| --- |
| - name: Refresh setup facts |
| setup: |
| |
| - name: Report selinux status |
| debug: |
| var: ansible_selinux.status |
| |
| - name: Indicate whether selinux is disabled |
| cache: |
| key: selinux_disabled |
| value: "{{ ansible_selinux.status == 'disabled' }}" |
| |
| - name: Permanently disable SELINUX |
| selinux: state=disabled |
| when: not selinux_disabled |
| |
| - name: Restart node |
| debug: |
| msg: 'SELinux MUST be disabled, selinux has been updated, please restart node now...' |
| when: not selinux_disabled |
| |
| #- name: Restarting node now |
| # ignore_errors: yes |
| # become: yes |
| # shell: 'reboot now' |
| # when: not selinux_disabled |
| # async: 0 |
| # poll: 0 |
| # |
| #- name: Waiting for server to complete restarting |
| # become: no |
| # local_action: wait_for host='{{ ansible_host }}' state=started delay={{ start_check_delay | d(5) }} timeout='{{ server_restart_timeout | d(30) }}' |
| # when: not selinux_disabled |
| # |
| #- name: Server usually needs a little more time ... |
| # become: no |
| # local_action: wait_for host='{{ ansible_host }}' state=started delay={{ start_check_delay | d(5) }} |
| # when: not selinux_disabled |
