diff options
Diffstat (limited to 'ansible/solace.yml')
-rw-r--r-- | ansible/solace.yml | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/ansible/solace.yml b/ansible/solace.yml index b3b7eaa..facada5 100644 --- a/ansible/solace.yml +++ b/ansible/solace.yml @@ -30,6 +30,11 @@ tags: [rustup] tasks: + # - shell: | + # sed -i 's/NOPASSWD://' /etc/sudoers.d/liw + # args: + # warn: false + # Remove ping to force it be reinstalled so that the right # capabilities are set. - apt: @@ -155,6 +160,26 @@ - name: "update initramfs" shell: | update-initramfs -u + + - apt: + name: + - libpam-yubico + # disabled until I don't need Y4 anymore. + # - lineinfile: + # path: /etc/pam.d/common-auth + # regex: pam_yubico.so + # line: "auth required pam_yubico.so mode=challenge-response chalresp_path=/etc/yubikey_chalresp" + - file: + state: directory + path: /etc/yubikey_chalresp + mode: 0700 + - copy: + content: | + {{ lookup('pipe', 'pass libpam-yubico/liw/y6.chalresp') }} + dest: "/etc/yubikey_chalresp/liw-{{ lookup('pipe', 'pass libpam-yubico/liw/y6.serial') }}" + mode: 0600 + + vars: ansible_python_interpreter: /usr/bin/python3 |