The_miro
/
Dotfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Dotfiles/setup/modules/FreeipaAnsible/ansible
History
Amir Alexander Abdelbaki 6ad8d0d488 feat(ansipa): add no_local_users device policy to lock all local account passwords 
Adds a new host group policy `no_local_users` that locks the passwords of root
and all local users (UID >= 1000) via `passwd -l`, ensuring only FreeIPA domain
accounts with centrally-managed sudo rules can authenticate and gain elevated
privileges. Leaving the group reverts by unlocking every account tracked in the
state file. Updates docs with group reference entry and Local User Lockdown section.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 		2026-05-20 16:18:48 +02:00
..
ansipa-enforce-policies.sh feat(ansipa): add no_local_users device policy to lock all local account passwords 2026-05-20 16:18:48 +02:00
ansipa-fetch-alerts.sh fix(freeipa): harden container SMB setup and fetch-alerts script 2026-05-20 13:13:53 +02:00
ansipa-install-flatpaks.service setup: add FreeIPA Flatpak group installer (fp_install_* groups) 2026-05-18 11:52:27 +02:00
ansipa-install-flatpaks.sh setup: add FreeIPA Flatpak group installer (fp_install_* groups) 2026-05-18 11:52:27 +02:00
ansipa-install-flatpaks.timer setup: add FreeIPA Flatpak group installer (fp_install_* groups) 2026-05-18 11:52:27 +02:00
ansipa-install-modules.service setup: add freeipa-client module and FreeIPA group-based module automation 2026-05-18 11:40:51 +02:00
ansipa-install-modules.sh setup: add freeipa-client module and FreeIPA group-based module automation 2026-05-18 11:40:51 +02:00
ansipa-install-modules.timer setup: add freeipa-client module and FreeIPA group-based module automation 2026-05-18 11:40:51 +02:00
ansipa-install-packages.sh Add setup/modules/FreeipaAnsible/ansible/ansipa-install-packages.sh 2026-04-27 16:44:59 +02:00
ansipa-install.service Add setup/modules/FreeipaAnsible/ansible/ansipa-install.service 2026-04-27 16:44:01 +02:00
ansipa-install.timer Add setup/modules/FreeipaAnsible/ansible/ansipa-install.timer 2026-04-27 16:44:18 +02:00
ansipa-scan-notify.sh feat(freeipa): scan result reporting, alert notifications, and SMB share 2026-05-20 12:32:21 +02:00
auto-add-baseuser.sh Update setup/modules/FreeipaAnsible/ansible/auto-add-baseuser.sh 2026-04-27 16:37:39 +02:00
baseuser-sync.path Add setup/modules/FreeipaAnsible/ansible/baseuser-sync.path 2026-04-27 16:39:11 +02:00
baseuser-sync.service Add setup/modules/FreeipaAnsible/ansible/baseuser-sync.service 2026-04-27 16:38:37 +02:00
collect-luks-keys.yml feat(ansipa): store LUKS backup keys on SMB share with KeyAdmin access control 2026-05-20 15:33:17 +02:00
deploy-ansipa-install.yml setup: add FreeIPA Flatpak group installer (fp_install_* groups) 2026-05-18 11:52:27 +02:00
deploy-ansipa-modules.yml setup: add freeipa-client module and FreeIPA group-based module automation 2026-05-18 11:40:51 +02:00
deploy-ansipa-policies.yml feat(ansipa): add daemon enable/disable policy via host-group regex 2026-05-20 15:25:15 +02:00
deploy-baseuser-sync.yml Add setup/modules/FreeipaAnsible/ansible/deploy-baseuser-sync.yml 2026-04-27 16:39:34 +02:00
manage-sudo-rules.yml feat(freeipa): add policy enforcement for binary blocking, backups, scans, and sudo 2026-05-20 11:34:09 +02:00