ipa_sudocmd - Manage FreeIPA sudo command

New in version 2.3.

Synopsis
Parameters
Examples
Return Values
Status
- Author

Synopsis

Add, modify or delete sudo command within FreeIPA server using FreeIPA API.

Parameters

Parameter	Choices/Defaults	Comments
description		A description of this command.
ipa_host	Default: ipa.example.com	IP or hostname of IPA server. If the value is not specified in the task, the value of environment variable `IPA_HOST` will be used instead. If both the environment variable `IPA_HOST` and the value are not specified in the task, then default value is set. Environment variable fallback mechanism is added in version 2.5.
ipa_pass required		Password of administrative user. If the value is not specified in the task, the value of environment variable `IPA_PASS` will be used instead. If both the environment variable `IPA_PASS` and the value are not specified in the task, then default value is set. Environment variable fallback mechanism is added in version 2.5.
ipa_port	Default: 443	Port of FreeIPA / IPA server. If the value is not specified in the task, the value of environment variable `IPA_PORT` will be used instead. If both the environment variable `IPA_PORT` and the value are not specified in the task, then default value is set. Environment variable fallback mechanism is added in version 2.5.
ipa_prot	Choices: http https ←	Protocol used by IPA server. If the value is not specified in the task, the value of environment variable `IPA_PROT` will be used instead. If both the environment variable `IPA_PROT` and the value are not specified in the task, then default value is set. Environment variable fallback mechanism is added in version 2.5.
ipa_user	Default: admin	Administrative account used on IPA server. If the value is not specified in the task, the value of environment variable `IPA_USER` will be used instead. If both the environment variable `IPA_USER` and the value are not specified in the task, then default value is set. Environment variable fallback mechanism is added in version 2.5.
state	Choices: present ← absent	State to ensure
sudocmd required		Sudo Command. aliases: name
validate_certs	Default: yes	This only applies if `ipa_prot` is https. If set to `no`, the SSL certificates will not be validated. This should only set to `no` used on personally controlled sites using self-signed certificates.

Examples

# Ensure sudo command exists
- ipa_sudocmd:
    name: su
    description: Allow to run su via sudo
    ipa_host: ipa.example.com
    ipa_user: admin
    ipa_pass: topsecret

# Ensure sudo command does not exist
- ipa_sudocmd:
    name: su
    state: absent
    ipa_host: ipa.example.com
    ipa_user: admin
    ipa_pass: topsecret

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key	Returned	Description
sudocmd dict	always	Sudo command as return from IPA API

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Author

Thomas Krahn (@Nosmoht)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.5/modules/ipa_sudocmd_module.html