selogin: check_mode, ignore_selinux_state, tests

ignore_selinux_state based on #48945
2026-05-06 13:22:48 +00:00 · 2019-03-24 00:39:14 -04:00
parent f9e09f0e7f
commit 5d32dbd532
3 changed files with 110 additions and 5 deletions
--- a/test/integration/targets/selinux/tasks/main.yml
+++ b/test/integration/targets/selinux/tasks/main.yml
@@ -28,3 +28,9 @@
    - ansible_selinux is defined
    - ansible_selinux != False
    - ansible_selinux.status == 'enabled'
+
+- include: selogin.yml
+  when:
+    - ansible_selinux is defined
+    - ansible_selinux != False
+    - ansible_selinux.status == 'enabled'
--- a/test/integration/targets/selinux/tasks/selogin.yml
+++ b/test/integration/targets/selinux/tasks/selogin.yml
@@ -0,0 +1,81 @@
+---
+
+- name: create user for testing
+  user:
+    name: seuser
+
+- name: attempt to add mapping without 'seuser'
+  selogin:
+    login: seuser
+  register: selogin_error
+  ignore_errors: yes
+
+- name: verify failure
+  assert:
+    that:
+    - selogin_error is failed
+
+- name: map login to SELinux user
+  selogin:
+    login: seuser
+    seuser: staff_u
+  register: selogin_new_mapping
+  check_mode: "{{ item }}"
+  with_items:
+  - yes
+  - no
+  - yes
+  - no
+
+- name: new mapping- verify functionality and check_mode
+  assert:
+    that:
+    - selogin_new_mapping.results[0] is changed
+    - selogin_new_mapping.results[1] is changed
+    - selogin_new_mapping.results[2] is not changed
+    - selogin_new_mapping.results[3] is not changed
+
+- name: change SELinux user login mapping
+  selogin:
+    login: seuser
+    seuser: user_u
+  register: selogin_mod_mapping
+  check_mode: "{{ item }}"
+  with_items:
+  - yes
+  - no
+  - yes
+  - no
+
+- name: changed mapping- verify functionality and check_mode
+  assert:
+    that:
+    - selogin_mod_mapping.results[0] is changed
+    - selogin_mod_mapping.results[1] is changed
+    - selogin_mod_mapping.results[2] is not changed
+    - selogin_mod_mapping.results[3] is not changed
+
+- name: remove SELinux user mapping
+  selogin:
+    login: seuser
+    state: absent
+  register: selogin_del_mapping
+  check_mode: "{{ item }}"
+  with_items:
+  - yes
+  - no
+  - yes
+  - no
+
+- name: delete mapping- verify functionality and check_mode
+  assert:
+    that:
+    - selogin_del_mapping.results[0] is changed
+    - selogin_del_mapping.results[1] is changed
+    - selogin_del_mapping.results[2] is not changed
+    - selogin_del_mapping.results[3] is not changed
+
+- name: remove test user
+  user:
+    name: seuser
+    state: absent