r/base: Clear facts after installing python-selinux
If the Python bindings for SELinux policy management are not installed
when Ansible gathers host facts, no SELinux-related facts will be set.
Thus, any tasks that are conditional based on these facts will not run.
Typically, such tasks are required for SELinux-enabled hosts, but must
not be performed for non-SELinux hosts. If they are not run when they
should, the deployment may fail or applications may experience issues at
runtime.
To avoid these potential issues, the *base* role now forces Ansible to
gather facts again if it installed the Python SELinux bindings.
Note: one might suggest using `meta: clear_facts` instead of `setup` and
letting Ansible decide if and when to gather facts again. Unfortunately,
this for some reason doesn't work; the `clear_facts` meta task just
causes Ansible to crash with a "shared connection to {host} closed."
btop
parent
9408ee31c3
commit
bc4c7edbad
|
|
@ -0,0 +1,2 @@
|
||||||
|
- name: gather facts
|
||||||
|
setup:
|
||||||
|
|
@ -10,6 +10,8 @@
|
||||||
package:
|
package:
|
||||||
name: '{{ selinux_python_libs }}'
|
name: '{{ selinux_python_libs }}'
|
||||||
state: present
|
state: present
|
||||||
|
notify:
|
||||||
|
- gather facts
|
||||||
tags:
|
tags:
|
||||||
- install
|
- install
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue