internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-11 11:15:55 +00:00
Code Issues Projects Releases Wiki Activity

ipasudocmdgroup: Fix creation of sudocmdgroups with sudocmds.

Browse Source 
This PR fixes the creation of sudocmdgroups when the sudocmds are
specified, allowing groups to be created with sudocmd members in a
single task.

Fix issue #440.
This commit is contained in:
Rafael Guterres Jeffman
2020-11-18 16:18:32 -03:00
parent b9ec5613f5
commit d6700b964f
2 changed files with 69 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
tests/sudocmdgroup/test_sudocmdgroup.yml
View File

@@ -1,5 +1,4 @@
---
- name: Test sudocmdgroup
hosts: ipaserver
become: true
@@ -53,6 +52,57 @@
register: result
failed_when: result.changed
- name: Ensure sudocmdgroup is present, with sudocmds.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup is present, with sudocmds, again.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: result.changed
- name: Verify sudocmdgroup creation with sudocmds
block:
- name: Get Kerberos ticket for `admin`.
shell: echo SomeADMINpassword | kinit -c test_sudocmdgroup_krb5ccname admin
- name: Check sudocmdgroup-show output.
shell: ipa sudocmdgroup-show network --all
register: result
failed_when: result.failed or not("/usr/sbin/ifconfig" in result.stdout and "/usr/sbin/iwlist" in result.stdout)
- name: Destroy Kerberos tickets.
shell: kdestroy -A -q -c test_sudocmdgroup_krb5ccname
- name: Ensure sudocmdgroup, with sudocmds, is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup, with sudocmds, is absent again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: result.changed
- name: Ensure testing sudocmdgroup is present
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword