-
Notifications
You must be signed in to change notification settings - Fork 70
/
nrpe-selinux.yml
41 lines (33 loc) · 1018 Bytes
/
nrpe-selinux.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
---
- name: nrpe - Install SELinux dependencies
package:
name: "{{ nrpe_selinux_packages|list }}"
state: installed
# ignore_errors in case we don't have any repos
- name: nrpe - Ensure SELinux policy is up to date
package:
name: selinux-policy-targeted
state: latest
ignore_errors: true
- name: nrpe - Set SELinux boolean nagios_run_sudo true
seboolean:
name: nagios_run_sudo
state: yes
persistent: yes
- name: nrpe - Remove SELinux policy package
command: semodule -r nrpe
failed_when: false
- name: nrpe - Copy SELinux type enforcement file
copy:
src: nagios/nrpe.te
dest: /tmp/nrpe.te
- name: nrpe - Compile SELinux module file
command: checkmodule -M -m -o /tmp/nrpe.mod /tmp/nrpe.te
- name: nrpe - Build SELinux policy package
command: semodule_package -o /tmp/nrpe.pp -m /tmp/nrpe.mod
- name: nrpe - Load SELinux policy package
command: semodule -i /tmp/nrpe.pp
- name: nrpe - Remove temporary files
file:
path: /tmp/nrpe.*
state: absent