From 442fd1b92df0cb718c35355d8aea416aa0e41b64 Mon Sep 17 00:00:00 2001 From: Tim Flink Date: Tue, 18 Aug 2020 18:23:23 -0600 Subject: [PATCH] blockerbugs: set another sebool so openid works Turns out that the httpd_can_network_connect sebool has to be set in newer OSs (previous was el7) in order for python_openid to be able to initiate discovery as part of login. This is a simple change that sets httpd_can_network_connect to 1 for the blockerbugs role that should only affect machines running the app. --- roles/blockerbugs/tasks/main.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/blockerbugs/tasks/main.yml b/roles/blockerbugs/tasks/main.yml index f271d0a000..8eecca479c 100644 --- a/roles/blockerbugs/tasks/main.yml +++ b/roles/blockerbugs/tasks/main.yml @@ -41,6 +41,12 @@ - httpd - blockerbugs +- name: allow httpd to connect to network, enabling openid + seboolean: name=httpd_can_network_connect state=true persistent=true + tags: + - config + - blockerbugs + - name: set sebooleans so blockerbugs can talk to the db seboolean: name=httpd_can_network_connect_db state=true persistent=true tags: