2022-12-18 23:43:40 +01:00
|
|
|
---
|
2022-12-20 17:31:37 +01:00
|
|
|
- name: "disable root shell"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.user:
|
|
|
|
|
name: "root"
|
|
|
|
|
shell: "/usr/sbin/nologin"
|
|
|
|
|
|
2022-12-20 17:31:37 +01:00
|
|
|
- name: "disable su for non-wheel users"
|
2022-12-04 15:14:43 +01:00
|
|
|
ansible.builtin.copy:
|
2022-12-20 17:31:37 +01:00
|
|
|
src: "./su"
|
2022-12-04 15:14:43 +01:00
|
|
|
dest: "/etc/pam.d/su"
|
|
|
|
|
mode: 0644
|
