Rhel10 and SELinux compatibility #241
Open
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…Splunk is launched. This should solve issues when Splunk is Running on RHEL systems
… fallback The variable include logic was checking for RedHat10.0.yml before RedHat10.yml, which caused the more general RedHat.yml to be included instead of the correct major version-specific file. This commit reorders the fallback list to check RedHat10.yml (using ansible_distribution_major_version) before RedHat.yml, ensuring correct variable precedence on systems like RHEL 10. Also improves compatibility with other distros that may report minor versions (e.g., 10.0) not matching existing variable files.
…on RHEL 10 systems. Adding requirements.yml for Ansible and requirements.txt for Python
Added newline
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
RHEL10:
I'm testing this role on a RHEL 10 VM. This role crashes on RHEL 10 because the syslog logrotation file is called differently: /etc/logrotate.d/rsyslog instead of /etc/logrotate.d/syslog. When testing, I discovered that the main.yml task contains the wrong order of "with_first_found", first it finds RedHat10.0, then RedHat, then RedHat10 then RedHat. As a result, only the RedHat.yml file is used, which contains the wrong "logrotate_file" variable.
SELinux:
Sometimes Splunk wouldn't start after installing or upgrading when SELinux is in enforcing mode (common issue on RHEL based systems).
On RHEL-based systems with SELinux enabled, extracting files from a tarball (e.g., using
tar -xvf) does not automatically restore the correct SELinux security contexts for the extracted files. This can result in Splunk not starting or working correctly after install or upgrading. To resolve this, arestorecon -Rtask is added after extraction to apply the expected SELinux contexts based on policy.Requirements files.
RHEL 10 includes a reduced set of default Ansible collections and Python modules. Explicit requirements files are added to ensure all necessary dependencies are available.
Not sure if this is a desired way of maintaining dependencies for this repository (maybe people prefer adding requirements to the readme or environment)