diff options
-rw-r--r-- | playbooks/rkhunter-propupd.yml | 7 | ||||
-rw-r--r-- | roles/dnsserver/files/sudo | 21 |
2 files changed, 28 insertions, 0 deletions
diff --git a/playbooks/rkhunter-propupd.yml b/playbooks/rkhunter-propupd.yml new file mode 100644 index 0000000..414b15c --- /dev/null +++ b/playbooks/rkhunter-propupd.yml @@ -0,0 +1,7 @@ +--- +- hosts: all + remote_user: root + tasks: + - name: rkhunter internal database update + command: /usr/bin/rkhunter --propupd + when: ansible_virtualization_role == "NA" or ansible_virtualization_role == "host" diff --git a/roles/dnsserver/files/sudo b/roles/dnsserver/files/sudo index 657797e..0b7f8cd 100644 --- a/roles/dnsserver/files/sudo +++ b/roles/dnsserver/files/sudo @@ -1,4 +1,5 @@ User_Alias MOI = backup, casper +User_Alias VINC = vincent Cmnd_Alias CRYPTOPEN = /usr/sbin/cryptsetup luksOpen virtual-disk1-200Gio --key-file - virtual-disk1-200Gio Cmnd_Alias MOUNT = /usr/bin/mount /dev/mapper/virtual-disk1-200Gio mnt/virtual-disk1/ @@ -11,6 +12,16 @@ Cmnd_Alias UMOUNT2 = /usr/bin/umount mnt/virtual-disk2/ Cmnd_Alias CRYPTCLOSE2 = /usr/sbin/cryptsetup luksClose virtual-disk2-200Gio +Cmnd_Alias CRYPTOPEN3 = /usr/sbin/cryptsetup luksOpen virtual-disk1-40Gio +Cmnd_Alias MOUNT3 = /usr/bin/mount /dev/mapper/virtual-disk1-40Gio mnt/virtual-disk1/ +Cmnd_Alias UMOUNT3 = /usr/bin/umount mnt/virtual-disk1/ +Cmnd_Alias CRYPTCLOSE3 = /usr/sbin/cryptsetup luksClose virtual-disk1-40Gio +Cmnd_Alias LUKSINIT3 = /usr/sbin/cryptsetup luksFormat virtual-disk1-40Gio +Cmnd_Alias LUKSADDKEY3 = /usr/sbin/cryptsetup luksAddKey virtual-disk1-40Gio +Cmnd_Alias LUKSDELKEY3 = /usr/sbin/cryptsetup luksRemoveKey virtual-disk1-40Gio +Cmnd_Alias MKFS3 = /usr/sbin/mkfs.ext4 /dev/mapper/virtual-disk1-40Gio + + MOI ALL = NOPASSWD: CRYPTOPEN MOI ALL = NOPASSWD: MOUNT MOI ALL = NOPASSWD: UMOUNT @@ -20,3 +31,13 @@ MOI ALL = NOPASSWD: CRYPTOPEN2 MOI ALL = NOPASSWD: MOUNT2 MOI ALL = NOPASSWD: UMOUNT2 MOI ALL = NOPASSWD: CRYPTCLOSE2 + + +VINC ALL = NOPASSWD: CRYPTOPEN3 +VINC ALL = NOPASSWD: MOUNT3 +VINC ALL = NOPASSWD: UMOUNT3 +VINC ALL = NOPASSWD: CRYPTCLOSE3 +VINC ALL = NOPASSWD: LUKSINIT3 +VINC ALL = NOPASSWD: LUKSADDKEY3 +VINC ALL = NOPASSWD: LUKSDELKEY3 +VINC ALL = NOPASSWD: MKFS3 |