Made Ansible passwordless root not impact global passwordless root

This commit is contained in:
Brian Zalewski 2023-11-06 10:06:56 +00:00
parent 8df97bf409
commit 4a3d0b5443

View file

@ -581,9 +581,9 @@ async function afterInstall(packageManager) {
log('info', logStage, `Ensuring temporary passwordless sudo privileges used by Ansible are removed`) log('info', logStage, `Ensuring temporary passwordless sudo privileges used by Ansible are removed`)
const gsed = which.sync('gsed', { nothrow: true }) const gsed = which.sync('gsed', { nothrow: true })
if (gsed) { if (gsed) {
await $`sudo gsed -i '/# TEMPORARY FOR INSTALL DOCTOR/d' /etc/sudoers` await $`sudo gsed -i '/# TEMPORARY FOR ANSIBLE INSTALL DOCTOR/d' /etc/sudoers`
} else { } else {
await $`sudo sed -i '/# TEMPORARY FOR INSTALL DOCTOR/d' /etc/sudoers` await $`sudo sed -i '/# TEMPORARY FOR ANSIBLE INSTALL DOCTOR/d' /etc/sudoers`
} }
} else if (packageManager === 'apk') { } else if (packageManager === 'apk') {
} else if (packageManager === 'apt') { } else if (packageManager === 'apt') {
@ -733,7 +733,7 @@ async function beforeInstall(packageManager) {
} }
} else if (packageManager === 'ansible') { } else if (packageManager === 'ansible') {
log('info', logStage, `Temporarily enabling passwordless sudo for Ansible role installations`) log('info', logStage, `Temporarily enabling passwordless sudo for Ansible role installations`)
await $`echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR INSTALL DOCTOR" | sudo tee -a /etc/sudoers` await $`echo "$(whoami) ALL=(ALL:ALL) NOPASSWD: ALL # TEMPORARY FOR ANSIBLE INSTALL DOCTOR" | sudo tee -a /etc/sudoers`
log('info', logStage, 'Running Ansible setup task so facts are cached') log('info', logStage, 'Running Ansible setup task so facts are cached')
const unbuffer = which.sync('unbuffer', { nothrow: true }) const unbuffer = which.sync('unbuffer', { nothrow: true })
let unbufferPrefix = '' let unbufferPrefix = ''