user: fix default non-system user's shell on macOS

7 years ago · 32d6b1d0e0
parent 22c8522cbf
commit 32d6b1d0e0
3 changed files with 58 additions and 12 deletions
--- a/lib/ansible/modules/system/user.py
+++ b/lib/ansible/modules/system/user.py
@ -76,6 +76,9 @@ options:
        required: false
        description:
            - Optionally set the user's shell.
+            - On Mac OS X, before version 2.5, the default shell for non-system users was
+              /usr/bin/false. Since 2.5, the default shell for non-system users on
+              Mac OS X is /bin/bash.
    home:
        required: false
        description:
@ -1763,6 +1766,11 @@ class DarwinUser(User):
                    os.makedirs(self.home)
                self.chown_homedir(int(self.uid), int(self.group), self.home)

+        # dscl sets shell to /usr/bin/false when UserShell is not specified
+        # so set the shell to /bin/bash when the user is not a system user
+        if not self.system and self.shell is None:
+            self.shell = '/bin/bash'
+
        for field in self.fields:
            if field[0] in self.__dict__ and self.__dict__[field[0]]:

--- a/test/integration/targets/become/tasks/su.yml
+++ b/test/integration/targets/become/tasks/su.yml
@ -4,18 +4,6 @@
  become_method: su
  user:
    name: "{{ become_test_user }}"
-  when: ansible_distribution != "MacOSX"
-
-
- name: Create test user (become_method=su)
-  become: True
-  become_user: root
-  become_method: su
-  user:
-    name: "{{ become_test_user }}"
-    # explicitly set user shell since the default shell on OS X is /usr/bin/false
-    shell: /bin/bash
-  when: ansible_distribution == "MacOSX"

 - name: test becoming user (become_method=su)
  shell: whoami
--- a/test/integration/targets/user/tasks/main.yml
+++ b/test/integration/targets/user/tasks/main.yml
@ -108,3 +108,53 @@
  assert:
      that:
          - '"ansibulluser" not in user_names2.stdout_lines'
+
+
+- block:
+    - name: create non-system user on OSX to test the shell is set to /bin/bash
+      user:
+        name: osxuser
+      register: osxuser_output
+
+    - name: validate the shell is set to /bin/bash
+      assert:
+        that:
+          - 'osxuser_output.shell == "/bin/bash"'
+
+    - name: cleanup
+      user:
+        name: osxuser
+        state: absent
+
+    - name: create system user on OSX to test the shell is set to /usr/bin/false
+      user:
+        name: osxuser
+        system: yes
+      register: osxuser_output
+
+    - name: validate the shell is set to /usr/bin/false
+      assert:
+        that:
+          - 'osxuser_output.shell == "/usr/bin/false"'
+
+    - name: cleanup
+      user:
+        name: osxuser
+        state: absent
+
+    - name: create non-system user on OSX and set the shell to /bin/sh
+      user:
+        name: osxuser
+        shell: /bin/sh
+      register: osxuser_output
+
+    - name: validate the shell is set to /bin/sh
+      assert:
+        that:
+          - 'osxuser_output.shell == "/bin/sh"'
+
+    - name: cleanup
+      user:
+        name: osxuser
+        state: absent
+  when: ansible_distribution == "MacOSX"