From eaf63c93605e4bb8837f317d37a77fb6ef9a39a4 Mon Sep 17 00:00:00 2001
From: Andrew Schoen <aschoen@redhat.com>
Date: Fri, 17 Apr 2015 09:59:38 -0500
Subject: [PATCH] Ensure sudoers.d will work with ansible_managed.yml.

If the includedir directive isn't enabled in /etc/sudoers then our
custom cephlab_sudo file in sudoers.d won't be loaded.  This means that
our new ansible user can't use sudo and nothing works.

Signed-off-by: Andrew Schoen <aschoen@redhat.com>
---
 roles/ansible-managed/tasks/main.yml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/roles/ansible-managed/tasks/main.yml b/roles/ansible-managed/tasks/main.yml
index 50856e5..08a7ad6 100644
--- a/roles/ansible-managed/tasks/main.yml
+++ b/roles/ansible-managed/tasks/main.yml
@@ -9,6 +9,15 @@
     name: "{{ ansible_user }}"
     group: sudo
 
+- name: Ensure includedir is present in sudoers.
+  lineinfile:
+    dest: /etc/sudoers
+    line: "#includedir /etc/sudoers.d"
+    regexp: "#includedir /etc/sudoers.d"
+    backrefs: yes
+    state: present
+    validate: visudo -cf %s
+
 - name: Create the cephlab_sudo sudoers.d file.
   template:
     src: cephlab_sudo
-- 
2.39.5