From baa02069377ad62b655c76b6d58a0f4e06967964 Mon Sep 17 00:00:00 2001
From: "Kenneth Benzie (Benie)" <benie@infektor.net>
Date: Fri, 9 Dec 2022 15:19:40 +0000
Subject: [PATCH] Make sudo role work on macOS

---
 roles/sudo/tasks/main.yaml  | 6 ++++--
 roles/sudo/vars/Darwin.yaml | 3 +++
 roles/sudo/vars/Debian.yaml | 3 +++
 3 files changed, 10 insertions(+), 2 deletions(-)
 create mode 100644 roles/sudo/vars/Darwin.yaml
 create mode 100644 roles/sudo/vars/Debian.yaml

diff --git a/roles/sudo/tasks/main.yaml b/roles/sudo/tasks/main.yaml
index d7b07cc..7e15200 100644
--- a/roles/sudo/tasks/main.yaml
+++ b/roles/sudo/tasks/main.yaml
@@ -2,11 +2,13 @@
 - assert:
     that: ansible_user_id != "root"
 
+- include_vars: '{{ansible_os_family}}.yaml'
+
 - name: create /etc/sudoers.d/{user} config file
   become: true
   template:
     src: sudoers
     dest: '/etc/sudoers.d/{{ansible_user_id}}'
-    owner: root
-    group: root
+    owner: '{{sudo_owner}}'
+    group: '{{sudo_group}}'
     mode: '0440'
diff --git a/roles/sudo/vars/Darwin.yaml b/roles/sudo/vars/Darwin.yaml
new file mode 100644
index 0000000..fd6e3b0
--- /dev/null
+++ b/roles/sudo/vars/Darwin.yaml
@@ -0,0 +1,3 @@
+---
+sudo_owner: root
+sudo_group: wheel
diff --git a/roles/sudo/vars/Debian.yaml b/roles/sudo/vars/Debian.yaml
new file mode 100644
index 0000000..5151339
--- /dev/null
+++ b/roles/sudo/vars/Debian.yaml
@@ -0,0 +1,3 @@
+---
+sudo_owner: root
+sudo_group: root