You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
- hosts : testhost
gather_facts : no
tasks :
- name : make sure the test user is available
include_role :
name : setup_test_user
- name : verify AnsibleModule works when cwd is missing
test_cwd_missing :
register : missing
- name : record the mode of the connection user's home directory
stat :
path : "~"
vars :
ansible_become : no
register : connection_user_home
- name : limit access to the connection user's home directory
file :
state : directory
path : "{{ connection_user_home.stat.path }}"
mode : "0700"
vars :
ansible_become : no
- block :
- name : verify AnsibleModule works when cwd is unreadable
test_cwd_unreadable :
register : unreadable
vars : &test_user_become
ansible_become : yes
ansible_become_user : "{{ test_user_name }}" # root can read cwd regardless of permissions, so a non-root user is required here
ansible_become_password : "{{ test_user_plaintext_password }}"
always :
- name : restore access to the connection user's home directory
file :
state : directory
path : "{{ connection_user_home.stat.path }}"
mode : "{{ connection_user_home.stat.mode }}"
vars :
ansible_become : no
- name : get real path of home directory of the unprivileged user
raw : "{{ ansible_python_interpreter }} -c 'import os.path; print(os.path.realpath(os.path.expanduser(\"~\")))'"
register : home
vars : *test_user_become
- name : verify AnsibleModule was able to adjust cwd as expected
assert :
that :
- missing.before != missing.after
- unreadable.before != unreadable.after or unreadable.before == '/' or unreadable.before == home.stdout.strip() # allow / and $HOME fallback on macOS when using an unprivileged user
