File: sudo_nonexistent.yml

package info (click to toggle)
python-mitogen 0.3.3-9%2Bdeb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 6,816 kB
  • sloc: python: 22,086; sh: 171; makefile: 74; perl: 19; ansic: 18; javascript: 5
file content (36 lines) | stat: -rw-r--r-- 1,335 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
 
- name: integration/become/sudo_nonexistent.yml
  hosts: test-targets
  any_errors_fatal: true
  tasks:

    - name: Verify behaviour for non-existent accounts.
      shell: whoami
      become: true
      become_user: slartibartfast
      ignore_errors: true
      register: out
      when:
        # https://github.com/ansible/ansible/pull/70785
        - ansible_facts.distribution not in ["MacOSX"]
          or ansible_version.full is version("2.11", ">=", strict=True)
          or is_mitogen

    - name: Verify raw module output.
      assert:
        that:
          - out.failed
          # sudo-1.8.6p3-29.el6_10.3 on RHEL & CentOS 6.10 (final release)
          # removed user/group error messages, as defence against CVE-2019-14287.
          - >-
            'sudo: unknown user: slartibartfast' in out.module_stdout | default(out.msg)
            or 'sudo: unknown user: slartibartfast' in out.module_stderr | default(out.msg)
            or (ansible_facts.os_family == 'RedHat' and ansible_facts.distribution_version == '6.10')
        fail_msg: out={{out}}
      when:
        # https://github.com/ansible/ansible/pull/70785
        - ansible_facts.distribution not in ["MacOSX"]
          or ansible_version.full is version("2.11", ">=", strict=True)
          or is_mitogen
  tags:
    - sudo
    - sudo_nonexistent