blob: 9e16297617e4cbda0d856f9af3fae7084d9fb0b1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
---
- name: remove comments of /etc/login.defs
command: sed -e '/^[ \t]*#/d' /etc/login.defs
register: logindefs
- block:
- name: Create user with 000 umask
user:
name: umaskuser_test_1
umask: "000"
register: umaskuser_test_1
- name: Create user with 077 umask
user:
name: umaskuser_test_2
umask: "077"
register: umaskuser_test_2
- name: check permissions on created home folder
stat:
path: "{{ user_home_prefix[ansible_facts.system] }}/umaskuser_test_1"
register: umaskuser_test_1_path
- name: check permissions on created home folder
stat:
path: "{{ user_home_prefix[ansible_facts.system] }}/umaskuser_test_2"
register: umaskuser_test_2_path
- name: remove created users
user:
name: "{{ item }}"
state: absent
register: umaskuser_test_remove
loop:
- umaskuser_test_1
- umaskuser_test_2
- name: Ensure correct umask has been set on created users
assert:
that:
- umaskuser_test_1_path.stat.mode == "0777"
- umaskuser_test_2_path.stat.mode == "0700"
- umaskuser_test_remove is changed
when: logindefs.stdout_lines is not search ("HOME_MODE")
- name: Create user with setting both umask and local
user:
name: umaskuser_test_3
umask: "077"
local: true
register: umaskuser_test_3
ignore_errors: true
- name: Ensure task has been failed
assert:
that:
- umaskuser_test_3 is failed
|
