diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:04:21 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 16:04:21 +0000 |
commit | 8a754e0858d922e955e71b253c139e071ecec432 (patch) | |
tree | 527d16e74bfd1840c85efd675fdecad056c54107 /test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml | |
parent | Initial commit. (diff) | |
download | ansible-core-upstream.tar.xz ansible-core-upstream.zip |
Adding upstream version 2.14.3.upstream/2.14.3upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml')
-rw-r--r-- | test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml b/test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml new file mode 100644 index 0000000..8be2fe6 --- /dev/null +++ b/test/integration/targets/become_unprivileged/cleanup_unpriv_users.yml @@ -0,0 +1,53 @@ +- name: Clean up host and remove unprivileged users + hosts: ssh + gather_facts: yes + remote_user: root + tasks: + # Do this first so we can use tilde notation while the user still exists + - name: Delete homedirs + file: + path: '~{{ item }}' + state: absent + with_items: + - unpriv1 + - unpriv2 + + - name: Delete users + user: + name: "{{ item }}" + state: absent + force: yes # I think this is needed in case pipelining is used and the session remains open + with_items: + - unpriv1 + - unpriv2 + + - name: Delete groups + group: + name: "{{ item }}" + state: absent + with_items: + - acommongroup + - unpriv1 + - unpriv2 + + - name: Fix sudoers.d path for FreeBSD + set_fact: + sudoers_etc: /usr/local/etc + when: ansible_distribution == 'FreeBSD' + + - name: Fix sudoers.d path for everything else + set_fact: + sudoers_etc: /etc + when: ansible_distribution != 'FreeBSD' + + - name: Undo OpenSUSE + lineinfile: + path: "{{ sudoers_etc }}/sudoers" + regexp: '^### Defaults targetpw' + line: 'Defaults targetpw' + backrefs: yes + + - name: Nuke custom sudoers file + file: + path: "{{ sudoers_etc }}/sudoers.d/unpriv1" + state: absent |