove
|
||||
file:
|
||||
|
@ -5,10 +5,10 @@
|
||||
copy:
|
||||
src: "etc/pam.d/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth-ac"
|
||||
dest: "{{ item }}"
|
||||
mode: "0644"
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
mode: '0644'
|
||||
loop:
|
||||
- /etc/pam.d/system-auth-ac
|
||||
- /etc/pam.d/password-auth-ac
|
||||
when:
|
||||
@ -16,14 +16,11 @@
|
||||
- ansible_facts['distribution_major_version'] == '7'
|
||||
|
||||
- name: Enterprise Linux 8 PAM Configuration
|
||||
when:
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['distribution_major_version'] == '8'
|
||||
block:
|
||||
- name: Ensure Custom Profile is removed
|
||||
file:
|
||||
state: absent
|
||||
path: /etc/authselect/custom/sssd-rocky
|
||||
state: absent
|
||||
|
||||
- name: Create custom authselect profile based on sssd
|
||||
command: >
|
||||
@ -34,15 +31,16 @@
|
||||
--symlink=postlogin
|
||||
--symlink=smartcard-auth
|
||||
--symlink=fingerprint-auth
|
||||
changed_when: false
|
||||
|
||||
- name: Override system-auth and password-auth
|
||||
copy:
|
||||
src: "etc/authselect/custom/sssd-aoc/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}-system-auth"
|
||||
dest: "{{ item }}"
|
||||
mode: '0644'
|
||||
owner: root
|
||||
group: root
|
||||
with_items:
|
||||
mode: '0644'
|
||||
loop:
|
||||
- /etc/authselect/custom/sssd-aoc/system-auth
|
||||
- /etc/authselect/custom/sssd-aoc/password-auth
|
||||
|
||||
@ -54,12 +52,17 @@
|
||||
with-mkhomedir
|
||||
with-sudo
|
||||
--force
|
||||
changed_when: false
|
||||
|
||||
- name: Apply new settings
|
||||
command: /usr/bin/authselect apply-changes
|
||||
changed_when: false
|
||||
|
||||
- name: Enable oddjobd
|
||||
service:
|
||||
name: oddjobd
|
||||
state: started
|
||||
enabled: yes
|
||||
when:
|
||||
- ansible_facts['os_family'] == 'RedHat'
|
||||
- ansible_facts['distribution_major_version'] == '8'
|
||||
|
Loading…
Reference in New Issue
Block a user