1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules
patchback[bot] e646d21935
seport: add local argument (#5203) (#5218)
Using `local: true` users can enforce to work only with local policy
modifications. i.e.

    # Without `local`, no new modification is added when port already exists
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C

    # With `local`, a port is always added/changed in local modification list
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C
    SELinux Port Type              Proto    Port Number

    ssh_port_t                     tcp      22

    # With `local`, seport removes the port only from local modifications
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    $ sudo semanage port -l -C

    # Even though the port is still defined in system policy, the module
    # result is success as there's no port local modification
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    # But it fails without `local` as it tries to remove port defined in
    # system policy
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp' localhost

    An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ValueError: Port tcp/22 is defined in policy, cannot be deleted
    localhost | FAILED! => {
        "changed": false,
        "msg": "ValueError: Port tcp/22 is defined in policy, cannot be deleted\n"
    }

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
(cherry picked from commit 4c52fdb9d9)

Co-authored-by: Petr Lautrbach <plautrba@redhat.com>
2022-09-03 11:58:47 +02:00
..
cloud Fix exception when agent argument is not specified. (#5194) (#5195) 2022-08-28 12:16:07 +02:00
clustering Adjust booleans in net tools, web infrastructure, and clustering modules. (#5159) (#5173) 2022-08-24 20:22:02 +02:00
database Adjust booleans in misc modules. (#5160) (#5174) 2022-08-24 20:29:08 +02:00
files Adjust booleans in misc modules. (#5160) (#5174) 2022-08-24 20:29:08 +02:00
identity Adjust booleans in misc modules. (#5160) (#5174) 2022-08-24 20:29:08 +02:00
monitoring Adjust booleans in monitoring modules. (#5156) (#5170) 2022-08-24 20:47:17 +02:00
net_tools Adjust booleans in net tools, web infrastructure, and clustering modules. (#5159) (#5173) 2022-08-24 20:22:02 +02:00
notification Adjust booleans in notification modules. (#5157) (#5171) 2022-08-24 20:48:53 +02:00
packaging Fix indent. (#5177) (#5179) 2022-08-24 20:53:26 +02:00
remote_management Update redfish module for compatibility with VirtualMedia resource location (#5124) (#5180) 2022-08-24 21:44:44 +02:00
source_control Adjust booleans in source control modules. (#5158) (#5172) 2022-08-24 20:21:52 +02:00
storage Adjust booleans in misc modules. (#5160) (#5174) 2022-08-24 20:29:08 +02:00
system seport: add local argument (#5203) (#5218) 2022-09-03 11:58:47 +02:00
web_infrastructure Adjust booleans in net tools, web infrastructure, and clustering modules. (#5159) (#5173) 2022-08-24 20:22:02 +02:00