diff options
| author | Matt Clay <matt@mystile.com> | 2022-07-12 23:33:07 +0300 |
|---|---|---|
| committer | Matt Clay <matt@mystile.com> | 2022-07-16 02:12:39 +0300 |
| commit | b63812bc08fd00fd772c28a2604f77f487d23104 (patch) | |
| tree | 9678ddc6d331055b2bdfd643c322295d4383984c | |
| parent | 358a8ad7af3acf7e0768c2b503d421219b3c951c (diff) | |
ansible-test - Enable ACLs on FreeBSD remotes.
This allows integration tests to switch from one unprivileged user
to another, sharing files between the users using ACLs.
| -rw-r--r-- | changelogs/fragments/ansible-test-freebsd-remote-acl.yml | 2 | ||||
| -rw-r--r-- | test/lib/ansible_test/_util/target/setup/bootstrap.sh | 10 |
2 files changed, 12 insertions, 0 deletions
diff --git a/changelogs/fragments/ansible-test-freebsd-remote-acl.yml b/changelogs/fragments/ansible-test-freebsd-remote-acl.yml new file mode 100644 index 00000000000..c7f0e45a75f --- /dev/null +++ b/changelogs/fragments/ansible-test-freebsd-remote-acl.yml @@ -0,0 +1,2 @@ +minor_changes: + - ansible-test - Remote FreeBSD instances now have ACLs enabled on the root filesystem. diff --git a/test/lib/ansible_test/_util/target/setup/bootstrap.sh b/test/lib/ansible_test/_util/target/setup/bootstrap.sh index 128ed094c26..f16368b7e95 100644 --- a/test/lib/ansible_test/_util/target/setup/bootstrap.sh +++ b/test/lib/ansible_test/_util/target/setup/bootstrap.sh @@ -201,6 +201,16 @@ bootstrap_remote_freebsd() extra-index-url = https://spare-tire.testing.ansible.com/simple/ prefer-binary = yes " > /etc/pip.conf + + # enable ACL support on the root filesystem (required for become between unprivileged users) + fs_path="/" + fs_device="$(mount -v "${fs_path}" | cut -w -f 1)" + # shellcheck disable=SC2001 + fs_device_escaped=$(echo "${fs_device}" | sed 's|/|\\/|g') + + mount -o acls "${fs_device}" "${fs_path}" + awk 'BEGIN{FS=" "}; /'"${fs_device_escaped}"'/ {gsub(/^rw$/,"rw,acls", $4); print; next} // {print}' /etc/fstab > /etc/fstab.new + mv /etc/fstab.new /etc/fstab } bootstrap_remote_macos() |