ansible/test/integration/targets/become_unprivileged/common_remote_group/setup.yml
Rick Elrod 69472a5f8d
Refactor _fixup_perms2 to remove way-nested logic ()
Change:
- Refactoring to make it harder to get wrong and easier to read.
- Generalize become_unprivileged tests and fix some that never worked
  but also never failed.

Test Plan:
- CI, new units/integration tests

Signed-off-by: Rick Elrod <rick@elrod.me>
2020-07-20 18:46:47 -05:00

43 lines
971 B
YAML

- name: Prep (as root)
hosts: ssh
gather_facts: yes
remote_user: root
tasks:
- name: Create group for unprivileged users
group:
name: commongroup
- name: Add them to the group
user:
name: "{{ item }}"
groups: commongroup
append: yes
with_items:
- unpriv1
- unpriv2
- name: Check if /usr/bin/setfacl exists
stat:
path: /usr/bin/setfacl
register: usr_bin_setfacl
- name: Check if /bin/setfacl exists
stat:
path: /bin/setfacl
register: bin_setfacl
- name: Set path to setfacl
set_fact:
setfacl_path: /usr/bin/setfacl
when: usr_bin_setfacl.stat.exists
- name: Set path to setfacl
set_fact:
setfacl_path: /bin/setfacl
when: bin_setfacl.stat.exists
- name: chmod -x setfacl to disable it
file:
path: "{{ setfacl_path }}"
mode: a-x
when: setfacl_path is defined