From 29a347fbb422162418436c78f299b8317cd744d6 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Tue, 6 Jan 2015 19:45:58 +0000
Subject: [PATCH] Selinux boolean for haproxy.

---
 roles/haproxy/tasks/main.yml | 14 ++++++++++++++
 1 file changed, 14 insertions(+)

diff --git a/roles/haproxy/tasks/main.yml b/roles/haproxy/tasks/main.yml
index 154fd90c58..8b0b159186 100644
--- a/roles/haproxy/tasks/main.yml
+++ b/roles/haproxy/tasks/main.yml
@@ -47,3 +47,17 @@
   - { file: 503.http, dest: /etc/haproxy/503.http }
   tags:
   - haproxy
+
+- name: Install libsemanage-python so we can manage selinux with python...
+  yum: name=libsemanage-python state=installed
+  tags:
+  - haproxy
+  - selinux
+
+- name: Turn on certain selinux booleans so haproxy can bind to ports
+  seboolean: name={{ item }} state=true persistent=true
+  with_items:
+  - haproxy_connect_any
+  tags:
+  - haproxy
+  - selinux