Merge pull request #428 from konstruktoid/test

add sshd_match_user variables
konstruktoid · Oct 27, 2023 · 078c359 · 078c359
2 parents 0b4daed + bb5950e
commit 078c359
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 0 deletions.
diff --git a/molecule/default/molecule.yml b/molecule/default/molecule.yml
@@ -61,6 +61,16 @@ provisioner:
           - vagrant
           - sudo
         suid_sgid_permissions: false
+        sshd_match_users:
+          - user: testuser01
+            rules:
+              - AllowUsers testuser01
+              - AuthenticationMethods password
+              - PasswordAuthentication yes
+          - user: testuser02
+            rules:
+              - AllowUsers testuser02
+              - Banner none
 platforms:
   - name: almalinux8
     box: almalinux/8

diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml
@@ -39,6 +39,19 @@
           ansible.builtin.set_fact:
             crypto_policies_config: "{{ stat_crypto_policies_config.stat.exists }}"
 
+    - name: Create test users
+      become: true
+      ansible.builtin.user:
+        name: "{{ item }}"
+        shell: /bin/bash
+        create_home: true
+        generate_ssh_key: true
+        ssh_key_bits: 3072
+        ssh_key_file: .ssh/id_rsa
+      loop:
+        - testuser01
+        - testuser02
+
     - name: Set sysctl configuration directory as fact
       tags:
         - fact

diff --git a/molecule/single/molecule.yml b/molecule/single/molecule.yml
@@ -25,6 +25,16 @@ provisioner:
           - sudo
         suid_sgid_permissions: false
         umask_value: "027"
+        sshd_match_users:
+          - user: testuser01
+            rules:
+              - AllowUsers testuser01
+              - AuthenticationMethods password
+              - PasswordAuthentication yes
+          - user: testuser02
+            rules:
+              - AllowUsers testuser02
+              - Banner none
 platforms:
   - name: focal
     box: bento/ubuntu-20.04