add collections

2024-02-01 11:40:42 +08:00
parent 0715d7c475
commit 7af4c56c96
3198 changed files with 455118 additions and 0 deletions
--- a/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/aliases
+++ b/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/aliases
@@ -0,0 +1,7 @@
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+azp/posix/2
+needs/root
+skip/aix
--- a/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/meta/main.yml
+++ b/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/meta/main.yml
@@ -0,0 +1,7 @@
+---
+# Copyright (c) Ansible Project
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+dependencies:
+  - setup_pkg_mgr
--- a/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/tasks/main.yml
+++ b/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/tasks/main.yml
@@ -0,0 +1,21 @@
+---
+####################################################################
+# WARNING: These are designed specifically for Ansible tests       #
+# and should not be used as examples of how to write Ansible roles #
+####################################################################
+
+# Copyright (c) 2016, Dag Wieers <dag@wieers.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+# FIXME: Unfortunately ansible_selinux could be a boolean or a dictionary !
+- debug:
+    msg: SELinux is disabled
+  when: ansible_selinux is defined and ansible_selinux == False
+
+- debug:
+    msg: SELinux is {{ ansible_selinux.status }}
+  when: ansible_selinux is defined and ansible_selinux != False
+
+- include: sefcontext.yml
+  when: ansible_selinux is defined and ansible_selinux != False and ansible_selinux.status == 'enabled'
--- a/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/tasks/sefcontext.yml
+++ b/collections/ansible_collections/community/general/tests/integration/targets/sefcontext/tasks/sefcontext.yml
@@ -0,0 +1,102 @@
+---
+# Copyright (c) 2016, Dag Wieers <dag@wieers.com>
+# GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
+# SPDX-License-Identifier: GPL-3.0-or-later
+
+- name: install requirements for RHEL
+  package:
+    name: policycoreutils-python
+  when:
+    - ansible_distribution == 'RedHat'
+    - ansible_distribution_major_version|int < 8
+
+- name: install requirements for rhel8 beta
+  package:
+    name: python3-policycoreutils
+  when:
+    - ansible_distribution == 'RedHat'
+    - ansible_distribution_major_version|int >= 8
+
+- name: Ensure we start with a clean state
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: httpd_sys_content_t
+    state: absent
+
+- name: Set SELinux file context of foo/bar
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: httpd_sys_content_t
+    state: present
+    reload: no
+  register: first
+
+- assert:
+    that:
+    - first is changed
+    - first.setype == 'httpd_sys_content_t'
+
+- name: Set SELinux file context of foo/bar (again)
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: httpd_sys_content_t
+    state: present
+    reload: no
+  register: second
+
+- assert:
+    that:
+    - second is not changed
+    - second.setype == 'httpd_sys_content_t'
+
+- name: Change SELinux file context of foo/bar
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: unlabeled_t
+    state: present
+    reload: no
+  register: third
+
+- assert:
+    that:
+    - third is changed
+    - third.setype == 'unlabeled_t'
+
+- name: Change SELinux file context of foo/bar (again)
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: unlabeled_t
+    state: present
+    reload: no
+  register: fourth
+
+- assert:
+    that:
+    - fourth is not changed
+    - fourth.setype == 'unlabeled_t'
+
+- name: Delete SELinux file context of foo/bar
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: httpd_sys_content_t
+    state: absent
+    reload: no
+  register: fifth
+
+- assert:
+    that:
+    - fifth is changed
+    - fifth.setype == 'httpd_sys_content_t'
+
+- name: Delete SELinux file context of foo/bar (again)
+  sefcontext:
+    path: '/tmp/foo/bar(/.*)?'
+    setype: unlabeled_t
+    state: absent
+    reload: no
+  register: sixth
+
+- assert:
+    that:
+    - sixth is not changed
+    - sixth.setype == 'unlabeled_t'