Merge pull request #15 from khaledk2/use_ansible_facts

Use ansible fact to set the selinux_enabled value
ome · Apr 3, 2024 · 4469342 · 4469342
2 parents 5177323 + 05e7ae4
commit 4469342
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 46 deletions.
diff --git a/meta/main.yml b/meta/main.yml
@@ -4,7 +4,7 @@ galaxy_info:
   description: Installs utilities and sets variable for interacting with SELinux
   company: Open Microscopy Environment
   license: BSD
-  min_ansible_version: 2.3
+  min_ansible_version: 2.10
   platforms:
     - name: EL
       versions:

diff --git a/molecule/default/Dockerfile.j2 b/molecule/default/Dockerfile.j2
diff --git a/tasks/main.yml b/tasks/main.yml
@@ -1,31 +1,9 @@
 ---
 # tasks file for roles/selinux-utils
 
-# NOTE: The Ansible variable `ansible_selinux.status == "enabled"` should
-# autodetect SELinux, but may give a misleading result if a dependency is
-# missing: https://github.com/ansible/ansible/issues/16612
-# so use getenforce instead
-
-# Always run including in check mode
-- name: selinux | check exists
-  stat:
-    path: /usr/sbin/getenforce
-  register: selinux_getenforce_st
-  check_mode: false
-
-- name: selinux | check enabled
-  become: true
-  command: /usr/sbin/getenforce
-  register: selinux_getenforce
-  check_mode: false
-  changed_when: false
-  when: selinux_getenforce_st.stat.exists
-
 - name: system packages | set selinux variable
   set_fact:
-    selinux_enabled: >-
-      {{ selinux_getenforce_st.stat.exists and
-         selinux_getenforce.stdout != 'Disabled' }}
+    selinux_enabled: "{{ ansible_facts.selinux.status == 'enabled' }}"
 
 - name : check rocky.repo file
   stat: