From 0bfc2d0f2fd91393e48fd1eff0ceeeceb84f5089 Mon Sep 17 00:00:00 2001
From: Abel Lopez <abelopez@cisco.com>
Date: Fri, 17 Feb 2017 17:13:12 -0800
Subject: [PATCH] Safe disable SELinux

Sometimes, a sysadmin might outright delete the SELinux rpms and
delete the configuration. This causes the selinux module to fail
with
```
IOError: [Errno 2] No such file or directory: '/etc/selinux/config'\n",
"module_stdout": "", "msg": "MODULE FAILURE"}
```

This simply checks that /etc/selinux/config exists before we try
to set it Permissive.

Update from feedback
---
 roles/kubernetes/preinstall/tasks/main.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/kubernetes/preinstall/tasks/main.yml b/roles/kubernetes/preinstall/tasks/main.yml
index f8b4987d6..ad0a63f99 100644
--- a/roles/kubernetes/preinstall/tasks/main.yml
+++ b/roles/kubernetes/preinstall/tasks/main.yml
@@ -125,9 +125,15 @@
   tags: bootstrap-os
 
 # Todo : selinux configuration
+- name: Confirm selinux deployed
+  stat:
+    path: /etc/selinux/config
+  when: ansible_os_family == "RedHat"
+  register: slc
+
 - name: Set selinux policy to permissive
   selinux: policy=targeted state=permissive
-  when: ansible_os_family == "RedHat"
+  when: ansible_os_family == "RedHat" and slc.stat.exists == True
   changed_when: False
   tags: bootstrap-os
 
-- 
GitLab