issue #477: build a CentOS 5/Py2.4 container + playbook compat fixes.

tests/data/docker/001-mitogen.sudo

@@ -1,9 +0,0 @@
-
-# https://www.toofishes.net/blog/trouble-sudoers-or-last-entry-wins/
-%mitogen__sudo_nopw ALL=(ALL:ALL) NOPASSWD:ALL
-mitogen__has_sudo_nopw ALL = (mitogen__pw_required) ALL
-mitogen__has_sudo_nopw ALL = (mitogen__require_tty_pw_required) ALL
-
-Defaults>mitogen__pw_required targetpw
-Defaults>mitogen__require_tty requiretty
-Defaults>mitogen__require_tty_pw_required requiretty,targetpw

tests/image_prep/_container_setup.yml

@@ -22,7 +22,6 @@
 
     packages:
       common:
-        - git
         - openssh-server
         - rsync
         - strace
@@ -32,6 +31,9 @@
           - libjson-perl
           - python-virtualenv
       CentOS:
+        "5":
+        - sudo
+          #- perl-JSON  -- skipped on CentOS 5, packages are a pain.
         "6":
           - perl-JSON
         "7":
@@ -91,9 +93,23 @@
         dest: /etc/ssh/banner.txt
         src: ../data/docker/ssh_login_banner.txt
 
-    - copy:
+    - name: Ensure /etc/sudoers.d exists
-        dest: /etc/sudoers.d/001-mitogen
+      file:
-        src: ../data/docker/001-mitogen.sudo
+        state: directory
+        path: /etc/sudoers.d
+        mode: 'u=rwx,go='
+
+    - blockinfile:
+        path: /etc/sudoers
+        block: |
+          # https://www.toofishes.net/blog/trouble-sudoers-or-last-entry-wins/
+          %mitogen__sudo_nopw ALL=(ALL:ALL) NOPASSWD:ALL
+          mitogen__has_sudo_nopw ALL = (mitogen__pw_required) ALL
+          mitogen__has_sudo_nopw ALL = (mitogen__require_tty_pw_required) ALL
+
+          Defaults>mitogen__pw_required targetpw
+          Defaults>mitogen__require_tty requiretty
+          Defaults>mitogen__require_tty_pw_required requiretty,targetpw
 
     - lineinfile:
         path: /etc/sudoers

tests/image_prep/_user_accounts.yml

@@ -67,18 +67,18 @@
           shell: /bin/bash
           groups: "{{user_groups[item]|default(['mitogen__group'])}}"
           password: "{{ (item + '_password') | password_hash('sha256') }}"
-        loop: "{{all_users}}"
+        with_items: "{{all_users}}"
         when: ansible_system != 'Darwin'
       - user:
           name: "mitogen__{{item}}"
           shell: /bin/bash
           groups: "{{user_groups[item]|default(['mitogen__group'])}}"
           password: "{{item}}_password"
-        loop: "{{all_users}}"
+        with_items: "{{all_users}}"
         when: ansible_system == 'Darwin'
 
     - name: Hide users from login window.
-      loop: "{{all_users}}"
+      with_items: "{{all_users}}"
       when: ansible_system == 'Darwin'
       osx_defaults:
         array_add: true
@@ -149,4 +149,4 @@
       lineinfile:
         path: /etc/sudoers
         line: "{{lookup('pipe', 'whoami')}} ALL = (mitogen__{{item}}) NOPASSWD:ALL"
-      loop: "{{normal_users}}"
+      with_items: "{{normal_users}}"

tests/image_prep/build_docker_images.py

@@ -25,9 +25,10 @@ def sh(s, *args):
 label_by_id = {}
 
 for base_image, label in [
-        ('debian:stretch', 'debian'),  # Python 2.7.13, 3.5.3
+        ('astj/centos5-vault', 'centos5'),  # Python 2.4.3
-        ('centos:6', 'centos6'),       # Python 2.6.6
+        ('debian:stretch', 'debian'),       # Python 2.7.13, 3.5.3
-        ('centos:7', 'centos7')        # Python 2.7.5
+        ('centos:6', 'centos6'),            # Python 2.6.6
+        ('centos:7', 'centos7')             # Python 2.7.5
     ]:
     args = sh('docker run --rm -it -d -h mitogen-%s %s /bin/bash',
               label, base_image)

tests/image_prep/setup.yml

@@ -10,5 +10,5 @@
         Ubuntu: sudo
         CentOS: wheel
 
-- import_playbook: _container_setup.yml
+- include: _container_setup.yml
-- import_playbook: _user_accounts.yml
+- include: _user_accounts.yml