cleanup: remove all the duplicate tests for selinux python bindings in favor of the ones in base.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
2020-05-16 10:54:58 -07:00 · 2020-05-16 10:54:58 -07:00 · 4b7c31a882
commit 4b7c31a882
parent 5432763f39
9 changed files with 7 additions and 53 deletions
--- a/playbooks/include/proxies-websites.yml
+++ b/playbooks/include/proxies-websites.yml
@ -11,31 +11,6 @@
  handlers:
  - import_tasks: "{{ handlers_path }}/restart_services.yml"

-
-  pre_tasks:
-  - name: install libsemanage
-    package:
-      state: present
-      name:
-      - policycoreutils-python-utils
-      - policycoreutils-python
-    tags:
-    - httpd
-    - httpd/website
-    when: (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int < 8) or (ansible_distribution_major_version|int < 30 and ansible_distribution == 'Fedora')
-
-  - name: install libsemanage in a python3 manner
-    package:
-      state: present
-      name:
-      - python3-policycoreutils
-      - policycoreutils-python-utils
-    tags:
-    - httpd
-    - httpd/website
-    when: (ansible_distribution_major_version|int >= 30 and ansible_distribution == 'Fedora') or (ansible_distribution == 'RedHat' and ansible_distribution_major_version|int >= 8)
-
-
  - name: Create /srv/web/ for all the goodies.
    file: >
        dest=/srv/web state=directory
--- a/roles/base/tasks/main.yml
+++ b/roles/base/tasks/main.yml
@ -5,6 +5,9 @@
 # Things in here are things we want to do to every machine no matter what.
 #

+#
+# on rhel6 and rhel7 installing policycoreutils-python is all we need for ansible
+#
 - name: ensure packages required for semanage are installed (rhel 6 and 7)
  package: name={{ item }} state=present
  with_items:
@ -13,6 +16,10 @@
  - selinux
  when: ansible_distribution_major_version|int < 8 and ansible_distribution == 'RedHat'

+# 
+# On fedora and rhel larger than 7, all we need is policycoreutils-python-utils, 
+# which in turn pulls in python3-policycoreutils
+#
 - name: ensure packages required for semanage are installed (fedora/rhel8)
  package: name=policycoreutils-python-utils state=present
  when: ansible_distribution_major_version|int > 7
--- a/roles/collectd/memcached/tasks/main.yml
+++ b/roles/collectd/memcached/tasks/main.yml
@ -8,14 +8,6 @@
  - memcached
  notify: restart collectd

- name: Ensure that semanage is present
-  package: name=policycoreutils-python state=present
-  tags:
-  - collectd/memcached
-  - collectd
-  - memcached
-  - selinux
-
 - name: lastly, set some selinux booleans
  seboolean: name=collectd_tcp_network_connect persistent=yes state=yes
  tags:
--- a/roles/download/tasks/main.yml
+++ b/roles/download/tasks/main.yml
@ -3,10 +3,8 @@
  package: name={{ item }} state=present update_cache=yes
  with_items:
  - bzip2
-  - libsemanage-python 
  - mod_ssl
  - nfs-utils
-  - policycoreutils-python
  tags:
  - packages

--- a/roles/fedmsg/base/tasks/main.yml
+++ b/roles/fedmsg/base/tasks/main.yml
@ -42,15 +42,6 @@
  - fedmsg/base
  when: ansible_distribution_major_version|int < 31 and ansible_distribution == 'Fedora'

- name: install needed packages
-  dnf:
-    name: ['policycoreutils-python-utils']
-    state: present
-  tags:
-  - packages
-  - fedmsg/base
-  when: ansible_distribution_major_version|int > 22
-
 # We only need this on el6.  On el7, the fedmsg package uses systemd-tempfiles
 # to generate this effect for us.  Note that at the bottom of this role we add
 # the nrpe user to the fedmsg group so that it has *write* permissions to a unix
--- a/roles/mailman/tasks/main.yml
+++ b/roles/mailman/tasks/main.yml
@ -7,12 +7,6 @@
 # SELinux
 # TODO: switch to the sefcontext module when we update Ansible to 2.2+
 #
- name: install semanage
-  package: name=policycoreutils-python state=present
-  tags:
-  - mailman
-  - selinux
-
 - name: set the SELinux policy for the configuration directory
  command: semanage fcontext -a -t etc_t "{{ mailman_webui_confdir }}(/.*)?"
  tags:
--- a/roles/pagure/fedmsg/tasks/main.yml
+++ b/roles/pagure/fedmsg/tasks/main.yml
@ -8,7 +8,6 @@
  - fedmsg
  - libsemanage-python
  - python-psutil
-  - policycoreutils-python  # This is in the kickstart now.  Here for old hosts.
  tags:
  - packages
  - pagure
--- a/roles/torrent/tasks/main.yml
+++ b/roles/torrent/tasks/main.yml
@ -11,7 +11,6 @@
  - mktorrent
  - python-simplejson
  - bittorrent
-  - policycoreutils-python
  tags:
  - packages

--- a/roles/unbound/tasks/main.yml
+++ b/roles/unbound/tasks/main.yml
@ -2,7 +2,6 @@
  package: name={{ item }} state=present
  with_items:
  - unbound
-  - policycoreutils-python

 - name: install unbound config
  copy: src=unbound.conf dest=/etc/unbound/unbound.conf mode=644