Safe disable SELinux

Sometimes, a sysadmin might outright delete the SELinux rpms and
delete the configuration. This causes the selinux module to fail
with
```
IOError: [Errno 2] No such file or directory: '/etc/selinux/config'\n",
"module_stdout": "", "msg": "MODULE FAILURE"}
```

This simply checks that /etc/selinux/config exists before we try
to set it Permissive.

Update from feedback
pull/1049/head
Abel Lopez 2017-02-17 17:13:12 -08:00
parent b84cc14694
commit 0bfc2d0f2f
No known key found for this signature in database
GPG Key ID: 019BA3843E46A731
1 changed files with 7 additions and 1 deletions

View File

@ -125,9 +125,15 @@
tags: bootstrap-os
# Todo : selinux configuration
- name: Confirm selinux deployed
stat:
path: /etc/selinux/config
when: ansible_os_family == "RedHat"
register: slc
- name: Set selinux policy to permissive
selinux: policy=targeted state=permissive
when: ansible_os_family == "RedHat"
when: ansible_os_family == "RedHat" and slc.stat.exists == True
changed_when: False
tags: bootstrap-os