diff options
Diffstat (limited to 'test/integration/targets/module_utils/module_utils_basic_setcwd.yml')
| -rw-r--r-- | test/integration/targets/module_utils/module_utils_basic_setcwd.yml | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/test/integration/targets/module_utils/module_utils_basic_setcwd.yml b/test/integration/targets/module_utils/module_utils_basic_setcwd.yml new file mode 100644 index 0000000..71317f9 --- /dev/null +++ b/test/integration/targets/module_utils/module_utils_basic_setcwd.yml @@ -0,0 +1,53 @@ +- hosts: testhost + gather_facts: no + tasks: + - name: make sure the test user is available + include_role: + name: setup_test_user + + - name: verify AnsibleModule works when cwd is missing + test_cwd_missing: + register: missing + + - name: record the mode of the connection user's home directory + stat: + path: "~" + vars: + ansible_become: no + register: connection_user_home + + - name: limit access to the connection user's home directory + file: + state: directory + path: "{{ connection_user_home.stat.path }}" + mode: "0700" + vars: + ansible_become: no + + - block: + - name: verify AnsibleModule works when cwd is unreadable + test_cwd_unreadable: + register: unreadable + vars: &test_user_become + ansible_become: yes + ansible_become_user: "{{ test_user_name }}" # root can read cwd regardless of permissions, so a non-root user is required here + ansible_become_password: "{{ test_user_plaintext_password }}" + always: + - name: restore access to the connection user's home directory + file: + state: directory + path: "{{ connection_user_home.stat.path }}" + mode: "{{ connection_user_home.stat.mode }}" + vars: + ansible_become: no + + - name: get real path of home directory of the unprivileged user + raw: "{{ ansible_python_interpreter }} -c 'import os.path; print(os.path.realpath(os.path.expanduser(\"~\")))'" + register: home + vars: *test_user_become + + - name: verify AnsibleModule was able to adjust cwd as expected + assert: + that: + - missing.before != missing.after + - unreadable.before != unreadable.after or unreadable.before == '/' or unreadable.before == home.stdout.strip() # allow / and $HOME fallback on macOS when using an unprivileged user |