Blob Blame History Raw
From 9cbbc3f63052bef0b6a697e066e092a5f9722ce8 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Mon, 22 Feb 2021 17:11:05 -0800
Subject: [PATCH] Patch23: selinux-ansible-test-issues.diff

---
 .sanity-ansible-ignore-2.10.txt |  2 ++
 .sanity-ansible-ignore-2.9.txt  |  2 ++
 library/selogin.py              | 26 ++++++++++-----------
 tests/setup_module_utils.sh     | 41 ---------------------------------
 4 files changed, 16 insertions(+), 55 deletions(-)
 create mode 100644 .sanity-ansible-ignore-2.10.txt
 create mode 100644 .sanity-ansible-ignore-2.9.txt
 delete mode 100755 tests/setup_module_utils.sh

diff --git a/.sanity-ansible-ignore-2.10.txt b/.sanity-ansible-ignore-2.10.txt
new file mode 100644
index 0000000..5f8ce1e
--- /dev/null
+++ b/.sanity-ansible-ignore-2.10.txt
@@ -0,0 +1,2 @@
+plugins/modules/selogin.py no-get-exception
+plugins/modules/selogin.py validate-modules!skip
diff --git a/.sanity-ansible-ignore-2.9.txt b/.sanity-ansible-ignore-2.9.txt
new file mode 100644
index 0000000..5f8ce1e
--- /dev/null
+++ b/.sanity-ansible-ignore-2.9.txt
@@ -0,0 +1,2 @@
+plugins/modules/selogin.py no-get-exception
+plugins/modules/selogin.py validate-modules!skip
diff --git a/library/selogin.py b/library/selogin.py
index b785c27..6e3fd32 100644
--- a/library/selogin.py
+++ b/library/selogin.py
@@ -15,6 +15,9 @@
 #
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
+from __future__ import absolute_import, division, print_function
+
+__metaclass__ = type
 
 ANSIBLE_METADATA = {
     "status": ["preview"],
@@ -22,13 +25,14 @@ ANSIBLE_METADATA = {
     "version": "1.0",
 }
 
-DOCUMENTATION = """
+DOCUMENTATION = r"""
 ---
 module: selogin
 short_description: Manages linux user to SELinux user mapping
 description:
-     - Manages linux user to SELinux user mapping
-version_added: "1.0"
+    - "WARNING: Do not use this module directly! It is only for role internal use."
+    - Manages linux user to SELinux user mapping
+version_added: '1.0'
 options:
   login:
     description:
@@ -41,8 +45,7 @@ options:
     required: true
     default: null
   serange:
-    description:
-      - >-
+    description: >
       MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login
       mapping - defaults to the SELinux user record range.
     required: false
@@ -62,8 +65,9 @@ notes:
    - The changes are persistent across reboots
    - Not tested on any debian based system
 requirements: [ 'libselinux-python', 'policycoreutils-python' ]
-author: Dan Keder
-author: Petr Lautrbach
+author:
+    - Dan Keder (@dkeder)
+    - Petr Lautrbach (@bachradsusi)
 """
 
 EXAMPLES = """
@@ -82,7 +86,7 @@ EXAMPLES = """
 
 # Assign all users in the engineering group to the staff_u user
 - selogin:
-    login: %engineering
+    login: "%engineering"
     seuser: staff_u
     state: present
 """
@@ -198,9 +202,6 @@ def semanage_login_add(module, login, seuser, do_reload, serange="s0", sestore="
     except KeyError:
         e = get_exception()
         module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
-    except OSError:
-        e = get_exception()
-        module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
     except RuntimeError:
         e = get_exception()
         module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
@@ -248,9 +249,6 @@ def semanage_login_del(module, login, seuser, do_reload, sestore=""):
     except KeyError:
         e = get_exception()
         module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
-    except OSError:
-        e = get_exception()
-        module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
     except RuntimeError:
         e = get_exception()
         module.fail_json(msg="%s: %s\n" % (e.__class__.__name__, str(e)))
diff --git a/tests/setup_module_utils.sh b/tests/setup_module_utils.sh
deleted file mode 100755
index 94d102d..0000000
--- a/tests/setup_module_utils.sh
+++ /dev/null
@@ -1,41 +0,0 @@
-#!/bin/bash
-# SPDX-License-Identifier: MIT
-
-set -euo pipefail
-
-if [ -n "${DEBUG:-}" ] ; then
-    set -x
-fi
-
-if [ ! -d "${1:-}" ] ; then
-    echo Either ansible is not installed, or there is no ansible/module_utils
-    echo in "$1" - Skipping
-    exit 0
-fi
-
-if [ ! -d "${2:-}" ] ; then
-    echo Role has no module_utils - Skipping
-    exit 0
-fi
-
-# we need absolute path for $2
-absmoddir=$( readlink -f "$2" )
-
-# clean up old links to module_utils
-for item in "$1"/* ; do
-    if lnitem=$( readlink "$item" ) && test -n "$lnitem" ; then
-        case "$lnitem" in
-            *"${2}"*) rm -f "$item" ;;
-        esac
-    fi
-done
-
-# add new links to module_utils
-for item in "$absmoddir"/* ; do
-    case "$item" in
-        *__pycache__) continue;;
-        *.pyc) continue;;
-    esac
-    bnitem=$( basename "$item" )
-    ln -s "$item" "$1/$bnitem"
-done
-- 
2.26.2