5d32dbd532
ignore_selinux_state based on #48945
81 lines
1.7 KiB
YAML
81 lines
1.7 KiB
YAML
---
|
|
|
|
- name: create user for testing
|
|
user:
|
|
name: seuser
|
|
|
|
- name: attempt to add mapping without 'seuser'
|
|
selogin:
|
|
login: seuser
|
|
register: selogin_error
|
|
ignore_errors: yes
|
|
|
|
- name: verify failure
|
|
assert:
|
|
that:
|
|
- selogin_error is failed
|
|
|
|
- name: map login to SELinux user
|
|
selogin:
|
|
login: seuser
|
|
seuser: staff_u
|
|
register: selogin_new_mapping
|
|
check_mode: "{{ item }}"
|
|
with_items:
|
|
- yes
|
|
- no
|
|
- yes
|
|
- no
|
|
|
|
- name: new mapping- verify functionality and check_mode
|
|
assert:
|
|
that:
|
|
- selogin_new_mapping.results[0] is changed
|
|
- selogin_new_mapping.results[1] is changed
|
|
- selogin_new_mapping.results[2] is not changed
|
|
- selogin_new_mapping.results[3] is not changed
|
|
|
|
- name: change SELinux user login mapping
|
|
selogin:
|
|
login: seuser
|
|
seuser: user_u
|
|
register: selogin_mod_mapping
|
|
check_mode: "{{ item }}"
|
|
with_items:
|
|
- yes
|
|
- no
|
|
- yes
|
|
- no
|
|
|
|
- name: changed mapping- verify functionality and check_mode
|
|
assert:
|
|
that:
|
|
- selogin_mod_mapping.results[0] is changed
|
|
- selogin_mod_mapping.results[1] is changed
|
|
- selogin_mod_mapping.results[2] is not changed
|
|
- selogin_mod_mapping.results[3] is not changed
|
|
|
|
- name: remove SELinux user mapping
|
|
selogin:
|
|
login: seuser
|
|
state: absent
|
|
register: selogin_del_mapping
|
|
check_mode: "{{ item }}"
|
|
with_items:
|
|
- yes
|
|
- no
|
|
- yes
|
|
- no
|
|
|
|
- name: delete mapping- verify functionality and check_mode
|
|
assert:
|
|
that:
|
|
- selogin_del_mapping.results[0] is changed
|
|
- selogin_del_mapping.results[1] is changed
|
|
- selogin_del_mapping.results[2] is not changed
|
|
- selogin_del_mapping.results[3] is not changed
|
|
|
|
- name: remove test user
|
|
user:
|
|
name: seuser
|
|
state: absent
|