selinux / selboolean error

[Paul Raines]

In the manifest/init.pp of a module I am writing in puppet 3.6.2 I have

    if $selinux {
       selboolean { 'authlogin_nsswitch_use_ldap':
         persistent => true,
         value => on,
       }
    }

How when this runs on machine with selinux disabled (facter clearly shows $selinux is false), the selboolean still seems to get evaluated resulting in the error

Error: /Stage[main]/Nmr_ldap/Selboolean[authlogin_nsswitch_use_ldap]: Could not evaluate: Execution of '/usr/sbin/getsebool authlogin_nsswitch_use_ldap' returned 1: /usr/sbin/getsebool:  SELinux is disabled

So it seems like it is ignoring the if $selinux entirely.  Is this a bug in puppet or am I missing something?

[Sebastian Otaegui]

When you run facter on the node do you get the right value?

--
You received this message because you are subscribed to the Google Groups "Puppet Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/3b045b98-53a6-477a-96fc-1ea5f1f635f6%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
Those who do not understand Unix are condemned to reinvent it, poorly.
Any sufficiently recent Microsoft OS contains an ad hoc, informally-specified, bug-ridden, slow implementation of half of Unix.

[Johan De Wit]

facter returns strings, and "false" (the string) evaluates to true.

if $selinux == "true" ??

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/CAApMPgxqrLsivqBdeYyUNwHQK%2BOC55sgcc7KCFtadP%2BoA2Cqzg%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.

-- 
Johan De Wit

Open Source Consultant

Red Hat Certified Engineer              (805008667232363)
Puppet Certified Professional 2013/2014 (PCP0000006)
_________________________________________________________
 
Open-Future                 Phone     +32 (0)2/255 70 70
Zavelstraat 72              Fax       +32 (0)2/255 70 71
3071 KORTENBERG             Mobile    +32 (0)474/42 40 73
BELGIUM                     http://www.open-future.be
_________________________________________________________
 

Upcoming Events:

Zabbix Certified Specialist | http://www.open-future.be/zabbix-certified-professional-training-8th-till-9th-janaury

Zabbix Certified Professional | http://www.open-future.be/zabbix-certified-professional-training-8th-till-9th-janaury

Bacula Administrator 1 | http://www.open-future.be/bacula-administrator-i-training-13th-till-15th-january

Puppet Fundamentals | http://www.open-future.be/puppet-fundamentals-training-26th-till-28th-january

Puppet Architect | http://www.open-future.be/puppet-architect-training-29th-till-30th-january

Subscribe to our newsletter: http://eepurl.com/BUG8H

[Martin Alfke]

Hi Paul,

some more insight:

if $::selinux

is true if the variable exists and does not contain the bool value ‘false’

Facter returns a string and therefor the if$var will always apply.

You have two possibilities:
1. like Johan mentioned:
Check for the proper value:
if $::selinux == ‘true’

2. modify the string prior testing:
if str2bool($::selinux)

str2bool is a function from std lib.

hth,

Martin

> To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-users/549DA9CB.20501%40open-future.be.