summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--playbooks/rkhunter-propupd.yml7
-rw-r--r--roles/dnsserver/files/sudo21
2 files changed, 28 insertions, 0 deletions
diff --git a/playbooks/rkhunter-propupd.yml b/playbooks/rkhunter-propupd.yml
new file mode 100644
index 0000000..414b15c
--- /dev/null
+++ b/playbooks/rkhunter-propupd.yml
@@ -0,0 +1,7 @@
+---
+- hosts: all
+ remote_user: root
+ tasks:
+ - name: rkhunter internal database update
+ command: /usr/bin/rkhunter --propupd
+ when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host"
diff --git a/roles/dnsserver/files/sudo b/roles/dnsserver/files/sudo
index 657797e..0b7f8cd 100644
--- a/roles/dnsserver/files/sudo
+++ b/roles/dnsserver/files/sudo
@@ -1,4 +1,5 @@
User_Alias MOI = backup, casper
+User_Alias VINC = vincent
Cmnd_Alias CRYPTOPEN = /usr/sbin/cryptsetup luksOpen virtual-disk1-200Gio --key-file - virtual-disk1-200Gio
Cmnd_Alias MOUNT = /usr/bin/mount /dev/mapper/virtual-disk1-200Gio mnt/virtual-disk1/
@@ -11,6 +12,16 @@ Cmnd_Alias UMOUNT2 = /usr/bin/umount mnt/virtual-disk2/
Cmnd_Alias CRYPTCLOSE2 = /usr/sbin/cryptsetup luksClose virtual-disk2-200Gio
+Cmnd_Alias CRYPTOPEN3 = /usr/sbin/cryptsetup luksOpen virtual-disk1-40Gio
+Cmnd_Alias MOUNT3 = /usr/bin/mount /dev/mapper/virtual-disk1-40Gio mnt/virtual-disk1/
+Cmnd_Alias UMOUNT3 = /usr/bin/umount mnt/virtual-disk1/
+Cmnd_Alias CRYPTCLOSE3 = /usr/sbin/cryptsetup luksClose virtual-disk1-40Gio
+Cmnd_Alias LUKSINIT3 = /usr/sbin/cryptsetup luksFormat virtual-disk1-40Gio
+Cmnd_Alias LUKSADDKEY3 = /usr/sbin/cryptsetup luksAddKey virtual-disk1-40Gio
+Cmnd_Alias LUKSDELKEY3 = /usr/sbin/cryptsetup luksRemoveKey virtual-disk1-40Gio
+Cmnd_Alias MKFS3 = /usr/sbin/mkfs.ext4 /dev/mapper/virtual-disk1-40Gio
+
+
MOI ALL = NOPASSWD: CRYPTOPEN
MOI ALL = NOPASSWD: MOUNT
MOI ALL = NOPASSWD: UMOUNT
@@ -20,3 +31,13 @@ MOI ALL = NOPASSWD: CRYPTOPEN2
MOI ALL = NOPASSWD: MOUNT2
MOI ALL = NOPASSWD: UMOUNT2
MOI ALL = NOPASSWD: CRYPTCLOSE2
+
+
+VINC ALL = NOPASSWD: CRYPTOPEN3
+VINC ALL = NOPASSWD: MOUNT3
+VINC ALL = NOPASSWD: UMOUNT3
+VINC ALL = NOPASSWD: CRYPTCLOSE3
+VINC ALL = NOPASSWD: LUKSINIT3
+VINC ALL = NOPASSWD: LUKSADDKEY3
+VINC ALL = NOPASSWD: LUKSDELKEY3
+VINC ALL = NOPASSWD: MKFS3
generated by cgit (git 2.34.1) at 2024-05-06 03:37:34 +0000