Skip to content

Commit

Permalink
Merge pull request #645 from berndfinger/issue-641
Browse files Browse the repository at this point in the history
sap_hana_preconfigure: Catch SELinux disabled
  • Loading branch information
berndfinger authored Feb 9, 2024
2 parents 541ee07 + 00b1b30 commit 99d3039
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@

- name: SELinux - Warn if the SELinux file contexts cannot be set
ansible.builtin.debug:
msg: "WARN: The SELinux file context cannot be set on an SELinux disabled system!"
msg: "WARN: The SELinux file contexts cannot be set on an SELinux disabled system!"
when:
- sap_general_preconfigure_modify_selinux_labels
- __sap_general_preconfigure_fact_selinux_mode == 'disabled'
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,18 @@
---

# Set a new SELinux mode variable to the SELinux status if 'disabled' or otherwise to
# the value of the 'mode' member ('permissive' or 'enforcing')
- name: SELinux - Set an SELinux mode variable
ansible.builtin.set_fact:
__sap_hana_preconfigure_fact_selinux_mode: "{{ (ansible_selinux.status == 'disabled') | ternary(ansible_selinux.status, ansible_selinux.mode) }}"

- name: SELinux - Warn if the SELinux file contexts cannot be set
ansible.builtin.debug:
msg: "WARN: The SELinux file contexts cannot be set on an SELinux disabled system!"
when:
- sap_hana_preconfigure_modify_selinux_labels
- __sap_hana_preconfigure_fact_selinux_mode == 'disabled'

- name: SELinux - Configure SELinux file contexts
ansible.builtin.include_role:
name: '{{ sap_hana_preconfigure_system_roles_collection }}.selinux'
Expand All @@ -10,4 +23,6 @@
- "{{ sap_hana_preconfigure_fact_targets_setypes }}"
selinux_restore_dirs:
- "{{ sap_hana_preconfigure_hana_directories }}"
when: sap_hana_preconfigure_modify_selinux_labels
when:
- sap_hana_preconfigure_modify_selinux_labels
- __sap_hana_preconfigure_fact_selinux_mode != 'disabled'

0 comments on commit 99d3039

Please sign in to comment.