blockerbugs: set another sebool so openid works

Turns out that the httpd_can_network_connect sebool has to be set in
newer OSs (previous was el7) in order for python_openid to be able to
initiate discovery as part of login.

This is a simple change that sets httpd_can_network_connect to 1 for the
blockerbugs role that should only affect machines running the app.
This commit is contained in:
Tim Flink 2020-08-18 18:23:23 -06:00
parent ff6841eff6
commit 442fd1b92d

View file

@ -41,6 +41,12 @@
- httpd - httpd
- blockerbugs - blockerbugs
- name: allow httpd to connect to network, enabling openid
seboolean: name=httpd_can_network_connect state=true persistent=true
tags:
- config
- blockerbugs
- name: set sebooleans so blockerbugs can talk to the db - name: set sebooleans so blockerbugs can talk to the db
seboolean: name=httpd_can_network_connect_db state=true persistent=true seboolean: name=httpd_can_network_connect_db state=true persistent=true
tags: tags: