Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Module seboolean: added support for list syntax for name parameter #53608

Open
wants to merge 4 commits into
base: devel
from

Conversation

Projects
None yet
2 participants
@esantoro
Copy link

esantoro commented Mar 10, 2019

The new syntax allows the following (previously not possible):

- name: set all the above selinux booleans using list syntax
  seboolean:
    # old syntax (still available and working):
    #name: samba_share_nfs
    # new syntax:
    name: [samba_share_nfs, samba_export_all_ro, samba_export_all_rw]
    state: yes
    persistent: yes

Note: this commit does not break old syntax in my tests.

I agree to Ansible's Contributors License Agreement as stated in https://docs.ansible.com/ansible/latest/community/contributor_license_agreement.html

Module seboolean: added support for list syntax for name parameter
The new syntax allows the following (previously not possible):

- name: set all the above selinux booleans using list syntax
  seboolean:
    # old syntax (still available and working):
    #name: samba_share_nfs
    # new syntax:
    name: [samba_share_nfs, samba_export_all_ro, samba_export_all_rw]
    state: yes
    persistent: yes

Note: this commit does not break old syntax in my tests.
@esantoro

This comment has been minimized.

Copy link
Author

esantoro commented Mar 10, 2019

Here is an ansible playbook sampling the new possibilities:

---
- hosts: all
  become: yes
  become_method: sudo
  tasks:
    - name: install seboolean-python
      yum:
        name: libsemanage-python
        state: present
    
    - name: set samba_share_nfs selinux boolean using old syntax
      seboolean:
        name: samba_share_nfs
        state: yes
        persistent: yes

    - name: set samba_export_all_ro selinux boolean using old syntax
      seboolean:
        name: samba_export_all_ro
        state: yes
        persistent: yes

    - name: set samba_export_all_rw selinux boolean using old syntax
      seboolean:
        name: samba_export_all_rw
        state: yes
        persistent: yes


    - name: set all the above selinux booleans using list syntax
      seboolean:
        #name: samba_share_nfs
        name: [samba_share_nfs, samba_export_all_ro, samba_export_all_rw]
        state: no
        persistent: yes

    - name: set all the above selinux booleans using items syntax
      seboolean:
        #name: samba_share_nfs
        name: "{{ item }}"
        state: yes
        persistent: yes
      with_items:
        - samba_share_nfs
        - samba_export_all_ro
        - samba_export_all_rw

    - name: set them all again to for testing purpose
      ## this is to be able to run the playbook over and over again
      seboolean:
        #name: samba_share_nfs
        name: "{{ item }}"
        state: no
        persistent: yes
      with_items:
        - samba_share_nfs
        - samba_export_all_ro
        - samba_export_all_rw

In my tests I am able to run such playbook (thus mixing old syntax and new syntax) without issues.

@ansibot

This comment has been minimized.

Copy link
Contributor

ansibot commented Mar 10, 2019

@esantoro

This comment has been minimized.

Copy link
Author

esantoro commented Mar 10, 2019

As suggested by felixfontein on irc (#ansible-devel on freenode) in commit ec0cc8d i am returning a string if the name parameter is a single name, and a list of names if multiple selinux boolean names are provided.

@esantoro esantoro force-pushed the esantoro:devel branch 2 times, most recently from a976a4a to f9b0333 Mar 10, 2019

@esantoro

This comment has been minimized.

Copy link
Author

esantoro commented Mar 10, 2019

All checks are passing now. I can squash all commits into one, if needed.

@ansibot ansibot added core_review and removed needs_revision labels Mar 10, 2019

@esantoro

This comment has been minimized.

Copy link
Author

esantoro commented Mar 13, 2019

@sfromm any news ?

1 similar comment
@esantoro

This comment has been minimized.

Copy link
Author

esantoro commented Mar 20, 2019

@sfromm any news ?

@ansibot ansibot added the stale_ci label Mar 20, 2019

@esantoro esantoro force-pushed the esantoro:devel branch from f9b0333 to 61696e2 Mar 20, 2019

@ansibot ansibot removed the stale_ci label Mar 20, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.