I want to set a selinux boolean, but want to make it conditional on selinux being enabled, to avoid errors on hosts were it isn't.
There is a fact that is true of false depending on the selinux state:
[root@monaghan ~]# facter -p selinux
true
So I used the following code:
if str2bool("${::selinux}") {
selboolean { 'rsync_export_all_ro':
value => 'on',
persistent => true
}
}
However this does not work. I get the following error:
Error 400 on SERVER: str2bool(): Unknown type of boolean given
From the str2bool source I deduced that this error is thrown when a string is passed that does not match any of the true or false patterns in the function.
So I added a line to see what the value for "selinux" really was:
notify { "The value of selinux is ${::selinux}":}
And got this output:
Notice: The value of selinux is enforcing
This explains why my code wasn't working. So I could fix it by using a different test.
if $::selinux == 'enforcing' {
selboolean { 'rsync_export_all_ro':
value => 'on',
persistent => true
}
}
This works....
However, why is a different value being passed to puppet for this fact then the value I see when running facter? This is unexpected behaviour, and makes writing code harder, if one must devine fact values through trial and error...
↧