split creation of user and test

Signed-off-by: Sebastian Gumprich <sebastian.gumprich@t-systems.com>

Author: Sebastian Gumprich

molecule/os_hardening/verify.yml

@@ -20,14 +20,40 @@
         - verify_tasks/netrc.yml
         - verify_tasks/ignore_home_folders.yml
 
-    - name: include PAM tests
-      include_tasks: verify_tasks/pam.yml
-      when: ansible_facts.distribution in ['Debian', 'Ubuntu'] or ansible_facts.os_family == 'RedHat'
-
     - name: include YUM tests
       include_tasks: verify_tasks/yum.yml
       when: ansible_facts.os_family == 'RedHat'
 
+- name: Verify
+  hosts: all
+  become: true
+  environment:
+    http_proxy: "{{ lookup('env', 'http_proxy') | default(omit)  }}"
+    https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
+    no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
+  tasks:
+    - name: set ansible_python_interpreter to "/usr/bin/python3"
+      set_fact:
+        ansible_python_interpreter: "/usr/bin/python3"
+    - name: include PAM tests
+      include_tasks: verify_tasks/pam_1.yml
+      when: ansible_facts.distribution in ['Debian', 'Ubuntu'] or ansible_facts.os_family == 'RedHat'
+
+- name: Verify
+  hosts: all
+  become: true
+  environment:
+    http_proxy: "{{ lookup('env', 'http_proxy') | default(omit)  }}"
+    https_proxy: "{{ lookup('env', 'https_proxy') | default(omit) }}"
+    no_proxy: "{{ lookup('env', 'no_proxy') | default(omit) }}"
+  tasks:
+    - name: set ansible_python_interpreter to "/usr/bin/python3"
+      set_fact:
+        ansible_python_interpreter: "/usr/bin/python3"
+    - name: include PAM tests
+      include_tasks: verify_tasks/pam_2.yml
+      when: ansible_facts.distribution in ['Debian', 'Ubuntu'] or ansible_facts.os_family == 'RedHat'
+
 - name: Verify
   hosts: localhost
   environment:

molecule/os_hardening/verify_tasks/pam_1.yml

@@ -0,0 +1,30 @@
+---
+
+- name: install pip
+  package:
+    name:
+      - python3-pip
+      - python3-setuptools
+    state: present
+
+- name: install pam-tester
+  ansible.builtin.pip:
+    name: pam-tester
+    state: present
+    executable: /usr/bin/pip3
+
+- name: set password for test
+  set_fact:
+    test_pw: "myTestpwSage"
+
+- name: set locale for test
+  set_fact:
+    locale: "en_US.UTF-8"
+  when:
+    - ansible_facts.os_family == 'RedHat'
+    - ansible_facts.distribution_major_version < '8'
+
+- name: create testuser
+  user:
+    name: testuser
+    password: "{{ test_pw | password_hash('sha512') }}"

molecule/os_hardening/verify_tasks/pam.yml renamed to molecule/os_hardening/verify_tasks/pam_2.yml

@@ -1,34 +1,4 @@
 ---
-
-- name: install pip
-  package:
-    name:
-      - python3-pip
-      - python3-setuptools
-    state: present
-
-- name: install pam-tester
-  ansible.builtin.pip:
-    name: pam-tester
-    state: present
-    executable: /usr/bin/pip3
-
-- name: set password for test
-  set_fact:
-    test_pw: "myTestpwSage"
-
-- name: set locale for test
-  set_fact:
-    locale: "en_US.UTF-8"
-  when:
-    - ansible_facts.os_family == 'RedHat'
-    - ansible_facts.distribution_major_version < '8'
-
-- name: create testuser
-  user:
-    name: testuser
-    password: "{{ test_pw | password_hash('sha512') }}"
-
 - name: check successful login with correct password
   shell:
     cmd: "/usr/local/bin/pam-tester --user testuser --password {{ test_pw }}"