932a619981
The manual SSH command is buggy since it does not respect things like ansible_ssh_extra_args. TrivialFix Change-Id: I30709df86b4cc334413b76507700dc03e7df2ea1
41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
---
|
|
- name: Ensure required packages are installed
|
|
package:
|
|
name: python3-libselinux
|
|
state: present
|
|
cache_valid_time: "{{ apt_cache_valid_time if ansible_os_family == 'Debian' else omit }}"
|
|
update_cache: "{{ True if ansible_os_family == 'Debian' else omit }}"
|
|
become: True
|
|
|
|
- name: Check if SELinux configuration file exists
|
|
stat:
|
|
path: /etc/selinux/config
|
|
register: stat_result
|
|
|
|
- name: Ensure SELinux is disabled
|
|
selinux:
|
|
state: disabled
|
|
register: selinux_result
|
|
become: True
|
|
when: stat_result.stat.exists
|
|
|
|
- block:
|
|
- name: Set a fact to determine whether we are running locally
|
|
set_fact:
|
|
is_local: "{{ lookup('pipe', 'hostname') in [ansible_hostname, ansible_nodename] }}"
|
|
|
|
- name: Reboot the system to apply SELinux changes (local)
|
|
command: shutdown -r now "Applying SELinux changes"
|
|
become: True
|
|
when: is_local | bool
|
|
|
|
- name: Reboot the machine to apply SELinux
|
|
reboot:
|
|
reboot_timeout: "{{ disable_selinux_reboot_timeout }}"
|
|
msg: Applying SELinux changes
|
|
become: true
|
|
when: not is_local | bool
|
|
when:
|
|
- disable_selinux_do_reboot | bool
|
|
- selinux_result is changed
|