diff --git a/tests/ansible/osx_setup.yml b/tests/ansible/osx_setup.yml index 582dd280..9482d25b 100644 --- a/tests/ansible/osx_setup.yml +++ b/tests/ansible/osx_setup.yml @@ -26,6 +26,13 @@ - mitogen__pw_required - mitogen__require_tty_pw_required + - name: Create Mitogen test users + user: + name: "mitogen__user{{item}}" + shell: /bin/bash + password: mitogen__password + with_sequence: start=1 end=21 + - name: Hide test users from login window. shell: > defaults @@ -38,6 +45,15 @@ - mitogen__pw_required - mitogen__require_tty_pw_required + - name: Hide test users from login window. + shell: > + defaults + write + /Library/Preferences/com.apple.loginwindow + HiddenUsersList + -array-add 'mitogen__user{{item}}' + with_sequence: start=1 end=21 + - name: Require a TTY for two accounts lineinfile: path: /etc/sudoers @@ -61,3 +77,9 @@ line: "{{lookup('pipe', 'whoami')}} ALL = ({{item}}) NOPASSWD:ALL" with_items: - mitogen__require_tty + + - name: Allow passwordless for many accounts + lineinfile: + path: /etc/sudoers + line: "{{lookup('pipe', 'whoami')}} ALL = (mitogen__user{{item}}) NOPASSWD:ALL" + with_sequence: start=1 end=21 diff --git a/tests/build_docker_image.py b/tests/build_docker_image.py index 02172e04..9a8a057c 100755 --- a/tests/build_docker_image.py +++ b/tests/build_docker_image.py @@ -27,7 +27,8 @@ RUN \ ( echo 'has-sudo-pubkey:y' | chpasswd; ) && \ ( echo 'has-sudo-nopw:y' | chpasswd; ) && \ mkdir ~has-sudo-pubkey/.ssh && \ - { echo '#!/bin/bash\nexec strace -ff -o /tmp/pywrap$$.trace python2.7 "$@"' > /usr/local/bin/pywrap; chmod +x /usr/local/bin/pywrap; } + { echo '#!/bin/bash\nexec strace -ff -o /tmp/pywrap$$.trace python2.7 "$@"' > /usr/local/bin/pywrap; chmod +x /usr/local/bin/pywrap; } && \ + { for i in `seq 1 21`; do useradd -s /bin/bash -m mitogen__user$i; done; } COPY data/docker/has-sudo-pubkey.key.pub /home/has-sudo-pubkey/.ssh/authorized_keys RUN \