|
@@ -45,9 +45,19 @@
|
|
|
owner: root
|
|
|
group: root
|
|
|
mode: 0644
|
|
|
register: pam_umask
|
|
|
notify:
|
|
|
- Update PAM configuration
|
|
|
|
|
|
- name: Update PAM configuration # noqa 503
|
|
|
# [503] Tasks that run when changed should likely be handlers
|
|
|
# In order to have consistent behaviour during the first and
|
|
|
# subsequent playbook runs, make sure the PAM configuration is
|
|
|
# updated immediatelly. This way any files created by commands etc
|
|
|
# should end-up with correct permissions straight away.
|
|
|
command: "/usr/sbin/pam-auth-update --package"
|
|
|
when: pam_umask.changed
|
|
|
|
|
|
- name: Set login UMASK
|
|
|
lineinfile:
|
|
|
dest: "/etc/login.defs"
|