Added conditional checks
This commit is contained in:
mustard
parent
7a48c860e7
commit
1e99fb4984
1 changed files with 15 additions and 1 deletions
|
|
@ -227,14 +227,20 @@
|
|||
line: '\1&protocol=https'
|
||||
loop: '{{ found_files.files }}'
|
||||
|
||||
- name: Check that the sudo-dom0-prompt exists
|
||||
stat:
|
||||
path: '/etc/authselect/custom/sudo-dom0-prompt'
|
||||
register: stat_result
|
||||
|
||||
- name: Create authselect profile
|
||||
shell: authselect create-profile sudo-dom0-prompt --base-on=sssd --symlink-meta --symlink-pam
|
||||
|
||||
when: not stat_result.stat.exists
|
||||
- name: Copy authselect file
|
||||
ansible.builtin.copy:
|
||||
src: '/etc/authselect/custom/sudo-dom0-prompt/system-auth'
|
||||
dest: '/etc/authselect/custom/sudo-dom0-prompt/system-auth.original_aside'
|
||||
mode: '0644'
|
||||
|
||||
|
||||
- name: Copy authselect folder
|
||||
ansible.builtin.copy:
|
||||
|
|
@ -258,10 +264,18 @@
|
|||
dest: '/etc/sudoers.d/qubes'
|
||||
mode: '0440'
|
||||
|
||||
- name: Check that allow all rule doesn't exist
|
||||
stat:
|
||||
path: '/etc/polkit-1/rules.d/00-qubes-allow-all.rules'
|
||||
register: stat_result
|
||||
|
||||
- name: Delete allow all rule
|
||||
ansible.builtin.file:
|
||||
path: '/etc/polkit-1/rules.d/00-qubes-allow-all.rules'
|
||||
state: 'absent'
|
||||
when: not stat_result.stat.exists
|
||||
|
||||
|
||||
|
||||
- name: Drop flathub script to homedir for any new appvms created based on this template
|
||||
ansible.builtin.copy:
|
||||
|
|
|
|||
Loading…
Reference in a new issue