1

I am using Ansible to deploy sudoers file in all the server the sudoers rights are stored in a central repository and dynamically generated via Python libraries installed locally on the Control Node.

I've tried to create a Python script on the libraries folder on the Control Node, but do not now know how to push the file generated in the variable a of the code below to the Remote Hosts into /etc/sudoers.

I thought creating a module or a plugin would do the trick but really do not know how to integrate my code below with an Ansible module or plugin.

from sudo_manager.objects import Host
import sudo_manager
h = Host.get_host('hostname')
a = sudo_manager.render_sudoers(h, 'sudoers.j2')

Any help will be appreciated.

U880D
  • 8,601
  • 6
  • 24
  • 40
zn553
  • 87
  • 7

1 Answers1

1

The best option would be to use the template module, given the file sudoers.j2 is a Jinja2 template.

- hosts: remote_hosts
  tasks:
    - template:
        src: sudoers.j2
        dest: /etc/sudoers

Ansible might use sudo to escalate privilages. Be careful not to lock yourself out.

Vladimir Botka
  • 58,131
  • 4
  • 32
  • 63
  • the thing is that sudoers file needs to be generated via the python code in my post. so i cannot use that template procedure..the sudoers file are in sqlite databases that are generated on the fliy using `sudo_manager.render_sudoers(h, 'sudoers.j2)` – zn553 May 22 '19 at 09:08
  • If "the sudoers file are in SQLite databases", then get the *src* file from there and use Ansible module copy, or synchronize. A good question might be [Should you develop a module?](https://docs.ansible.com/ansible/latest/dev_guide/developing_modules.html#should-you-develop-a-module). – Vladimir Botka May 22 '19 at 09:42
  • I would actually need an action plugin that will execute the code in the master and then copies the generated file to the target hosts using copy or template modules.. that is where my problem is. – zn553 May 23 '19 at 07:27