From 07709f793bb881027c739b661670e4dbdcdd8716 Mon Sep 17 00:00:00 2001
From: Kevin Fenzi <kevin@scrye.com>
Date: Sun, 27 May 2018 00:46:56 +0000
Subject: [PATCH] lineinfile is evil

---
 files/common/mock                    | 15 +++++++++++++++
 playbooks/groups/maintainer-test.yml |  3 +--
 2 files changed, 16 insertions(+), 2 deletions(-)
 create mode 100644 files/common/mock

diff --git a/files/common/mock b/files/common/mock
new file mode 100644
index 0000000000..f53258d470
--- /dev/null
+++ b/files/common/mock
@@ -0,0 +1,15 @@
+%PAM-1.0
+auth            sufficient      pam_rootok.so
+auth            sufficient      pam_succeed_if.so user ingroup mock use_uid quiet
+# Uncomment the following line to implicitly trust users in the "wheel" group.
+#auth           sufficient      pam_wheel.so trust use_uid
+# Uncomment the following line to require a user to be in the "wheel" group.
+#auth           required        pam_wheel.so use_uid
+auth            include         system-auth
+account         sufficient      pam_succeed_if.so user ingroup mock use_uid quiet
+account         include         system-auth
+password        include         system-auth
+session         include         system-auth
+account sufficient pam_succeed_if.so user ingroup packager use_uid quiet
+auth sufficient pam_succeed_if.so user ingroup packager use_uid quiet
+session         optional        pam_xauth.so
diff --git a/playbooks/groups/maintainer-test.yml b/playbooks/groups/maintainer-test.yml
index bb8adb1c1e..e89ec3811e 100644
--- a/playbooks/groups/maintainer-test.yml
+++ b/playbooks/groups/maintainer-test.yml
@@ -61,8 +61,7 @@
     - packages
 
   - name: allow packagers to use mock
-    lineinfile: dest=/etc/pam.d/mock line="{{ item }} sufficient pam_succeed_if.so user ingroup packager use_uid quiet" insertbefore=BOF
-    when: ansible_distribution_major_version|int > 23
+    copy: dest=/etc/pam.d/mock src="{{ files }}/common/mock
     with_items:
     - account
     - auth