Releases: linux-system-roles/selinux
Version 1.5.5
[1.5.5] - 2023-02-08
New Features
- none
Bug Fixes
- Use stat on localhost with become: false for module idempotency (#152)
Other Changes
- none
Version 1.5.4
[1.5.4] - 2023-02-03
New Features
- none
Bug Fixes
- Fix idempotency - Use lookup file + sha256 to get hash of local policy file
Other Changes
- none
Version 1.5.3
Version 1.5.2
[1.5.2] - 2023-01-26
New Features
- none
Bug Fixes
- Rewrite selinux_load_module.yml to use local_semodule (#135)
This makes module management idempotent on Fedora, and EL 8.6
and later.
Other Changes
- none
Version 1.5.1
Version 1.5.0
[1.5.0] - 2022-09-19
New Features
- add 'local' parameter to seport (#124)
community.general.seport has recently added the local parameter
which is now supported by the role.
local: true:
state: presentenforces change to be made even though the
port mapping could already exists in built in policystate: absentwould remove only local modification and would not
try to remove builtin mapping.
The role vendors-in the seport module as local_seport, because otherwise
it is too difficult to support both Ansible 2.9 and ansible-core. We will
revisit this when Ansible 2.9 is EOL.
Bug Fixes
- none
Other Changes
- add test for fcontext seuser and selevel (#120)
Version 1.4.0
[1.4.0] - 2022-07-28
New Features
- Added setting of seuser and selevel for completeness (#108)
Added setting of seuser and selevel for completeness
See Issue #106 "RFE: Support for setting seuser in selinux_fcontexts"
#106
Added explanation of seuser and selevel parameters
Added -F flag to restorecon to force reset
See "man restorecon" for more detail on -F flag
Authored-by: Benjamin Blasco [email protected]
Bug Fixes
- none
Other Changes
-
changelog_to_tag action - support other than "master" for the main branch name, as well (#117)
-
Use GITHUB_REF_NAME as name of push branch; fix error in branch detection [citest skip] (#118)
We need to get the name of the branch to which CHANGELOG.md was pushed.
For now, it looks as though GITHUB_REF_NAME is that name. But don't
trust it - first, check that it is main or master. If not, then use
a couple of other methods to determine what is the push branch.
Signed-off-by: Rich Megginson [email protected]
Version 1.3.7
[1.3.7] - 2022-07-19
New Features
- none
Bug Fixes
- none
Other Changes
- make all tests work with gather_facts: false (#111)
Ensure all tests work if using ANSIBLE_GATHERING=explicit
- make min_ansible_version a string in meta/main.yml (#112)
The Ansible developers say that min_ansible_version in meta/main.yml
must be a string value like "2.9", not a float value like 2.9.
- Add CHANGELOG.md (#113)
Use meta/collection-requirements.yml for collection dependencies (#110)
Use meta/collection-requirements.yml for collection dependencies (#110)
There is no way for a role to automatically require collections for
module/plugin dependencies. Use the non-standard file
meta/collection-requirements.yml for this. Note that
meta/requirements.yml is supposed to be a list of roles only, in
the format described at https://docs.ansible.com/ansible/latest/galaxy/user_guide.html#installing-multiple-roles-from-multiple-files
[citest skip] bump tox-lsr version to 2.11.0; remove py37; add py310 (#109)
tox-lsr version 2.11.0 has support for collection-requirements.yml,
runqemu improvements, and support for python 3.10
python 3.7 is not used on any supported platform, so remove it
Signed-off-by: Rich Megginson [email protected]
support gather_facts: false; support setup-snapshot.yml (#71) (#105)
support gather_facts: false; support setup-snapshot.yml (#71) (#105)
Some users use gather_facts: false in their playbooks. This changes
the role to work in that case, by gathering only the facts it requires
to run.
CI testing can be sped up by creating a snapshot image pre-installed
with packages. tests/setup-snapshot.yml can be used by a CI system
to do this.