From 2d1a06551cce5cf4f35cdaef6d7a7e90ac79c83b Mon Sep 17 00:00:00 2001 From: Marco Ochse Date: Fri, 30 Jun 2023 13:15:30 +0200 Subject: [PATCH] tweak installer, playbooks --- install.sh | 19 ++++++++++--------- installer/install/sudo.yml | 1 + installer/install/tpot.yml | 3 +++ installer/remove/sudo.yml | 1 + installer/remove/tpot.yml | 2 ++ 5 files changed, 17 insertions(+), 9 deletions(-) diff --git a/install.sh b/install.sh index dcb1fd19..95c52814 100755 --- a/install.sh +++ b/install.sh @@ -53,10 +53,12 @@ case $myCURRENT_DISTRIBUTION in "Debian GNU/Linux"|"Ubuntu") if ! command -v sudo >/dev/null; then - echo "### ‘sudo‘ is not installed. To continue you need to provide the ‘root‘ password ... " - echo "### ... or press CTRL-C to manually install ‘sudo‘ and add your user to the sudoers." - su -c "apt -y update && apt -y install sudo ${myPACKAGES}" + echo "### ‘sudo‘ is not installed. To continue you need to provide the ‘root‘ password ... " + echo "### ... or press CTRL-C to manually install ‘sudo‘ and add your user to the sudoers." + su -c "apt -y update && apt -y install sudo ${myPACKAGES}" su -c "/usr/sbin/usermod -aG sudo $(whoami)" + # Refresh groups, so sudo is directly usable + newgrp sudo else sudo apt update sudo apt install -y ${myPACKAGES} @@ -71,17 +73,17 @@ case $myCURRENT_DISTRIBUTION in esac echo -# Check if passwordless sudo access is available +# Check if sudo access is available sudo -n true > /dev/null 2>&1 if [ $? -eq 1 ]; then - myANSIBLE_BECOME_OPTION="--become" - echo "### ‘sudo‘ is setup passwordless, setting ansible become option to ${myANSIBLE_BECOME_OPTION}." - echo - else myANSIBLE_BECOME_OPTION="--ask-become-pass" echo "### ‘sudo‘ is setup with password, setting ansible become option to ${myANSIBLE_BECOME_OPTION}." echo + else + myANSIBLE_BECOME_OPTION="--become" + echo "### ‘sudo‘ is usable without password, setting ansible become option to ${myANSIBLE_BECOME_OPTION}." + echo fi # Download tpot.yml if not found locally @@ -115,4 +117,3 @@ echo "SMTP, HTTP, etc. might prevent T-Pot from starting." echo "Done. Please reboot and re-connect via SSH on tcp/64295." echo - diff --git a/installer/install/sudo.yml b/installer/install/sudo.yml index a06fdd1e..028168cb 100644 --- a/installer/install/sudo.yml +++ b/installer/install/sudo.yml @@ -3,6 +3,7 @@ - name: On Debian, check if sudo is installed hosts: all gather_facts: true + become: false pre_tasks: - name: Check for non-root user id diff --git a/installer/install/tpot.yml b/installer/install/tpot.yml index 0361595c..8b9c65d8 100644 --- a/installer/install/tpot.yml +++ b/installer/install/tpot.yml @@ -6,6 +6,8 @@ - name: T-Pot Abort if run as root hosts: all gather_facts: true + become: false + pre_tasks: - name: Check if running as root assert: @@ -312,6 +314,7 @@ - name: T-Pot - Adjust group users, bashrc, clone / update T-Pot repository hosts: all gather_facts: true + become: false tasks: - name: Add aliases (All) diff --git a/installer/remove/sudo.yml b/installer/remove/sudo.yml index c5eec00c..c6f4201d 100644 --- a/installer/remove/sudo.yml +++ b/installer/remove/sudo.yml @@ -3,6 +3,7 @@ - name: On Debian, remove sudo hosts: all gather_facts: true + become: false pre_tasks: - name: Check for non-root user id diff --git a/installer/remove/tpot.yml b/installer/remove/tpot.yml index cab26e90..9ab3bda5 100644 --- a/installer/remove/tpot.yml +++ b/installer/remove/tpot.yml @@ -6,6 +6,7 @@ - name: T-Pot Abort if run as root hosts: all gather_facts: true + become: false pre_tasks: - name: Check if running as root @@ -27,6 +28,7 @@ - name: T-Pot - Remove group users, bashrc hosts: all gather_facts: true + become: false tasks: - name: Remove aliases (All)