From 887bef0b443793304fecad60d9af4af18cbc4124 Mon Sep 17 00:00:00 2001 From: Jason Rothstein Date: Tue, 6 Jul 2021 03:26:42 +0000 Subject: [PATCH] Fix service order and add SELinux support --- tasks/main.yml | 13 +++++++++++++ vars/Fedora-34-default.yml | 11 ++++++++--- 2 files changed, 21 insertions(+), 3 deletions(-) diff --git a/tasks/main.yml b/tasks/main.yml index 2336549..ce45222 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -45,6 +45,19 @@ notify: - 'ensure_clamav.package_facts' - 'ensure_clamav.service_facts' +- name: 'ensure seboolean' + when: + - ansible_system == 'Linux' + - ensure_clamav is defined + - ensure_clamav.seboolean_list is defined + - ensure_clamav.seboolean_list is iterable + ansible.posix.seboolean: + name: '{{ item.name }}' + presistent: '{{ item.persistent }}' + state: '{{ item.state }}' + loop: '{{ ensure_clamav.seboolean_list }}' + loop_control: + label: '{{ item.name }} will be {{ item.state }}' - name: 'ensure configurations' when: - ansible_system == 'Linux' diff --git a/vars/Fedora-34-default.yml b/vars/Fedora-34-default.yml index 32f45df..e167034 100644 --- a/vars/Fedora-34-default.yml +++ b/vars/Fedora-34-default.yml @@ -13,16 +13,21 @@ package_list: state: 'present' - name: 'clamd' state: 'present' +seboolean_list: + - name: 'antivirus_can_scan_system' + persistent: 'yes' + state: 'yes' service_list: +# NOTE: Order is important + - name: 'clamd@scan.service' + state: 'started' + enabled: 'yes' - name: 'clamav-clamonacc.service' state: 'started' enabled: 'yes' - name: 'clamav-freshclam.service' state: 'started' enabled: 'yes' - - name: 'clamd@scan.service' - state: 'started' - enabled: 'yes' template_list: - dest: '/etc/clamd.d/scan.conf' group: 'root'