ceph-ansible/roles/ceph-nfs/tasks/ganesha_selinux_fix.yml

30 lines
701 B
YAML

---
- name: check if selinux is enabled
command: getenforce
register: selinuxstatus
changed_when: false
failed_when: false
tags:
- always
- name: install policycoreutils-python to get semanage
package:
name: policycoreutils-python
state: present
when:
- selinuxstatus.stdout != 'Disabled'
- name: test if ganesha_t is already permissive
shell: |
semanage permissive -l | grep -soq ganesha_t
changed_when: false
failed_when: false
register: ganesha_t_permissive
- name: run semanage permissive -a ganesha_t
command: semanage permissive -a ganesha_t
changed_when: false
when:
- selinuxstatus.stdout != 'Disabled'
- ganesha_t_permissive.rc != 0