ansible-node-exporter
ansible-node-exporter copied to clipboard
cloudalchemy
"Allow node_exporter port in SELinux on RedHat OS family" fails on Debian9 with SELinux enabled
What happened?
Seems this task is not working against a debian9 with SELinux enabled.
- name: Allow node_exporter port in SELinux on RedHat OS family
seport:
ports: "{{ node_exporter_web_listen_address.split(':')[-1] }}"
proto: tcp
setype: http_port_t
state: present
when:
- ansible_version.full is version_compare('2.4', '>=')
- ansible_selinux.status == "enabled"
TASK [cloudalchemy.node-exporter : Allow node_exporter port in SELinux on RedHat OS family] **************************************************************************************
Monday 28 December 2020 12:09:27 +0100 (0:00:01.755) 0:00:24.342 *******
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ImportError: No module named seobject
fatal: [debian8-server]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (policycoreutils-python) on debian8-server's Python /usr/bin/python. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}
However the seport module is not tested against debian (https://docs.ansible.com/ansible/2.9/modules/seport_module.html#notes).
I'm not sure but probably the best idea is to disable the task by adding
- not ansible_distribution | lower == "debian"
If you agree I can do a PR.
Environment
-
Role version:
cloudalchemy.node-exporter (0.22.0)
-
Ansible version information:
ansible 2.9.14
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/my/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/dist-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.18 (default, Aug 4 2020, 11:16:42) [GCC 9.3.0]
- Target packages:
# dpkg -l | grep -i selinux
ii checkpolicy 2.6-2 amd64 SELinux policy compiler
ii libselinux1:amd64 2.6-3+b3 amd64 SELinux runtime shared libraries
ii libsemanage-common 2.6-2 all Common files for SELinux policy management libraries
ii libsemanage1:amd64 2.6-2 amd64 SELinux policy management library
ii libsepol1:amd64 2.6-2 amd64 SELinux library for manipulating binary security policies
ii policycoreutils 2.6-3 amd64 SELinux core policy utilities
ii policycoreutils-dev 2.6-3 amd64 SELinux core policy utilities (development utilities)
ii policycoreutils-python-utils 2.6-3 amd64 SELinux core policy utilities (Python utilities)
ii python-selinux 2.6-3+b3 amd64 Python bindings to SELinux shared libraries
ii python3-selinux 2.6-3+b3 amd64 Python3 bindings to SELinux shared libraries
ii python3-semanage 2.6-2 amd64 Python3 bindings for SELinux policy management
ii python3-sepolgen 2.6-3 all Python3 module used in SELinux policy generation
ii python3-sepolicy 2.6-3 amd64 Python binding for SELinux Policy Analyses
ii selinux-basics 0.5.6 all SELinux basic support
ii selinux-policy-default 2:2.20161023.1-9 all Strict and Targeted variants of the SELinux policy
ii selinux-policy-dev 2:2.20161023.1-9 all Headers from the SELinux reference policy for building modules
ii selinux-utils 2.6-3+b3 amd64 SELinux utility programs
