cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
JLNicolas
Mission Specialist
Mission Specialist
Saturday
  • 194 Views

when: not selinux_reboot_required doesn't work

Jump to solution

Hi,

I'm on the exercise on ch07s11 where we need to configure a webserver and make sure SELinux is enforcing and is using the "targeted" policy. In the part where we need the role to fail for any reason other than selinux_reboot_required, it throws the error that selinux_reboot_required is not defined. I don't see it where we're asked to have it defined elsewhere in the exercise. Any help is appreciated.

 

 

Thank you!

Labels (2)
Join the discussion
1 Solution

Accepted Solutions
JLNicolas
Mission Specialist
Mission Specialist
yesterday
  • 76 Views

Jump to solution

Found the solution:

the error will point to something like:
- misspelled modules

when: not selinux_reboot_required is undefined

but these are just SYMPTOMS of the problem.

 

Biggest clue is that redhat.rhel_system_roles.selinux is "misspelled". Ansible thinks it's misspelled because it doesn't know of it in the first place! It cannot see the collection/role in the paths specified in ansible.cfg. For my scenario, it doesn't like using relative paths. Not sure why, coz the system is supposed to be configured for you, and there's no instruction to reconfigure / add the new collection and role paths to ansible.cfg.

After making sure ansible.cfg has absolute paths for the collection and the roles directories mentioned in the exercise, IT WORKS! (also, no more when: not selinux_reboot_required undefined issue).

View solution in original post

0 Kudos
4 Replies
TravellingKiwi
Flight Engineer
Flight Engineer
Sunday
  • 129 Views

Jump to solution

I won't write the statement for you :), but check that 

1. it's defined
2. and that it's true

Logic is optimised. A single statement that checks for definition and value is true will shortcut to false if the variable doesn't exist 

This may or may not be the 100% correct answer for the task (I don't have a lot of context here), but will work for what you describe

87951469
Flight Engineer
Flight Engineer
yesterday
  • 99 Views

Jump to solution

Hi, 

Make sure on step 10 that you have done this: 

"Move the selinux.yml file to the correct location so that its variables are set for the dev_webserver host group." 

That's usually the issue I have. 

Noemi 

JLNicolas
Mission Specialist
Mission Specialist
yesterday
  • 90 Views

Jump to solution

Thank you!

 

Can't believe I missed that one.

JLNicolas
Mission Specialist
Mission Specialist
yesterday
  • 77 Views

Jump to solution

Found the solution:

the error will point to something like:
- misspelled modules

when: not selinux_reboot_required is undefined

but these are just SYMPTOMS of the problem.

 

Biggest clue is that redhat.rhel_system_roles.selinux is "misspelled". Ansible thinks it's misspelled because it doesn't know of it in the first place! It cannot see the collection/role in the paths specified in ansible.cfg. For my scenario, it doesn't like using relative paths. Not sure why, coz the system is supposed to be configured for you, and there's no instruction to reconfigure / add the new collection and role paths to ansible.cfg.

After making sure ansible.cfg has absolute paths for the collection and the roles directories mentioned in the exercise, IT WORKS! (also, no more when: not selinux_reboot_required undefined issue).

0 Kudos
Join the discussion
You must log in to join this conversation.
Red Hat Learning Community

Red Hat

Learning Community

A collaborative learning environment, enabling open source skill development.

Red Hat Inc. Copyright @ 2025 Red Hat Privacy statement Terms of service Community Guidelines