From 063c2d0be125339ecd6fbad9870869735fe9c5c9 Mon Sep 17 00:00:00 2001 From: Alessandro Fael Garcia Date: Thu, 10 Dec 2020 12:46:29 +0100 Subject: [PATCH] SELinux state should now be correctly set back to `enforcing` (#351) --- CHANGELOG.md | 4 ++++ tasks/prerequisites/setup-selinux.yml | 7 +------ 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c83d271..94abe05 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,10 @@ ENHANCEMENTS: Switch NGINX keysites and OSS default repository data from a dictionary to individual variables to prevent potential issues arisen from Jinja2 dictionary run-time evaluations. +BUG FIXES: + +Fix issue whereas SELinux state would not be correctly set back to `enforcing` when `nginx_selinux: true`. + ## 0.18.0 (November 13, 2020) BREAKING CHANGES: diff --git a/tasks/prerequisites/setup-selinux.yml b/tasks/prerequisites/setup-selinux.yml index d02df3a..72aa8f5 100644 --- a/tasks/prerequisites/setup-selinux.yml +++ b/tasks/prerequisites/setup-selinux.yml @@ -21,8 +21,6 @@ selinux: state: permissive policy: targeted - changed_when: false - when: ansible_facts['selinux']['mode'] == "enforcing" - name: Allow SELinux HTTP network connections seboolean: @@ -96,7 +94,4 @@ selinux: state: enforcing policy: targeted - changed_when: false - when: - - nginx_selinux_enforcing | bool - - ansible_facts['selinux']['mode'] == "permissive" + when: nginx_selinux_enforcing | bool