base: ensure iptables is installed

Signed-off-by: Mark O Brien <markobri@redhat.com>
This commit is contained in:
Mark O Brien 2021-12-21 17:06:32 +00:00
parent de2279d2cb
commit 148f8307d7

View file

@ -16,8 +16,8 @@
- selinux - selinux
when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat' when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'
# #
# On fedora and rhel larger than 7, all we need is policycoreutils-python-utils, # On fedora and rhel larger than 7, all we need is policycoreutils-python-utils,
# which in turn pulls in python3-policycoreutils # which in turn pulls in python3-policycoreutils
# #
- name: ensure packages required for semanage are installed (fedora/rhel8) - name: ensure packages required for semanage are installed (fedora/rhel8)
@ -97,7 +97,7 @@
# - restart NetworkManager # - restart NetworkManager
- reload NetworkManager-connections - reload NetworkManager-connections
- apply interface-changes - apply interface-changes
when: when:
- virthost is not defined - virthost is not defined
- item.startswith(('eth','br','enc','em','eno')) - item.startswith(('eth','br','enc','em','eno'))
- hostvars[inventory_hostname]['ansible_' + item.replace('-','_')]['type'] == 'ether' - hostvars[inventory_hostname]['ansible_' + item.replace('-','_')]['type'] == 'ether'
@ -229,6 +229,12 @@
- base - base
when: ansible_distribution_major_version|int > 31 and ansible_distribution == 'Fedora' or ansible_distribution == 'RedHat' when: ansible_distribution_major_version|int > 31 and ansible_distribution == 'Fedora' or ansible_distribution == 'RedHat'
- name: Ensure iptables is installed
dnf: state=present name=iptables
tags:
- packages
- base
- name: iptables - name: iptables
template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore --test %s" template: src={{ item }} dest=/etc/sysconfig/iptables mode=0600 validate="/sbin/iptables-restore --test %s"
with_first_found: with_first_found:
@ -551,8 +557,8 @@
- config - config
- krb5 - krb5
# rhel8 hosts do not have /usr/bin/python, but there are a few things we call # rhel8 hosts do not have /usr/bin/python, but there are a few things we call
# with that because they also run the same on python2 hosts. # with that because they also run the same on python2 hosts.
# So, we set python3 to /usr/bin/python on those hosts: # So, we set python3 to /usr/bin/python on those hosts:
- name : ensure that platform-python is installed on EL8 boxes - name : ensure that platform-python is installed on EL8 boxes
package: name={{ item }} state=present package: name={{ item }} state=present