From 785951484b9b17c10d9ca44b5ba480721927612b Mon Sep 17 00:00:00 2001 From: Abhijeet Kasurde Date: Sun, 3 Jan 2021 18:02:54 +0530 Subject: [PATCH] pam_limits: adds check mode and diff mode (#1575) * Add integration tests fixes #827 fixes #828 Signed-off-by: Christian Krause Signed-off-by: Abhijeet Kasurde Co-authored-by: Christian Krause --- plugins/modules/system/pam_limits.py | 2 +- tests/integration/targets/pam_limits/aliases | 5 + .../pam_limits/files/test_pam_limits.conf | 1 + .../targets/pam_limits/tasks/main.yml | 91 +++++++++++++++++++ 4 files changed, 98 insertions(+), 1 deletion(-) create mode 100644 tests/integration/targets/pam_limits/aliases create mode 100644 tests/integration/targets/pam_limits/files/test_pam_limits.conf create mode 100644 tests/integration/targets/pam_limits/tasks/main.yml diff --git a/plugins/modules/system/pam_limits.py b/plugins/modules/system/pam_limits.py index 35a896af71..bde41d44f1 100644 --- a/plugins/modules/system/pam_limits.py +++ b/plugins/modules/system/pam_limits.py @@ -134,8 +134,8 @@ EXAMPLES = r''' ''' import os -import tempfile import re +import tempfile from ansible.module_utils.basic import AnsibleModule from ansible.module_utils._text import to_native diff --git a/tests/integration/targets/pam_limits/aliases b/tests/integration/targets/pam_limits/aliases new file mode 100644 index 0000000000..abe0a21e22 --- /dev/null +++ b/tests/integration/targets/pam_limits/aliases @@ -0,0 +1,5 @@ +shippable/posix/group1 +skip/aix +skip/freebsd +skip/osx +skip/macos diff --git a/tests/integration/targets/pam_limits/files/test_pam_limits.conf b/tests/integration/targets/pam_limits/files/test_pam_limits.conf new file mode 100644 index 0000000000..7310b4a021 --- /dev/null +++ b/tests/integration/targets/pam_limits/files/test_pam_limits.conf @@ -0,0 +1 @@ +# /etc/security/limits.conf diff --git a/tests/integration/targets/pam_limits/tasks/main.yml b/tests/integration/targets/pam_limits/tasks/main.yml new file mode 100644 index 0000000000..840f8d244a --- /dev/null +++ b/tests/integration/targets/pam_limits/tasks/main.yml @@ -0,0 +1,91 @@ +# Test code for the pam_limits module +# Copyright: (c) 2021, Abhijeet Kasurde +# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt) + +- name: Set value for temp limit configuration + set_fact: + test_limit_file: "/tmp/limits.conf" + +- name: Copy temporary limits.conf + copy: + src: test_pam_limits.conf + dest: "{{ test_limit_file }}" + +- name: Test check mode support in pam_limits + community.general.pam_limits: + domain: smith + limit_type: soft + limit_item: nofile + value: '64000' + dest: "{{ test_limit_file }}" + check_mode: yes + register: check_mode_test + +- name: Test that check mode is working + assert: + that: + - check_mode_test is changed + +- name: Add soft limit for smith user + community.general.pam_limits: + domain: smith + limit_type: soft + limit_item: nofile + value: '64000' + dest: "{{ test_limit_file }}" + register: soft_limit_test + +- name: Check if changes are made + assert: + that: + - soft_limit_test is changed + +- name: Aagin change soft limit for smith user for idempotency + community.general.pam_limits: + domain: smith + limit_type: soft + limit_item: nofile + value: '64000' + dest: "{{ test_limit_file }}" + register: soft_limit_test + +- name: Check if changes are not made idempotency + assert: + that: + - not soft_limit_test.changed + +- name: Change hard limit for Joe user for diff + community.general.pam_limits: + domain: joe + limit_type: hard + limit_item: nofile + value: '100000' + dest: "{{ test_limit_file }}" + register: hard_limit_test + diff: true + +- name: Debugging output for hard limit test + debug: + msg: "{{ hard_limit_test }}" + +- name: Check if changes made + assert: + that: + - hard_limit_test is changed + - hard_limit_test.diff.after is defined + - hard_limit_test.diff.before is defined + +- name: Add comment with change + community.general.pam_limits: + domain: doom + limit_type: hard + limit_item: nofile + value: '100000' + dest: "{{ test_limit_file }}" + comment: "This is a nice comment" + register: comment_test + +- name: Check if changes made + assert: + that: + - comment_test is changed