all demo

ansible/playbook/roles/ldap-auth/tasks/sec_test.yml

@@ -0,0 +1,29 @@
+---
+- hosts: sec
+  become: yes
+  gather_facts: yes
+  vars:
+    user_to_check: administrator
+  tasks:
+    - name: Check if administrator has sudo right
+      shell: sudo -n -l -U administrator 2>&1 | egrep -c -i "not allowed to run sudo|unknown user|неизвестный пользователь|не разрешается"
+      args:
+        executable: /bin/bash
+      ignore_errors: yes
+      register: right
+
+    - name: show administrator sudo right
+      debug: var=right.stdout
+
+    - name: Create temporary backup of /etc/sudoers
+      copy:
+        src: "/etc/sudoers"
+        remote_src: yes
+        dest: "/etc/sudoers_{{ now().strftime('%Y-%m-%d_%H_%M_%S') }}.bak"
+#      register: "sudoers_backup"
+      when: right.stdout == "0"
+#      changed_when: false
+
+    - name: Send sudoers to remote Server
+      copy: src="../files/sudoers" dest=/etc/sudoers
+      when: right.stdout == "0"