1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
community.general/plugins/modules/system
patchback[bot] e646d21935
seport: add local argument (#5203) (#5218)
Using `local: true` users can enforce to work only with local policy
modifications. i.e.

    # Without `local`, no new modification is added when port already exists
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C

    # With `local`, a port is always added/changed in local modification list
    $ sudo ansible -m seport -a 'ports=22 state=present setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "present"
    }

    $ sudo semanage port -l -C
    SELinux Port Type              Proto    Port Number

    ssh_port_t                     tcp      22

    # With `local`, seport removes the port only from local modifications
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | CHANGED => {
        "changed": true,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    $ sudo semanage port -l -C

    # Even though the port is still defined in system policy, the module
    # result is success as there's no port local modification
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp local=true' localhost

    localhost | SUCCESS => {
        "changed": false,
        "ports": [
            "22"
        ],
        "proto": "tcp",
        "setype": "ssh_port_t",
        "state": "absent"
    }

    # But it fails without `local` as it tries to remove port defined in
    # system policy
    $ sudo ansible -m seport -a 'ports=22 state=absent setype=ssh_port_t proto=tcp' localhost

    An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ValueError: Port tcp/22 is defined in policy, cannot be deleted
    localhost | FAILED! => {
        "changed": false,
        "msg": "ValueError: Port tcp/22 is defined in policy, cannot be deleted\n"
    }

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
(cherry picked from commit 4c52fdb9d9)

Co-authored-by: Petr Lautrbach <plautrba@redhat.com>
2022-09-03 11:58:47 +02:00
..
aix_devices.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
aix_filesystem.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
aix_inittab.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
aix_lvg.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
aix_lvol.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
alternatives.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
awall.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
beadm.py Fix linting errors; fix some real bugs (#5111) (#5114) 2022-08-12 12:33:02 +02:00
capabilities.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
cronvar.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
crypttab.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
dconf.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
dpkg_divert.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
facter.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
filesystem.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
gconftool2.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
gconftool2_info.py Fix copyright lines (make sure 'Copyright' is there). (#5083) (#5084) 2022-08-05 22:45:15 +02:00
homectl.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
interfaces_file.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
iptables_state.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
java_cert.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
java_keystore.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
kernel_blacklist.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
keyring.py Fix linting errors; fix some real bugs (#5111) (#5114) 2022-08-12 12:33:02 +02:00
keyring_info.py Fix linting errors; fix some real bugs (#5111) (#5114) 2022-08-12 12:33:02 +02:00
launchd.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
lbu.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
listen_ports_facts.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
locale_gen.py Fix more copyright lines, add more default copyright lines (#5095) (#5096) 2022-08-08 15:19:46 +02:00
lvg.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
lvol.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
make.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
mksysb.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
modprobe.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
nosh.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
ohai.py Fix copyright lines (make sure 'Copyright' is there). (#5083) (#5084) 2022-08-05 22:45:15 +02:00
open_iscsi.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
openwrt_init.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
osx_defaults.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
pam_limits.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
pamd.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
parted.py Fix linting errors; fix some real bugs (#5111) (#5114) 2022-08-12 12:33:02 +02:00
pids.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
puppet.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
python_requirements_info.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
runit.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
sap_task_list_execute.py Fix linting errors; fix some real bugs (#5111) (#5114) 2022-08-12 12:33:02 +02:00
sefcontext.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
selinux_permissive.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
selogin.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
seport.py seport: add local argument (#5203) (#5218) 2022-09-03 11:58:47 +02:00
shutdown.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
solaris_zone.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
ssh_config.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
sudoers.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
svc.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
syspatch.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
sysrc.py Fix copyright lines (make sure 'Copyright' is there). (#5083) (#5084) 2022-08-05 22:45:15 +02:00
sysupgrade.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
timezone.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00
ufw.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
vdo.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
xfconf.py Adjust booleans in system modules (#5153) (#5178) 2022-08-24 20:46:48 +02:00
xfconf_info.py Fix copyright lines (make sure 'Copyright' is there). (#5083) (#5084) 2022-08-05 22:45:15 +02:00
xfs_quota.py Move licenses to LICENSES/, run add-license.py, add LICENSES/MIT.txt (#5065) (#5068) 2022-08-05 13:17:19 +02:00