small refactoring

2019-10-19 15:34:22 +02:00 · 2019-10-19 15:34:22 +02:00 · 6d70ac83d6
parent aad6658d0c
commit 6d70ac83d6
3 changed files with 15 additions and 3 deletions
--- a/defaults/main.yml
+++ b/defaults/main.yml
@ -1,4 +1,6 @@
 ---
-selinux_enabled: True
+selinux_packages:
+  - policycoreutils-python 
+
 selinux_policy: "targeted"
-selinux_state: "permissive"
+selinux_state: "{{ ansible_selinux.config_mode }}"
--- a/molecule/default/tests/test_default.py
+++ b/molecule/default/tests/test_default.py
@ -12,4 +12,3 @@ testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner(
 def test_selinux_setup(host):
    assert host.command.check_output("/usr/sbin/getenforce") == "Enforcing"
    assert host.package("policycoreutils-python").is_installed
-    assert host.file("/.autorelabel").exists
--- a/tasks/setup.yml
+++ b/tasks/setup.yml
@ -1,5 +1,15 @@
 ---
+- name: Set current selinux policy
+  set_fact:
+     selinux_current: "{{ ansible_selinux.config_mode }}"
+
 - block:
+    - name: Install dependencies
+      package:
+        name: "{{ item }}"
+        state: present
+      loop: "{{ selinux_packages }}"
+
    - name: Set selinux policy
      selinux:
        policy: "{{ selinux_policy }}"
@ -12,6 +22,7 @@
        state: touch
      when:
        - selinux_state == "enforcing"
+        - selinux_current == "disabled"
        - __sestatus.changed
  become: True
  become_user: root