# Verify passwordful su behaviour # Ansible can't handle this on OS X. I don't care why. - name: integration/become/su_password.yml hosts: test-targets become_method: su any_errors_fatal: true tasks: - name: Ensure su password absent but required. shell: whoami become: true become_user: mitogen__user1 register: out ignore_errors: true when: is_mitogen - assert: that: - out.failed - ( ('password is required' in out.msg) or ('password is required' in out.module_stderr) ) fail_msg: out={{out}} when: is_mitogen - name: Ensure password su incorrect. shell: whoami become: true become_user: mitogen__user1 register: out vars: ansible_become_pass: nopes ignore_errors: true when: is_mitogen - assert: that: | out.failed and ( ('Incorrect su password' in out.msg) or ('su password is incorrect' in out.msg) ) fail_msg: out={{out}} when: is_mitogen - name: Ensure password su succeeds. shell: whoami become: true become_user: mitogen__user1 register: out vars: ansible_become_pass: user1_password when: is_mitogen - assert: that: - out.stdout == 'mitogen__user1' fail_msg: out={{out}} when: is_mitogen tags: - su - su_password