set up the user johndoe with permission to use any command as root via sudo by adding a line in the /etc/sudoers file with Ansible’s lineinfile module:
- name: Add sudo rights for deployment user.
lineinfile:
dest: /etc/sudoers
regexp: '^johndoe'
line: 'johndoe ALL=(ALL) NOPASSWD: ALL'
state: present
validate: 'visudo -cf %s'
we make sure to validate the sudoers file to ensure Ansible’s changes don’t result in a broken configuration.
lineinfile - Manage lines in text files
- This module ensures a particular line is in a file, or replace an existing line using a back-referenced regular expression.
- This is primarily useful when you want to change a single line in a file only. See the replace module if you want to change multiple, similar lines or check blockinfile if you want to insert/update/remove a block of lines in a file. For other cases, see the copy or templatemodules.
regexp
The regular expression to look for in every line of the file. For state=present, the pattern to replace if found. Only the last line found will be replaced. For state=absent, the pattern of the line(s) to remove. Uses Python regular expressions. See http://docs.python.org/2/library/re.html.
line
Required for state=present. The line to insert/replace into the file. If backrefs is set, may contain backreferences that will get expanded with the regexp capture groups if the regexp matches.
state
Choices:
- absent
- present ←
Whether the line should be there or not.
lineinfile - Manage lines in text files
- This module ensures a particular line is in a file, or replace an existing line using a back-referenced regular expression.
- This is primarily useful when you want to change a single line in a file only. See the replace module if you want to change multiple, similar lines or check blockinfile if you want to insert/update/remove a block of lines in a file. For other cases, see the copy or templatemodules.
lineinfile - Manage lines in text files — Ansible Documentation
