For one of my learning projects I needed have passwordless sudo access for a user and group (my sys-admin brain goes "urg urg!").
- sudo access to a group which does not have sudo power
- sudo access to a user who does not have a sudo power, not a part of any of the sudoers group (ex: wheel)
Here is an example of the ansible-playbook which gives password less sudo access to a group.
--- - name: Using the copy module hosts: all become: yes tasks: - name: Create devops group group: name: devops state: present - name: Create devops user user: name: devops group: devops - name: Give sudo access to devops user blockinfile: path: /etc/sudoers insertafter: 'root ALL=(ALL) ALL' block: | # Gives sudo access to the devops group %devops ALL=(ALL) NOPASSWD: ALL
devops user, a member of
devops group. With the following task gave the sudo access to the devops group. Added
devops group in the `/etc/sudoers’ file.
This passwordless sudo access might be good and necessary for labs to practice & learn. But is not advicable at any point of time to perform the same for any network connected system.