Skip to content

Commit ac442ba

Browse files
dlouksdlouks
authored
Do not set SELinux to permissive when it is enabled in check mode (#212)
1 parent d9c0ae7 commit ac442ba

File tree

2 files changed

+2
-0
lines changed

2 files changed

+2
-0
lines changed

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,7 @@ FEATURES:
3333
BUG FIXES:
3434

3535
* Fix a bug when using a single `custom_directives` entry and the http template.
36+
* Fix check mode issue when running with SELinux enabled. Role no longer reports a change in check mode when setting the host to permissive mode.
3637
* Fix typo in the REST API template.
3738
* Fix incorrect REST API and status log variable names in [`defaults/main/template.yml`](https://github.com/nginxinc/ansible-role-nginx-config/blob/main/defaults/main/template.yml).
3839
* Fix bugged conditional check in the `http/ssl.j2` Jinja2 template.

tasks/prerequisites/setup-selinux.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@
2121
selinux:
2222
state: permissive
2323
policy: targeted
24+
when: not (ansible_check_mode and nginx_config_selinux_enforcing)
2425

2526
- name: Allow SELinux HTTP network connections
2627
seboolean:

0 commit comments

Comments
 (0)