summaryrefslogtreecommitdiff
path: root/ansible/solace.yml
diff options
context:
space:
mode:
Diffstat (limited to 'ansible/solace.yml')
-rw-r--r--ansible/solace.yml25
1 files changed, 25 insertions, 0 deletions
diff --git a/ansible/solace.yml b/ansible/solace.yml
index b3b7eaa..facada5 100644
--- a/ansible/solace.yml
+++ b/ansible/solace.yml
@@ -30,6 +30,11 @@
tags: [rustup]
tasks:
+ # - shell: |
+ # sed -i 's/NOPASSWD://' /etc/sudoers.d/liw
+ # args:
+ # warn: false
+
# Remove ping to force it be reinstalled so that the right
# capabilities are set.
- apt:
@@ -155,6 +160,26 @@
- name: "update initramfs"
shell: |
update-initramfs -u
+
+ - apt:
+ name:
+ - libpam-yubico
+ # disabled until I don't need Y4 anymore.
+ # - lineinfile:
+ # path: /etc/pam.d/common-auth
+ # regex: pam_yubico.so
+ # line: "auth required pam_yubico.so mode=challenge-response chalresp_path=/etc/yubikey_chalresp"
+ - file:
+ state: directory
+ path: /etc/yubikey_chalresp
+ mode: 0700
+ - copy:
+ content: |
+ {{ lookup('pipe', 'pass libpam-yubico/liw/y6.chalresp') }}
+ dest: "/etc/yubikey_chalresp/liw-{{ lookup('pipe', 'pass libpam-yubico/liw/y6.serial') }}"
+ mode: 0600
+
+
vars:
ansible_python_interpreter: /usr/bin/python3