nounou → _nounou

eacbef79 · shirenn · 385650b9 · eacbef79 · eacbef79 · eacbef79
Commit eacbef79 authored 3 years ago by shirenn 🌊
--- a/host_vars/re2o.adm.crans.org.yml
+++ b/host_vars/re2o.adm.crans.org.yml
@@ -6,7 +6,7 @@ interfaces:

 loc_re2o:
  owner: root
-  group: nounou
+  group: _nounou
  version: master_freeradius_python3
  settings_local_owner: www-data
-  settings_local_group: nounou
+  settings_local_group: _nounou
--- a/host_vars/routeur-sam.adm.crans.org.yml
+++ b/host_vars/routeur-sam.adm.crans.org.yml
@@ -22,7 +22,7 @@ loc_keepalived:

 loc_re2o:
  owner: freerad
-  group: nounou
+  group: _nounou
  version: master_freeradius_python3
  settings_local_owner: freerad
-  settings_local_group: nounou
+  settings_local_group: _nounou
--- a/roles/crans-scripts/tasks/main.yml
+++ b/roles/crans-scripts/tasks/main.yml
@@ -5,13 +5,13 @@
    state: directory
    mode: "2775"
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for scripts directory
  acl:
    path: /usr/scripts
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/dns/tasks/main.yml
+++ b/roles/dns/tasks/main.yml
@@ -17,13 +17,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for dns directory
  acl:
    path: /var/local/dns
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/firewall/tasks/main.yml
+++ b/roles/firewall/tasks/main.yml
@@ -17,13 +17,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for firewall directory
  acl:
    path: /var/local/firewall
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/home/tasks/main.yml
+++ b/roles/home/tasks/main.yml
@@ -16,13 +16,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for home directory
  acl:
    path: /var/local/home
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/re2o-dhcp/tasks/main.yml
+++ b/roles/re2o-dhcp/tasks/main.yml
@@ -5,13 +5,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for re2o-dhcp directory
  acl:
    path: /var/local/re2o-services/dhcp
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/re2o-mail-server/tasks/main.yml
+++ b/roles/re2o-mail-server/tasks/main.yml
@@ -5,13 +5,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for re2o-mail-server directory
  acl:
    path: /var/local/re2o-services/mail-server
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/re2o-notif-users/tasks/main.yml
+++ b/roles/re2o-notif-users/tasks/main.yml
@@ -5,13 +5,13 @@
    state: directory
    mode: '2775'
    owner: root
-    group: nounou
+    group: _nounou

 - name: Set ACL for re2o-notif-users directory
  acl:
    path: /var/local/re2o-services/notif-users
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/re2o/tasks/main.yml
+++ b/roles/re2o/tasks/main.yml
@@ -41,7 +41,7 @@
  acl:
    path: /var/www/re2o
    default: true
-    entity: nounou
+    entity: _nounou
    etype: group
    permissions: rwx
    state: query

--- a/roles/slapd/templates/ldap/slapd.conf.j2
+++ b/roles/slapd/templates/ldap/slapd.conf.j2
@@ -162,13 +162,13 @@ overlay syncprov
 access to attrs=userPassword,shadowLastChange
        by anonymous auth
        by self write
-        by set="[cn=nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
+        by set="[cn=_nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
        by dn="cn=replicator,dc=crans,dc=org" read
        by * none

 access to attrs=loginShell,mail,telephoneNumber
        by self write
-        by set="[cn=nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
+        by set="[cn=_nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
        by dn="cn=replicator,dc=crans,dc=org" read
        by * read

@@ -186,7 +186,7 @@ access to dn.base="" by * read
 # The admin dn has full write access, everyone else
 # can read everything.
 access to *
-        by set="[cn=nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
+        by set="[cn=_nounou,ou=group,dc=crans,dc=org]/memberUid & user/uid" write
        by dn="cn=replicator,dc=crans,dc=org" read
        by * read
 {% endif %}

--- a/roles/sudo/templates/sudoers.d/group_privilege.j2
+++ b/roles/sudo/templates/sudoers.d/group_privilege.j2
 {{ ansible_header | comment }}
 # Group privilege specification
-%nounou    ALL=(ALL:ALL) ALL
+NOUNOU    ALL=(ALL:ALL) ALL
--- a/roles/sudo/templates/sudoers.j2
+++ b/roles/sudo/templates/sudoers.j2
@@ -7,8 +7,8 @@ Defaults	mail_badpass
 Defaults	secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

 # Host alias specification
-User_Alias    USERS= %user
-User_Alias    NOUNOUS= %nounou
+User_Alias    USERS= %_user
+User_Alias    NOUNOUS= %_nounou

 # User alias specification