internet/ansible-freeipa
4
0
Fork 0
mirror of https://github.com/freeipa/ansible-freeipa.git synced 2026-06-11 03:05:54 +00:00
Code Issues Projects Releases Wiki Activity
Files
d6700b964f743f57cebb2c49dad1dd1a31b99f86
ansible-freeipa/tests/sudocmdgroup/test_sudocmdgroup.yml
Rafael Guterres Jeffman d6700b964f ipasudocmdgroup: Fix creation of sudocmdgroups with sudocmds. 
This PR fixes the creation of sudocmdgroups when the sudocmds are
specified, allowing groups to be created with sudocmd members in a
single task.

Fix issue #440.
2020-11-25 14:47:24 -03:00

215 lines
5.6 KiB
YAML
Raw Blame History

---
- name: Test sudocmdgroup
hosts: ipaserver
become: true
gather_facts: false
tasks:
- name: Ensure sudocmds are present
ipasudocmd:
ipaadmin_password: SomeADMINpassword
name:
- /usr/bin/su
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
- name: Ensure sudocmdgroup is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
- name: Ensure sudocmdgroup is present
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: present
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup is present again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: present
register: result
failed_when: result.changed
- name: Ensure sudocmdgroup is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup is absent again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: result.changed
- name: Ensure sudocmdgroup is present, with sudocmds.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup is present, with sudocmds, again.
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
state: present
register: result
failed_when: result.changed
- name: Verify sudocmdgroup creation with sudocmds
block:
- name: Get Kerberos ticket for `admin`.
shell: echo SomeADMINpassword | kinit -c test_sudocmdgroup_krb5ccname admin
- name: Check sudocmdgroup-show output.
shell: ipa sudocmdgroup-show network --all
register: result
failed_when: result.failed or not("/usr/sbin/ifconfig" in result.stdout and "/usr/sbin/iwlist" in result.stdout)
- name: Destroy Kerberos tickets.
shell: kdestroy -A -q -c test_sudocmdgroup_krb5ccname
- name: Ensure sudocmdgroup, with sudocmds, is absent
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: not result.changed
- name: Ensure sudocmdgroup, with sudocmds, is absent again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: absent
register: result
failed_when: result.changed
- name: Ensure testing sudocmdgroup is present
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
state: present
register: result
failed_when: not result.changed
- name: Ensure sudo commands are present in existing sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
register: result
failed_when: not result.changed
- name: Ensure sudo commands are present in existing sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
register: result
failed_when: result.changed
- name: Ensure sudo commands are absent in existing sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: not result.changed
- name: Ensure sudo commands are absent in existing sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: result.changed
- name: Ensure sudo commands are present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
- /usr/sbin/iwlist
action: member
state: present
register: result
failed_when: not result.changed
- name: Ensure one sudo command is not present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
action: member
state: absent
register: result
failed_when: not result.changed
- name: Ensure one sudo command is present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/ifconfig
action: member
state: present
register: result
failed_when: not result.changed
- name: Ensure the other sudo command is not present in sudocmdgroup
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: not result.changed
- name: Ensure the other sudo commandsis not present in sudocmdgroup, again
ipasudocmdgroup:
ipaadmin_password: SomeADMINpassword
name: network
sudocmd:
- /usr/sbin/iwlist
action: member
state: absent
register: result
failed_when: result.changed
Reference in New Issue View Git Blame Copy Permalink