ansible-edda/playbooks/roles/system/base/tasks/include/root.yml

12 lines
247 B
YAML

---
- name: "root : disable root shell"
ansible.builtin.user:
name: "root"
shell: "/usr/sbin/nologin"
- name: "root : disable su for non-wheel users"
ansible.builtin.copy:
src: "./root/su"
dest: "/etc/pam.d/su"
mode: 0644