mirror of
https://github.com/ansible-collections/ansible.posix.git
synced 2026-01-10 14:45:28 +01:00
41 lines
975 B
YAML
41 lines
975 B
YAML
---
|
|
# -------------------------------------------------------------
|
|
# check permissions
|
|
|
|
- name: Create a file that is not accessible
|
|
ansible.builtin.file:
|
|
state: touch
|
|
path: "{{ output_dir | expanduser }}/file_permissions"
|
|
owner: root
|
|
mode: '0000'
|
|
|
|
- name: Create unprivileged user
|
|
ansible.builtin.user:
|
|
name: nopriv
|
|
create_home: true
|
|
|
|
- name: Try to delete a key from an unreadable file
|
|
become: true
|
|
become_user: nopriv
|
|
ansible.posix.authorized_key:
|
|
user: root
|
|
key: "{{ dss_key_basic }}"
|
|
state: absent
|
|
path: "{{ output_dir | expanduser }}/file_permissions"
|
|
register: result
|
|
ignore_errors: true
|
|
|
|
- name: Assert that the key deletion has failed
|
|
ansible.builtin.assert:
|
|
that:
|
|
- result.failed == True
|
|
|
|
- name: Remove the file
|
|
ansible.builtin.file:
|
|
state: absent
|
|
path: "{{ output_dir | expanduser }}/file_permissions"
|
|
|
|
- name: Remove the user
|
|
ansible.builtin.user:
|
|
name: nopriv
|
|
state: absent
|