From d22b710477a78f40a7d61a91a8a802e704d24a07 Mon Sep 17 00:00:00 2001 From: Lars Wirzenius Date: Sat, 10 Oct 2020 10:25:57 +0300 Subject: feat: verify unix_users can set shell --- roles/unix_users/subplot.md | 4 +++- roles/unix_users/subplot.py | 14 ++++++++++++++ roles/unix_users/subplot.yaml | 3 +++ 3 files changed, 20 insertions(+), 1 deletion(-) (limited to 'roles') diff --git a/roles/unix_users/subplot.md b/roles/unix_users/subplot.md index 9a0356a..c098638 100644 --- a/roles/unix_users/subplot.md +++ b/roles/unix_users/subplot.md @@ -2,7 +2,7 @@ This role creates or updates Unix users. -## Create user with unix_users +## Create normal user with unix_users ~~~scenario given a host running Debian @@ -11,10 +11,12 @@ when I use role unix_users and I use variables from foo.yml and I run the playbook then the host has user foo +and the user foo on host has shell /bin/true ~~~ ~~~{#foo.yml .file .yaml} unix_users: - username: foo comment: Foo Bar + shell: /bin/true ~~~ diff --git a/roles/unix_users/subplot.py b/roles/unix_users/subplot.py index 9b77e49..dc4e9f6 100644 --- a/roles/unix_users/subplot.py +++ b/roles/unix_users/subplot.py @@ -1,3 +1,6 @@ +import logging + + def host_does_not_have_user(ctx, username=None): assert_ne = globals()["assert_ne"] qemu = ctx["qemu"] @@ -12,3 +15,14 @@ def host_has_user(ctx, username=None): assert_eq(exit, 0) output = output.decode("UTF8") assert f"\n{username}:" in output + + +def host_user_has_shell(ctx, username=None, shell=None): + assert_eq = globals()["assert_eq"] + qemu = ctx["qemu"] + output, exit = qemu.ssh(["getent", "passwd", username]) + assert_eq(exit, 0) + for line in output.decode("UTF8").splitlines(): + if line.startswith(f"{username}:"): + logging.debug(f"host_user_has_shell: line={line!r}") + assert line.endswith(f":{shell}") diff --git a/roles/unix_users/subplot.yaml b/roles/unix_users/subplot.yaml index e59c9a0..a0529b2 100644 --- a/roles/unix_users/subplot.yaml +++ b/roles/unix_users/subplot.yaml @@ -3,3 +3,6 @@ - then: the host has user {username} function: host_has_user + +- then: the user {username} on host has shell {shell} + function: host_user_has_shell -- cgit v1.2.1