mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
113 lines
3.6 KiB
YAML
113 lines
3.6 KiB
YAML
# Test setting epoch 0 expiration when creating a new account, then removing the expiry
|
|
# https://github.com/ansible/ansible/issues/47114
|
|
- name: Remove ansibulluser
|
|
user:
|
|
name: ansibulluser
|
|
state: absent
|
|
|
|
- name: Create user account with epoch 0 expiration
|
|
user:
|
|
name: ansibulluser
|
|
state: present
|
|
expires: 0
|
|
register: user_test_expires_create0_1
|
|
|
|
- name: Create user account with epoch 0 expiration again
|
|
user:
|
|
name: ansibulluser
|
|
state: present
|
|
expires: 0
|
|
register: user_test_expires_create0_2
|
|
|
|
- name: Change the user account to remove the expiry time
|
|
user:
|
|
name: ansibulluser
|
|
expires: -1
|
|
register: user_test_remove_expires_1
|
|
|
|
- name: Change the user account to remove the expiry time again
|
|
user:
|
|
name: ansibulluser
|
|
expires: -1
|
|
register: user_test_remove_expires_2
|
|
|
|
|
|
- name: Verify un expiration date for Linux
|
|
block:
|
|
- name: LINUX | Ensure changes were made appropriately
|
|
assert:
|
|
msg: Creating an account with 'expries=0' then removing that expriation with 'expires=-1' resulted in incorrect changes
|
|
that:
|
|
- user_test_expires_create0_1 is changed
|
|
- user_test_expires_create0_2 is not changed
|
|
- user_test_remove_expires_1 is changed
|
|
- user_test_remove_expires_2 is not changed
|
|
|
|
- name: LINUX | Get expiration date for ansibulluser
|
|
getent:
|
|
database: shadow
|
|
key: ansibulluser
|
|
|
|
- name: LINUX | Ensure proper expiration date was set
|
|
assert:
|
|
msg: "expiry is supposed to be empty or -1, not {{ getent_shadow['ansibulluser'][6] }}"
|
|
that:
|
|
- not getent_shadow['ansibulluser'][6] or getent_shadow['ansibulluser'][6] | int < 0
|
|
when: ansible_facts.os_family in ['RedHat', 'Debian', 'Suse']
|
|
|
|
|
|
- name: Verify proper expiration behavior for BSD
|
|
block:
|
|
- name: BSD | Ensure changes were made appropriately
|
|
assert:
|
|
msg: Creating an account with 'expries=0' then removing that expriation with 'expires=-1' resulted in incorrect changes
|
|
that:
|
|
- user_test_expires_create0_1 is changed
|
|
- user_test_expires_create0_2 is not changed
|
|
- user_test_remove_expires_1 is not changed
|
|
- user_test_remove_expires_2 is not changed
|
|
when: ansible_facts.os_family == 'FreeBSD'
|
|
|
|
|
|
# Test expiration with a very large negative number. This should have the same
|
|
# result as setting -1.
|
|
- name: Set expiration date using very long negative number
|
|
user:
|
|
name: ansibulluser
|
|
state: present
|
|
expires: -2529881062
|
|
register: user_test_expires5
|
|
|
|
- name: Ensure no change was made
|
|
assert:
|
|
that:
|
|
- user_test_expires5 is not changed
|
|
|
|
- name: Verify un expiration date for Linux
|
|
block:
|
|
- name: LINUX | Get expiration date for ansibulluser
|
|
getent:
|
|
database: shadow
|
|
key: ansibulluser
|
|
|
|
- name: LINUX | Ensure proper expiration date was set
|
|
assert:
|
|
msg: "expiry is supposed to be empty or -1, not {{ getent_shadow['ansibulluser'][6] }}"
|
|
that:
|
|
- not getent_shadow['ansibulluser'][6] or getent_shadow['ansibulluser'][6] | int < 0
|
|
when: ansible_facts.os_family in ['RedHat', 'Debian', 'Suse']
|
|
|
|
- name: Verify un expiration date for BSD
|
|
block:
|
|
- name: BSD | Get expiration date for ansibulluser
|
|
shell: 'grep ansibulluser /etc/master.passwd | cut -d: -f 7'
|
|
changed_when: no
|
|
register: bsd_account_expiration
|
|
|
|
- name: BSD | Ensure proper expiration date was set
|
|
assert:
|
|
msg: "expiry is supposed to be '0', not {{ bsd_account_expiration.stdout }}"
|
|
that:
|
|
- bsd_account_expiration.stdout == '0'
|
|
when: ansible_facts.os_family == 'FreeBSD'
|