Dependency problem in linux/system/selinux.sls #182
Comments
wasfree
pushed a commit
to FHE3/salt-formula-linux
that referenced
this issue
Nov 21, 2018
…m/selinux.sls.
- This change will remove dependecy from linux/system/repo.sls in linux/system/selinux.sls.
- It also change structure from pillars selinux
old:
linux:
system:
...
selinux: permissive
new:
linux:
system:
...
selinux:
pkgs: ['policycoreutils', 'policycoreutils-python'],
mode: permissive
wasfree
pushed a commit
to FHE3/salt-formula-linux
that referenced
this issue
Nov 22, 2018
- We will check now if pillar system.selinux is a map for new format - If system.selinux is not a map use old format - policycoreutils and policycoreutils-python are not nessasary for basic selinux configuration we need this packages later to add selinux rules. - Added new format to test pillars
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
right now this formula will install general required packages that defined in map.jinja system.pkgs linux/system/repo.sls. So if any other system module requires this packages we need to include system.repo and add require_in. But this will cause that we enabled more modules than we expect. In my case i see always refresh_db even if system.repo is not defined in pillars. There are 2 potential solutions for this issue.
add another if clause after linux_repo_prereq_pkgs to linux/system/repo.sls like {%- if system.repo|length > 0 %}, so include will only see linux_repo_prereq_pkgs.
change pillar structure for selinux in system like this (Unfortunately this is not backward compatible if value was changed) :
current:
new:
I would prefer solution 2. this will only effect RedHat os family, because linux/system/selinux.sls is only written for this group at the moment.
I will add an merge request to fix this dependency issue
The text was updated successfully, but these errors were encountered: