import os

import testinfra.utils.ansible_runner

testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
    os.environ["MOLECULE_INVENTORY_FILE"]
).get_hosts("all")


def test_pam_config(host):
    auth = host.file("/etc/pam.d/system-auth")

    assert auth.contains("auth        sufficient    pam_unix.so try_first_pass nullok")
    assert auth.contains(
        "password    sufficient    pam_unix.so try_first_pass use_authtok nullok sha512 shadow"
    )