ansible-edda/playbooks/tasks/hosts/root-shell.yml

11 lines
208 B
YAML

- name: Disable root shell
user:
name: root
shell: /usr/sbin/nologin
- name: Disable su for non-wheel users
copy:
src: ./filesystem/common/etc/pam.d/su
dest: /etc/pam.d/su
mode: 0644