1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Commit graph

9 commits

Author SHA1 Message Date
Petr Lautrbach
4c52fdb9d9
seport: add local argument (#5203)
Using `local: true` users can enforce to work only with local policy
modifications. i.e.

    # Without `local`, no new modification is added when port already exists
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C

    # With `local`, a port is always added/changed in local modification list
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C
    SELinux Port Type              Proto    Port Number

    ssh_port_t                     tcp      22

    # With `local`, seport removes the port only from local modifications
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    $ sudo semanage port -l -C

    # Even though the port is still defined in system policy, the module
    # result is success as there's no port local modification
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    # But it fails without `local` as it tries to remove port defined in
    # system policy
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp' localhost

    An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ValueError: Port tcp/22 is defined in policy, cannot be deleted
    localhost | FAILED! => {
        "changed": false,
        "msg": "ValueError: Port tcp/22 is defined in policy, cannot be deleted\n"
    }

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2022-09-03 11:53:57 +02:00
Felix Fontein
be2de15c66
Adjust booleans in system modules (#5153)
* Adjust booleans in system modules.

* Fix some IP addresses

Co-authored-by: Sandra McCann <samccann@redhat.com>

Co-authored-by: Sandra McCann <samccann@redhat.com>
2022-08-24 19:59:01 +02:00
Felix Fontein
123c7efe5e
Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065)
* Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt.

* Replace 'Copyright:' with 'Copyright'

sed -i 's|Copyright:\(.*\)|Copyright\1|' $(rg -l 'Copyright:')

Co-authored-by: Maxwell G <gotmax@e.email>
2022-08-05 12:28:29 +02:00
Alexei Znamensky
7e6a2453d0
seport: minor refactor (#4471)
* seport: minor refactor

* added changelog fragment

* Update plugins/modules/system/seport.py

Co-authored-by: Felix Fontein <felix@fontein.de>

* Update plugins/modules/system/seport.py

Co-authored-by: Felix Fontein <felix@fontein.de>
2022-04-10 14:34:15 +02:00
Felix Fontein
fafabed9e6
Replace ansible.module_utils._text by ansible.module_utils.common.text.converters (#2877)
* Replace ansible.module_utils._text by ansible.module_utils.common.text.converters.

* Also adjust tests.
2021-06-26 23:59:11 +02:00
Alexei Znamensky
1202d034b3
Enabling validation-modules for system modules (#1212)
* fixed validation-modules for aix_devices.py

* fixed validation-modules for aix_filesystem.py

* fixed validation-modules for aix_inittab.py

* fixed validation-modules for aix_lvg.py

* fixed validation-modules for aix_lvol.py

* fixed validation-modules for awall.py

* fixed validation-modules for dconf.py

* fixed validation-modules for gconftool2.py

* fixed validation-modules for interfaces_file.py

* fixed validation-modules for java_keystore.py

* fixed validation-modules for kernel_blacklist.py

* fixed validation-modules for plugins/modules/system/lbu.py

* fixed validation-modules for plugins/modules/system/locale_gen.py

* fixed validation-modules for plugins/modules/system/lvg.py

* fixed validation-modules for plugins/modules/system/lvol.py

* fixed validation-modules for plugins/modules/system/mksysb.py

* fixed validation-modules for plugins/modules/system/modprobe.py

* fixed validation-modules for plugins/modules/system/nosh.py

* fixed validation-modules for plugins/modules/system/open_iscsi.py

* fixed validation-modules for plugins/modules/system/openwrt_init.py

* fixed validation-modules for plugins/modules/system/osx_defaults.py

* fixed validation-modules for plugins/modules/system/pamd.py

* fixed validation-modules for plugins/modules/system/pam_limits.py

* fixed validation-modules for plugins/modules/system/parted.py

* fixed validation-modules for plugins/modules/system/puppet.py

* fixed validation-modules for plugins/modules/system/python_requirements_info.py

* fixed validation-modules for plugins/modules/system/runit.py

the parameter "dist" is not used anywhere in the module

* fixed validation-modules for plugins/modules/system/sefcontext.py

* fixed validation-modules for plugins/modules/system/selogin.py

* fixed validation-modules for plugins/modules/system/seport.py

* fixed validation-modules for plugins/modules/system/solaris_zone.py

* fixed validation-modules for plugins/modules/system/syspatch.py

* fixed validation-modules for plugins/modules/system/vdo.py

* fixed validation-modules for plugins/modules/system/xfconf.py

* removed ignore almost all validate-modules lines in system

* removed unnecessary validations, per shippable test

* kernel_blacklist: keeping blacklist_file as str instead of path

* mksysb: keeping storage_path as str instead of path

* pam_limits: keeping dest as str instead of path

* rollback on adding doc for puppet.py legacy param

* rolledback param seuser required in selogin module

* rolledback changes in runit

* rolledback changes in osx_defaults

* rolledback changes in aix_defaults
2020-11-04 09:02:50 +01:00
Andrew Klychkov
41cfdda6a3
modules: fix examples to use FQCN (#644)
* modules: fix examples to use FQCN

* fix

* fix

* fix
2020-07-13 21:50:31 +02:00
Andrew Klychkov
5d226f86b6
Remove ANSIBLE_METADATA (#339)
* Remove ANSIBLE_METADATA

* remove from other modules

* remove from plugins and scripts
2020-05-14 14:03:42 +01:00
Ansible Core Team
aebc1b03fd Initial commit 2020-03-09 09:11:07 +00:00