mirror of https://github.com/ansible/ansible.git
You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
182 lines
4.0 KiB
YAML
182 lines
4.0 KiB
YAML
---
|
|
- name: Create with passphrase1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
become: yes
|
|
|
|
- name: Open with passphrase1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is not failed
|
|
- name: Close
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
become: yes
|
|
|
|
- name: Give access with ambiguous new_ arguments
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
new_passphrase: "{{ cryptfile_passphrase2 }}"
|
|
new_keyfile: "{{ role_path }}/files/keyfile1"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: new_try
|
|
- assert:
|
|
that:
|
|
- new_try is failed
|
|
|
|
- name: Try to open with passphrase2
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase2 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is failed
|
|
|
|
- name: Give access to passphrase2
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
new_passphrase: "{{ cryptfile_passphrase2 }}"
|
|
become: yes
|
|
|
|
- name: Open with passphrase2
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase2 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is not failed
|
|
- name: Close
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
become: yes
|
|
|
|
- name: Try to open with keyfile1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
keyfile: "{{ role_path }}/files/keyfile1"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is failed
|
|
|
|
- name: Give access to keyfile1 from passphrase1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
new_keyfile: "{{ role_path }}/files/keyfile1"
|
|
become: yes
|
|
|
|
- name: Remove access with ambiguous remove_ arguments
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
remove_keyfile: "{{ role_path }}/files/keyfile1"
|
|
remove_passphrase: "{{ cryptfile_passphrase1 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: remove_try
|
|
- assert:
|
|
that:
|
|
- remove_try is failed
|
|
|
|
- name: Open with keyfile1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
keyfile: "{{ role_path }}/files/keyfile1"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is not failed
|
|
- name: Close
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
become: yes
|
|
|
|
- name: Remove access for passphrase1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
remove_passphrase: "{{ cryptfile_passphrase1 }}"
|
|
become: yes
|
|
|
|
- name: Try to open with passphrase1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase1 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is failed
|
|
|
|
- name: Try to open with passphrase3
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase3 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is failed
|
|
|
|
- name: Give access to passphrase3 from keyfile1
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
keyfile: "{{ role_path }}/files/keyfile1"
|
|
new_passphrase: "{{ cryptfile_passphrase3 }}"
|
|
become: yes
|
|
|
|
- name: Open with passphrase3
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: opened
|
|
passphrase: "{{ cryptfile_passphrase3 }}"
|
|
become: yes
|
|
ignore_errors: yes
|
|
register: open_try
|
|
- assert:
|
|
that:
|
|
- open_try is not failed
|
|
- name: Close
|
|
luks_device:
|
|
device: "{{ cryptfile_device }}"
|
|
state: closed
|
|
become: yes
|