issue #477: build a CentOS 5/Py2.4 container + playbook compat fixes.

issue510
David Wilson 6 years ago
parent a31718a6bc
commit 572db1a385

@ -1,9 +0,0 @@
# https://www.toofishes.net/blog/trouble-sudoers-or-last-entry-wins/
%mitogen__sudo_nopw ALL=(ALL:ALL) NOPASSWD:ALL
mitogen__has_sudo_nopw ALL = (mitogen__pw_required) ALL
mitogen__has_sudo_nopw ALL = (mitogen__require_tty_pw_required) ALL
Defaults>mitogen__pw_required targetpw
Defaults>mitogen__require_tty requiretty
Defaults>mitogen__require_tty_pw_required requiretty,targetpw

@ -22,7 +22,6 @@
packages:
common:
- git
- openssh-server
- rsync
- strace
@ -32,6 +31,9 @@
- libjson-perl
- python-virtualenv
CentOS:
"5":
- sudo
#- perl-JSON -- skipped on CentOS 5, packages are a pain.
"6":
- perl-JSON
"7":
@ -91,9 +93,23 @@
dest: /etc/ssh/banner.txt
src: ../data/docker/ssh_login_banner.txt
- copy:
dest: /etc/sudoers.d/001-mitogen
src: ../data/docker/001-mitogen.sudo
- name: Ensure /etc/sudoers.d exists
file:
state: directory
path: /etc/sudoers.d
mode: 'u=rwx,go='
- blockinfile:
path: /etc/sudoers
block: |
# https://www.toofishes.net/blog/trouble-sudoers-or-last-entry-wins/
%mitogen__sudo_nopw ALL=(ALL:ALL) NOPASSWD:ALL
mitogen__has_sudo_nopw ALL = (mitogen__pw_required) ALL
mitogen__has_sudo_nopw ALL = (mitogen__require_tty_pw_required) ALL
Defaults>mitogen__pw_required targetpw
Defaults>mitogen__require_tty requiretty
Defaults>mitogen__require_tty_pw_required requiretty,targetpw
- lineinfile:
path: /etc/sudoers

@ -67,18 +67,18 @@
shell: /bin/bash
groups: "{{user_groups[item]|default(['mitogen__group'])}}"
password: "{{ (item + '_password') | password_hash('sha256') }}"
loop: "{{all_users}}"
with_items: "{{all_users}}"
when: ansible_system != 'Darwin'
- user:
name: "mitogen__{{item}}"
shell: /bin/bash
groups: "{{user_groups[item]|default(['mitogen__group'])}}"
password: "{{item}}_password"
loop: "{{all_users}}"
with_items: "{{all_users}}"
when: ansible_system == 'Darwin'
- name: Hide users from login window.
loop: "{{all_users}}"
with_items: "{{all_users}}"
when: ansible_system == 'Darwin'
osx_defaults:
array_add: true
@ -149,4 +149,4 @@
lineinfile:
path: /etc/sudoers
line: "{{lookup('pipe', 'whoami')}} ALL = (mitogen__{{item}}) NOPASSWD:ALL"
loop: "{{normal_users}}"
with_items: "{{normal_users}}"

@ -25,6 +25,7 @@ def sh(s, *args):
label_by_id = {}
for base_image, label in [
('astj/centos5-vault', 'centos5'), # Python 2.4.3
('debian:stretch', 'debian'), # Python 2.7.13, 3.5.3
('centos:6', 'centos6'), # Python 2.6.6
('centos:7', 'centos7') # Python 2.7.5

@ -10,5 +10,5 @@
Ubuntu: sudo
CentOS: wheel
- import_playbook: _container_setup.yml
- import_playbook: _user_accounts.yml
- include: _container_setup.yml
- include: _user_accounts.yml

Loading…
Cancel
Save