Added conditional checks

2025-02-28 12:33:34 +01:00 · 2025-02-28 12:33:34 +01:00 · 1e99fb4984
commit 1e99fb4984
parent 7a48c860e7
1 changed files with 15 additions and 1 deletions
--- a/roles/qubes-f41-gnome/tasks/main.yaml
+++ b/roles/qubes-f41-gnome/tasks/main.yaml
@ -227,14 +227,20 @@
       line: '\1&protocol=https'
     loop: '{{ found_files.files }}'

+   - name: Check that the sudo-dom0-prompt exists
+     stat:
+       path: '/etc/authselect/custom/sudo-dom0-prompt'
+     register: stat_result
+
   - name: Create authselect profile
     shell: authselect create-profile sudo-dom0-prompt --base-on=sssd --symlink-meta --symlink-pam
-
+     when: not stat_result.stat.exists
   - name: Copy authselect file
     ansible.builtin.copy:
      src: '/etc/authselect/custom/sudo-dom0-prompt/system-auth'
      dest: '/etc/authselect/custom/sudo-dom0-prompt/system-auth.original_aside'
      mode: '0644'
+     

   - name: Copy authselect folder
     ansible.builtin.copy:
@ -258,10 +264,18 @@
      dest: '/etc/sudoers.d/qubes'
      mode: '0440'

+   - name: Check that allow all rule doesn't exist
+     stat:
+       path: '/etc/polkit-1/rules.d/00-qubes-allow-all.rules'
+     register: stat_result
+
   - name: Delete allow all rule
     ansible.builtin.file:
      path: '/etc/polkit-1/rules.d/00-qubes-allow-all.rules'
      state: 'absent'
+      when: not stat_result.stat.exists
+
+

   - name: Drop flathub script to homedir for any new appvms created based on this template
     ansible.builtin.copy: