2022-08-05 14:03:38 +02:00
---
# Copyright (c) Ansible Project
# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
# SPDX-License-Identifier: GPL-3.0-or-later
2022-01-28 01:11:12 -05:00
# Get systemd version and if it doesn't exist don't run these tests.
- name : check systemd version
command : "systemctl --version"
register : systemd_version
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : check homectl version
command : homectl --version
register : homectl_version
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- block :
- name : Check and start systemd-homed service
service :
name : systemd-homed.service
state : started
2023-02-15 22:55:23 +01:00
enabled : true
2022-01-28 01:11:12 -05:00
- name : Add a user 'james'
community.general.homectl :
name : james
password : myreallysecurepassword1!
state : present
- name : verify user added
command : homectl inspect james
register : james_info
- name : Add the user 'tom' with a zsh shell, uid of 1000, and gid of 1000
community.general.homectl :
name : tom
password : myreallysecurepassword1!
state : present
shell : /bin/zsh
uid : 1000
gid : 1000
disksize : 10G
register : tom_userinfo
- name : Try to add user 'james' that already exists
community.general.homectl :
name : james
password : myreallysecurepassword1!
state : present
shell : /bin/ksh
register : user_exists
- name : Try to use 'resize=yes' option without 'disksize' option (not allowed)
community.general.homectl :
name : foo
password : uq4895738!@#$%dfd
state : present
2023-02-15 22:55:23 +01:00
resize : true
2022-01-28 01:11:12 -05:00
register : resize_out
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : Use option 'disksize=1G' without option resize (allowed)
community.general.homectl :
name : foobar
password : "uq4895738!@#$%dfd"
state : present
disksize : 1G
register : disk_out
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : Try to Create user without giving password
community.general.homectl :
name : danielle
register : danielle_out
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : remove user 'foobar' without requiring password
community.general.homectl :
name : foobar
state : absent
register : delete_foobar_out
- name : modify user 'james' to have zsh shell and timezone 'America/New_York'
community.general.homectl :
name : james
password : myreallysecurepassword1!
state : present
shell : /bin/zsh
timezone : America/New_York
register : lukuser_modify_out
- name : create user 'jake' with all mount options
community.general.homectl :
name : jake
password : myreallysecurepassword12!
mountopts : noexec,nosuid,nodev
sshkeys : "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDUSW/q2qFZPr2vS0qrmAs+1iQI1jLIBdJ4CVIhE3KnIwxkkiInS8mJ+t0FBTeK3ks3GZLPVYC1v9o2P+oqyUk1CiBnCsMXGJud+L/t8b5r8MiJMyP7Jzd6yhmcvenjvz+vY06jQ9chWAtThEknuaOMongIpQQzSLGbdMy0yMsz4GEjicwdcj1PDwItPvUt4TL4K7V9NE672idADlRt6qng4UwpziqlYgsyIG46ettDras8hGAPricrhFWUS2rLDsCD0thkPFdR8HL1ZWTZ6LtolhO4MYtgntzXn708TTmFC2oIDluzyxVoUYmsfVotVdXFZcOWffnwbCgU+tn75JXTLozgTbV3VWmkxpJFErCWPerxcZv3+7b0f36/Y0gRNjM9HERLDSE1c8yz29NOLY0qH5306aByjOaerxNq9+ZOU/Fmf5/VfGIUp/FdLxDw+V0AzejFG580VAcstEMsOHSdwTbi3gf6LoGSiRyWKKDod0TZCMC6RzfdsfdsfI9CClGl0s= test@router.home"
register : jake_out
- name : Try to remove user 'janet' that doesn't exist
community.general.homectl :
name : janet
state : absent
register : user_not_exist
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : Use check_mode to try and create user 'diana'
community.general.homectl :
name : diana
password : helloworld123!@
state : present
2023-02-15 22:55:23 +01:00
check_mode : true
2022-01-28 01:11:12 -05:00
register : diana_create_checkmode_out
- name : Verify user 'diana' was not created with check_mode
command : homectl inspect diana
register : user_diana_exists
2023-02-15 22:55:23 +01:00
ignore_errors : true
2022-01-28 01:11:12 -05:00
- name : Try to modify user 'jake' with only noexec mount option in check_mode
community.general.homectl :
name : jake
password : myreallysecurepassword12!
state : present
mountopts : noexec
2023-02-15 22:55:23 +01:00
check_mode : true
2022-01-28 01:11:12 -05:00
register : jake_checkmode_out
- name : Verify user 'jake' was not modified and still has all mount options
command : homectl inspect jake
register : user_jake_details_out
- name : Modify user 'jake' with only noexec mount option
community.general.homectl :
name : jake
password : myreallysecurepassword12!
state : present
mountopts : noexec
register : jake_modify_out
- name : modify user 'jake' again with only noexec mount option to make sure changed is false as nothing has changed.
community.general.homectl :
name : jake
password : myreallysecurepassword12!
state : present
mountopts : noexec
register : jake_modify_again_out
- name : Try to modify user 'jake' with an incorrect password
community.general.homectl :
name : jake
password : incorrectPassword!
state : present
mountopts : noexec
2023-02-15 22:55:23 +01:00
locked : true
ignore_errors : true
2022-01-28 01:11:12 -05:00
register : jake_incorrect_pass_out
- assert :
that :
- james_info.rc == 0
- tom_userinfo.data['gid'] == 1000 and tom_userinfo.data['uid'] == 1000
- user_exists is changed and user_exists.data['shell'] == '/bin/ksh'
- resize_out is not changed
- disk_out is changed
- delete_foobar_out is changed
- danielle_out is not changed
- lukuser_modify_out.data['timeZone'] == "America/New_York" and lukuser_modify_out.data['shell'] == "/bin/zsh"
- user_not_exist is not changed and user_not_exist.msg == "User does not exist!"
- jake_out is changed and jake_out.data['mountNoDevices'] == True and jake_out.data['mountNoSuid'] == True and jake_out.data['mountNoExecute'] == True
- diana_create_checkmode_out is changed and 'No home for user diana known' in user_diana_exists.stderr
- "jake_checkmode_out is changed and 'Mount Flags: nosuid nodev noexec' in user_jake_details_out.stdout"
- jake_modify_out is changed and jake_modify_out.data['privileged']['sshAuthorizedKeys'] is not none
- jake_modify_out.data['mountNoDevices'] == False and jake_modify_out.data['mountNoExecute'] == True and jake_modify_out.data['mountNoSuid'] == False
- jake_modify_again_out is not changed
- jake_incorrect_pass_out is not changed and jake_incorrect_pass_out is failed and jake_incorrect_pass_out.msg == 'User exists but password is incorrect!'
# homectl was first introduced in systemd 245 so check version >= 245 and make sure system has systemd and homectl command
2022-02-21 21:14:45 +01:00
when :
- systemd_version.rc == 0 and (systemd_version.stdout | regex_search('[0-9][0-9][0-9]') | int >= 245) and homectl_version.rc == 0
- ansible_distribution != 'Archlinux' # TODO!
2022-05-22 17:20:30 +02:00
- ansible_distribution != 'Fedora' or ansible_distribution_major_version|int < 36 # TODO!