On 9/16/19 3:45 PM, Keith Mills wrote: > Hi Stefan, > > I'm working on a task for SELinux that I need to install dependencies, set > SELinux to permissive mode, etc. This is for > RHEL, SLES, and Debian. Also The policy for RHEL and Debian are named > differently (RHEL = targeted) and (Debian = > default), I currently don't know what the poilicy for SLES is named. Also, I > need to register set_selinux and > task_result for this because if I don't register them my task doesn't work. > I'm still quite new to Ansible so some > things are still confusing. I don't understand the set_fact task!!!! Here is > my selinux.yaml: > > | > --- > -name:install selinux dependencies whenselinux isinstalled on Debian > apt: > name:['policycoreutils','checkpolicy','selinux-basics','python-selinux'] > state:present > when:ansible_distribution|lower =='debian' > -name:SetSELinuxto permissive mode |RHEL > selinux: > policy:targeted > state:permissive > register:set_selinux > register:task_result > when:ansible_distribution|lower =='redhat' > -name:SetSELinuxto permissive mode |Debian > selinux: > policy:default > state:permissive > register:set_selinux > register:task_result > when: > -ansible_selinux_python_present|bool > -ansible_distribution|lower =='debian' > -name:Rebootthe server andwait forit to come back up. > reboot: > when:task_result ischanged > ... > >
Hello Keith,
it is certainly possible to have only one task for setting the permissive mode
by setting up the variable parts before
that or use templating in the task arguments.
E.g. something like
selinux_details:
redhat:
policy: targeted
debian:
policy: default
And in the task:
policy: "{{ selinux_details[ansible_distribution|lower] }}"
Disclaimer: not tested
Regards
Racke
>
>
>
> On Monday, September 16, 2019 at 8:31:16 AM UTC-5, Stefan Hornburg (Racke)
> wrote:
>
> On 9/16/19 3:23 PM, Keith Mills wrote:
> > Hello All,
> >
> > I have an Ansible task and I want to register multiple variables inside
> it, how do I achieve this? It doesn't seem
> that
> > a list or a comma separated string would work.
> >
> > This is what I have:
> >
> > |
> > -name:SetSELinuxto permissive mode |RHEL
> > selinux:
> > policy:targeted
> > state:permissive
> > register:set_selinux,task_result
> > when:ansible_distribution|lower =='redhat'
> > |
> >
> > I want to do something like this:
> >
> > |
> > -name:mytask
> > module_name:
> > <some more params>
> > register:[var1,var2]
> > |
> >
> > If I add |register: var1 \n register: var2| then I get the following
> Error:
> >
> > |
> > Thefield 'register'issupposed to be a stringtype,however the incoming
> data structure isa
> > <class'ansible.parsing.yaml.objects.AnsibleSequence'>
> >
> > |
> >
> >
> > How do I resolve this issue?
>
> It is really unclear to me why you want to do this, so please explain.
> You will receive better answers when you explain your objectives.
>
> At any rate, you can easily copy the registered variable in a separate
> set_fact task.
>
> Regards
> Racke
>
>
> >
> > --
> > You received this message because you are subscribed to the Google
> Groups "Ansible Project" group.
> > To unsubscribe from this group and stop receiving emails from it, send
> an email to
> > [email protected] <javascript:>
> <mailto:[email protected] <javascript:>>.
> > To view this discussion on the web visit
> >
> https://groups.google.com/d/msgid/ansible-project/ee5ace8c-dbda-4238-8474-9f6b1c6992ca%40googlegroups.com
>
> <https://groups.google.com/d/msgid/ansible-project/ee5ace8c-dbda-4238-8474-9f6b1c6992ca%40googlegroups.com>
> >
>
> <https://groups.google.com/d/msgid/ansible-project/ee5ace8c-dbda-4238-8474-9f6b1c6992ca%40googlegroups.com?utm_medium=email&utm_source=footer
>
> <https://groups.google.com/d/msgid/ansible-project/ee5ace8c-dbda-4238-8474-9f6b1c6992ca%40googlegroups.com?utm_medium=email&utm_source=footer>>.
>
>
>
> --
> Ecommerce and Linux consulting + Perl and web application programming.
> Debian and Sympa administration. Provisioning with Ansible.
>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to
> [email protected]
> <mailto:[email protected]>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/8e74b7f2-2f79-4282-8d4a-887ae8eeaa20%40googlegroups.com
> <https://groups.google.com/d/msgid/ansible-project/8e74b7f2-2f79-4282-8d4a-887ae8eeaa20%40googlegroups.com?utm_medium=email&utm_source=footer>.
--
Ecommerce and Linux consulting + Perl and web application programming.
Debian and Sympa administration. Provisioning with Ansible.
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/9363bf01-2163-80a4-7814-8bbab2a848fe%40linuxia.de.
signature.asc
Description: OpenPGP digital signature
