Bug 1479546
| Summary: | rhel-system-role.selinux fails basic configuration on RHEL 7.4 | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | Terry Bowling <tbowling> | |
| Component: | rhel-system-roles | Assignee: | Pavel Cahyna <pcahyna> | |
| Status: | CLOSED ERRATA | QA Contact: | qe-baseos-daemons | |
| Severity: | unspecified | Docs Contact: | ||
| Priority: | unspecified | |||
| Version: | 7.4 | CC: | lvrabec, mgrepl, mmalik, ovasik, pcahyna, plautrba, tbowling, vmojzis | |
| Target Milestone: | rc | Keywords: | Extras | |
| Target Release: | 7.4 | |||
| Hardware: | Unspecified | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | rhel-system-roles-0.4-1.el7 | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1493574 (view as bug list) | Environment: | ||
| Last Closed: | 2017-09-05 10:38:50 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 1493574 | |||
Verbose output of failure messages:
[root@rhel74-controlnode demo]# ansible-playbook -l rhel74-test2 example-selinux.yml -vvv
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: example-selinux.yml ******************************************************************************************************************************
1 plays in example-selinux.yml
PLAY [rhel] ************************************************************************************************************************************************
TASK [Gathering Facts] *************************************************************************************************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel74-test2> (0, '/root\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678 `" && echo ansible-tmp-1502217258.91-91955542969678="` echo /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678 `" ) && sleep 0'"'"''
<rhel74-test2> (0, 'ansible-tmp-1502217258.91-91955542969678=/root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678\n', '')
<rhel74-test2> PUT /tmp/tmpWUzExM TO /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/setup.py
<rhel74-test2> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 '[rhel74-test2]'
<rhel74-test2> (0, 'sftp> put /tmp/tmpWUzExM /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/setup.py\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/ /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/setup.py && sleep 0'"'"''
<rhel74-test2> (0, '', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 -tt rhel74-test2 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-nbkqllvgnlqqmnxfutrrwxwaqbhvumqo; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/setup.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel74-test2> (0, '\r\n{"invocation": {"module_args": {"filter": "*", "gather_subset": ["all"], "fact_path": "/etc/ansible/facts.d", "gather_timeout": 10}}, "changed": false, "ansible_facts": {"ansible_product_serial": "NA", "ansible_form_factor": "Other", "ansible_product_version": "pc-i440fx-2.9", "ansible_fips": false, "ansible_service_mgr": "systemd", "ansible_user_id": "root", "ansible_user_dir": "/root", "ansible_memtotal_mb": 992, "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBA0pIh8tZ4IghO6HwkIEfn0kYhdYJopAT5a/zy3F36vbXUITYP9Mii35c7r5aR3toy6RvxcNvbnrMVVsv9y2yV8=", "ansible_distribution_version": "7.4", "ansible_domain": "", "ansible_date_time": {"weekday_number": "2", "iso8601_basic_short": "20170808T143419", "tz": "EDT", "weeknumber": "32", "hour": "14", "year": "2017", "minute": "34", "tz_offset": "-0400", "month": "08", "epoch": "1502217259", "iso8601_micro": "2017-08-08T18:34:19.203923Z", "weekday": "Tuesday", "time": "14:34:19", "date": "2017-08-08", "iso8601": "2017-08-08T18:34:19Z", "day": "08", "iso8601_basic": "20170808T143419203839", "second": "19"}, "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIFJpDdIpLWtJIeZJaLJ3P7d6/KlchHQbe1UVmSSPjpkv", "ansible_processor_cores": 1, "ansible_virtualization_role": "guest", "ansible_dns": {"nameservers": ["192.168.75.1"], "search": ["example.org"]}, "ansible_processor_vcpus": 1, "ansible_bios_version": "1.10.2-1.fc26", "ansible_processor": ["GenuineIntel", "Intel Core Processor (Haswell, no TSX)"], "ansible_virtualization_type": "kvm", "ansible_lo": {"features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "on [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "on [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "on", "tx_checksumming": "on", "vlan_challenged": "on [fixed]", "loopback": "on [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "on [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on [fixed]", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "on [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off [fixed]", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "on", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on [fixed]", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "off [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "mtu": 65536, "device": "lo", "promisc": false, "ipv4": {"broadcast": "host", "netmask": "255.0.0.0", "network": "127.0.0.0", "address": "127.0.0.1"}, "ipv6": [{"scope": "host", "prefix": "128", "address": "::1"}], "active": true, "type": "loopback"}, "ansible_userspace_bits": "64", "ansible_architecture": "x86_64", "ansible_real_user_id": 0, "ansible_default_ipv4": {"macaddress": "52:54:00:0c:88:79", "network": "192.168.75.0", "mtu": 1500, "broadcast": "192.168.75.255", "alias": "eth0", "netmask": "255.255.255.0", "address": "192.168.75.82", "interface": "eth0", "type": "ether", "gateway": "192.168.75.1"}, "ansible_swapfree_mb": 819, "ansible_default_ipv6": {}, "ansible_distribution_release": "Maipo", "ansible_system_vendor": "QEMU", "ansible_apparmor": {"status": "disabled"}, "ansible_cmdline": {"LANG": "en_US.UTF-8", "BOOT_IMAGE": "/vmlinuz-3.10.0-693.el7.x86_64", "quiet": true, "rhgb": true, "rd.lvm.lv": "rhel/swap", "crashkernel": "auto", "ro": true, "root": "/dev/mapper/rhel-root"}, "ansible_effective_user_id": 0, "ansible_mounts": [{"uuid": "c3fe5438-0e16-4e69-994b-35b7ac1ee0e4", "size_total": 6641680384, "mount": "/", "size_available": 4989837312, "fstype": "xfs", "device": "/dev/mapper/rhel-root", "options": "rw,relatime,attr2,inode64,noquota"}, {"uuid": "83cee6c5-576f-4f87-ab5e-a1a7594dd8cb", "size_total": 1063256064, "mount": "/boot", "size_available": 932782080, "fstype": "xfs", "device": "/dev/vda1", "options": "rw,relatime,attr2,inode64,noquota"}], "ansible_selinux": {"status": "disabled"}, "ansible_machine": "x86_64", "ansible_os_family": "RedHat", "ansible_userspace_architecture": "x86_64", "ansible_product_uuid": "5FCB280E-61EE-4990-BAE2-79877190E2D4", "ansible_kernel": "3.10.0-693.el7.x86_64", "ansible_product_name": "Standard PC (i440FX + PIIX, 1996)", "ansible_pkg_mgr": "yum", "ansible_memfree_mb": 281, "ansible_devices": {"vda": {"scheduler_mode": "", "rotational": "1", "vendor": "0x1af4", "sectors": "16777216", "sas_device_handle": null, "sas_address": null, "host": "SCSI storage controller: Red Hat, Inc Virtio block device", "sectorsize": "512", "removable": "0", "support_discard": "0", "model": null, "partitions": {"vda1": {"sectorsize": 512, "uuid": "83cee6c5-576f-4f87-ab5e-a1a7594dd8cb", "sectors": "2097152", "start": "2048", "holders": [], "size": "1.00 GB"}, "vda2": {"sectorsize": 512, "uuid": null, "sectors": "14678016", "start": "2099200", "holders": ["rhel-root", "rhel-swap"], "size": "7.00 GB"}}, "holders": [], "size": "8.00 GB"}, "sr0": {"scheduler_mode": "cfq", "rotational": "1", "vendor": "QEMU", "sectors": "2097151", "sas_device_handle": null, "sas_address": null, "host": "IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]", "sectorsize": "512", "removable": "1", "support_discard": "0", "model": "QEMU DVD-ROM", "partitions": {}, "holders": [], "size": "1024.00 MB"}}, "ansible_user_uid": 0, "ansible_lvm": {"lvs": {"root": {"size_g": "6.20", "vg": "rhel"}, "swap": {"size_g": "0.80", "vg": "rhel"}}, "vgs": {"rhel": {"free_g": "0", "size_g": "7.00", "num_lvs": "2", "num_pvs": "1"}}}, "ansible_distribution": "RedHat", "ansible_env": {"USERNAME": "root", "LANG": "en_US.utf8", "TERM": "xterm-256color", "SHELL": "/bin/bash", "SUDO_COMMAND": "/bin/sh -c echo BECOME-SUCCESS-nbkqllvgnlqqmnxfutrrwxwaqbhvumqo; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/setup.py; rm -rf \\"/root/.ansible/tmp/ansible-tmp-1502217258.91-91955542969678/\\" > /dev/null 2>&1", "SHLVL": "1", "SUDO_UID": "0", "SUDO_GID": "0", "PWD": "/root", "LOGNAME": "root", "USER": "root", "PATH": "/sbin:/bin:/usr/sbin:/usr/bin", "MAIL": "/var/mail/root", "SUDO_USER": "root", "LS_COLORS": "rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:", "HOME": "/root", "_": "/usr/bin/python"}, "ansible_distribution_major_version": "7", "module_setup": true, "ansible_processor_count": 1, "ansible_hostname": "rhel74-test2", "ansible_effective_group_id": 0, "ansible_swaptotal_mb": 819, "ansible_real_group_id": 0, "ansible_bios_date": "04/01/2014", "ansible_all_ipv6_addresses": ["fe80::5054:ff:fe0c:8879"], "ansible_interfaces": ["lo", "eth0"], "ansible_uptime_seconds": 8588, "ansible_machine_id": "6d2542bcce3841aca85e0765aa96b006", "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDiP2/aw//DkVr/g9QjInoCIpyCxS0PUGFneGbs/QSLlb7gb04m0Nq/Jac6yM3ZhvVo1X3ShHNjhi4a9mMQxMPRHETDEHAdOXmCn2Me6dj7B5EDRPXMCscMQpgZt+3rzwhM+ZKlfC5zAdEYpF3uL2hrKYasZyPZmy8LwBSAsY2R49fDbjtDW/Top2VH6GSrVHGCWIso+4B0eRDI8AZk01TkR06/txmJkPWNfsNqOboEqtkY7veZmOHdr1g32YVM99TAyHDwt6lqLq7Gh+ay7zEje0rETd7A20cEoOM7cch+pba3JBf2jzNJlEeXcMO/b/47XaMie+fE0QfRK0rCtK6/", "ansible_gather_subset": ["hardware", "network", "virtual"], "ansible_user_gecos": "root", "ansible_system_capabilities_enforced": "True", "ansible_python": {"executable": "/usr/bin/python", "version": {"micro": 5, "major": 2, "releaselevel": "final", "serial": 0, "minor": 7}, "type": "CPython", "has_sslcontext": true, "version_info": [2, 7, 5, "final", 0]}, "ansible_memory_mb": {"real": {"total": 992, "used": 711, "free": 281}, "swap": {"cached": 0, "total": 819, "free": 819, "used": 0}, "nocache": {"used": 202, "free": 790}}, "ansible_processor_threads_per_core": 1, "ansible_fqdn": "rhel74-test2", "ansible_user_gid": 0, "ansible_eth0": {"macaddress": "52:54:00:0c:88:79", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "pciid": "virtio0", "module": "virtio_net", "mtu": 1500, "device": "eth0", "promisc": false, "ipv4": {"broadcast": "192.168.75.255", "netmask": "255.255.255.0", "network": "192.168.75.0", "address": "192.168.75.82"}, "ipv6": [{"scope": "link", "prefix": "64", "address": "fe80::5054:ff:fe0c:8879"}], "active": true, "type": "ether"}, "ansible_nodename": "rhel74-test2", "ansible_system": "Linux", "ansible_user_shell": "/bin/bash", "ansible_system_capabilities": ["cap_chown", "cap_dac_override", "cap_dac_read_search", "cap_fowner", "cap_fsetid", "cap_kill", "cap_setgid", "cap_setuid", "cap_setpcap", "cap_linux_immutable", "cap_net_bind_service", "cap_net_broadcast", "cap_net_admin", "cap_net_raw", "cap_ipc_lock", "cap_ipc_owner", "cap_sys_module", "cap_sys_rawio", "cap_sys_chroot", "cap_sys_ptrace", "cap_sys_pacct", "cap_sys_admin", "cap_sys_boot", "cap_sys_nice", "cap_sys_resource", "cap_sys_time", "cap_sys_tty_config", "cap_mknod", "cap_lease", "cap_audit_write", "cap_audit_control", "cap_setfcap", "cap_mac_override", "cap_mac_admin", "cap_syslog", "35", "36+ep"], "ansible_all_ipv4_addresses": ["192.168.75.82"], "ansible_python_version": "2.7.5"}}\r\n', 'Shared connection to rhel74-test2 closed.\r\n')
ok: [rhel74-test2]
META: ran handlers
TASK [rhel-system-roles.selinux : Install SELinux tools] ***************************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:2
Using module file /usr/lib/python2.7/site-packages/ansible/modules/packaging/os/yum.py
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel74-test2> (0, '/root\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187 `" && echo ansible-tmp-1502217259.44-168711059725187="` echo /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187 `" ) && sleep 0'"'"''
<rhel74-test2> (0, 'ansible-tmp-1502217259.44-168711059725187=/root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187\n', '')
<rhel74-test2> PUT /tmp/tmpGUtCIW TO /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/yum.py
<rhel74-test2> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 '[rhel74-test2]'
<rhel74-test2> (0, 'sftp> put /tmp/tmpGUtCIW /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/yum.py\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/ /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/yum.py && sleep 0'"'"''
<rhel74-test2> (0, '', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 -tt rhel74-test2 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-czjywdrkjefpaxpefixqwzlwyhxyiekz; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/yum.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502217259.44-168711059725187/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel74-test2> (0, '\r\n{"msg": "", "invocation": {"module_args": {"name": ["libselinux-utils", "libselinux-python", "policycoreutils-python"], "list": null, "install_repoquery": true, "conf_file": null, "disable_gpg_check": false, "state": "present", "disablerepo": null, "update_cache": false, "enablerepo": null, "exclude": null, "validate_certs": true, "installroot": "/", "skip_broken": false}}, "changed": false, "results": ["libselinux-utils-2.5-11.el7.x86_64 providing libselinux-utils is already installed", "libselinux-python-2.5-11.el7.x86_64 providing libselinux-python is already installed", "policycoreutils-python-2.5-17.1.el7.x86_64 providing policycoreutils-python is already installed"], "rc": 0}\r\n', 'Shared connection to rhel74-test2 closed.\r\n')
ok: [rhel74-test2] => {
"changed": false,
"invocation": {
"module_args": {
"conf_file": null,
"disable_gpg_check": false,
"disablerepo": null,
"enablerepo": null,
"exclude": null,
"install_repoquery": true,
"installroot": "/",
"list": null,
"name": [
"libselinux-utils",
"libselinux-python",
"policycoreutils-python"
],
"skip_broken": false,
"state": "present",
"update_cache": false,
"validate_certs": true
}
},
"msg": "",
"rc": 0,
"results": [
"libselinux-utils-2.5-11.el7.x86_64 providing libselinux-utils is already installed",
"libselinux-python-2.5-11.el7.x86_64 providing libselinux-python is already installed",
"policycoreutils-python-2.5-17.1.el7.x86_64 providing policycoreutils-python is already installed"
]
}
TASK [rhel-system-roles.selinux : Install SELinux tool semanage on Fedora] *********************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:10
skipping: [rhel74-test2] => {
"changed": false,
"skip_reason": "Conditional result was False",
"skipped": true
}
TASK [rhel-system-roles.selinux : Drop all local modifications first] **************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:17
Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel74-test2> (0, '/root\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255 `" && echo ansible-tmp-1502217260.52-138575557322255="` echo /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255 `" ) && sleep 0'"'"''
<rhel74-test2> (0, 'ansible-tmp-1502217260.52-138575557322255=/root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255\n', '')
<rhel74-test2> PUT /tmp/tmpUvboCr TO /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/command.py
<rhel74-test2> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 '[rhel74-test2]'
<rhel74-test2> (0, 'sftp> put /tmp/tmpUvboCr /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/command.py\n', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 rhel74-test2 '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/ /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/command.py && sleep 0'"'"''
<rhel74-test2> (0, '', '')
<rhel74-test2> ESTABLISH SSH CONNECTION FOR USER: None
<rhel74-test2> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/03922425c3 -tt rhel74-test2 '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-zamurvklxbehkplisoloaajcfgjwleea; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/command.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502217260.52-138575557322255/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel74-test2> (0, '\r\n{"changed": true, "end": "2017-08-08 14:34:27.853030", "stdout": "", "cmd": "echo \\"boolean -D\\nlogin -D\\nport -D\\nfcontext -D\\n\\" | /usr/sbin/semanage -i -", "rc": 1, "start": "2017-08-08 14:34:20.722666", "stderr": "SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.\\nSELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory\\n/sbin/load_policy: Can\'t load policy: No such file or directory\\nlibsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).\\nSELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.\\nSELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory\\n/sbin/load_policy: Can\'t load policy: No such file or directory\\nlibsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).\\nOSError: No such file or directory", "delta": "0:00:07.130364", "invocation": {"module_args": {"warn": true, "executable": null, "_uses_shell": true, "_raw_params": "echo \\"boolean -D\\nlogin -D\\nport -D\\nfcontext -D\\n\\" | /usr/sbin/semanage -i -", "removes": null, "creates": null, "chdir": null}}, "warnings": []}\r\n', 'Shared connection to rhel74-test2 closed.\r\n')
fatal: [rhel74-test2]: FAILED! => {
"changed": true,
"cmd": "echo \"boolean -D\nlogin -D\nport -D\nfcontext -D\n\" | /usr/sbin/semanage -i -",
"delta": "0:00:07.130364",
"end": "2017-08-08 14:34:27.853030",
"failed": true,
"invocation": {
"module_args": {
"_raw_params": "echo \"boolean -D\nlogin -D\nport -D\nfcontext -D\n\" | /usr/sbin/semanage -i -",
"_uses_shell": true,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"warn": true
}
},
"rc": 1,
"start": "2017-08-08 14:34:20.722666",
"stderr": "SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.\nSELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory\n/sbin/load_policy: Can't load policy: No such file or directory\nlibsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).\nSELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.\nSELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory\n/sbin/load_policy: Can't load policy: No such file or directory\nlibsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).\nOSError: No such file or directory",
"stderr_lines": [
"SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.",
"SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory",
"/sbin/load_policy: Can't load policy: No such file or directory",
"libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).",
"SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.",
"SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory",
"/sbin/load_policy: Can't load policy: No such file or directory",
"libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).",
"OSError: No such file or directory"
],
"stdout": "",
"stdout_lines": []
}
to retry, use: --limit @/root/demo/example-selinux.retry
PLAY RECAP *************************************************************************************************************************************************
rhel74-test2 : ok=2 changed=0 unreachable=0 failed=1
Successful output against beta client:
[root@rhel74-controlnode demo]# ansible-playbook -l rhel7-beta example-selinux.yml -vvv
Using /etc/ansible/ansible.cfg as config file
PLAYBOOK: example-selinux.yml ******************************************************************************************************************************
1 plays in example-selinux.yml
PLAY [rhel] ************************************************************************************************************************************************
TASK [Gathering Facts] *************************************************************************************************************************************
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/setup.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978 `" && echo ansible-tmp-1502218152.91-42652173431978="` echo /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218152.91-42652173431978=/root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978\n', '')
<rhel7-beta> PUT /tmp/tmpZxDpsf TO /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/setup.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpZxDpsf /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/setup.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/ /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/setup.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-cpkuvyfsmxhwrrqrymxwoalvfdbuluus; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/setup.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"invocation": {"module_args": {"filter": "*", "gather_subset": ["all"], "fact_path": "/etc/ansible/facts.d", "gather_timeout": 10}}, "changed": false, "ansible_facts": {"ansible_product_serial": "NA", "ansible_form_factor": "Other", "ansible_product_version": "pc-i440fx-2.7", "ansible_fips": false, "ansible_service_mgr": "systemd", "ansible_user_id": "root", "module_setup": true, "ansible_memtotal_mb": 1839, "ansible_eth2": {"macaddress": "52:54:00:57:53:fd", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "pciid": "virtio5", "module": "virtio_net", "mtu": 1500, "device": "eth2", "promisc": false, "active": true, "type": "ether"}, "ansible_ssh_host_key_ecdsa_public": "AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHVjhklTlKziO9+OqAKL8fN/e1FWFFb/KF8ioZoTSk9PbWENOYUJUvJgF3CSb6fOLRLZZ2V7V0UBQ7WizmAZKgY=", "ansible_distribution_version": "7.4", "ansible_domain": "4-beta", "ansible_user_shell": "/bin/bash", "ansible_date_time": {"weekday_number": "2", "iso8601_basic_short": "20170808T144913", "tz": "EDT", "weeknumber": "32", "hour": "14", "year": "2017", "minute": "49", "tz_offset": "-0400", "month": "08", "epoch": "1502218153", "iso8601_micro": "2017-08-08T18:49:13.649208Z", "weekday": "Tuesday", "time": "14:49:13", "date": "2017-08-08", "iso8601": "2017-08-08T18:49:13Z", "day": "08", "iso8601_basic": "20170808T144913649129", "second": "13"}, "ansible_ssh_host_key_ed25519_public": "AAAAC3NzaC1lZDI1NTE5AAAAIIvJdBQ6JwXXWvgIek3XwMyPBOvr793KcsEsrWRE26u5", "ansible_processor_cores": 1, "ansible_virtualization_role": "guest", "ansible_dns": {"nameservers": ["192.168.122.1"]}, "ansible_processor_vcpus": 1, "ansible_bios_version": "1.10.2-1.fc26", "ansible_processor": ["GenuineIntel", "Intel Core Processor (Haswell, no TSX)"], "ansible_virtualization_type": "kvm", "ansible_lo": {"features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "on [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "on [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "on", "tx_checksumming": "on", "vlan_challenged": "on [fixed]", "loopback": "on [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "on [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on [fixed]", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "on [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off [fixed]", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "on", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on [fixed]", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "off [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "mtu": 65536, "device": "lo", "promisc": false, "ipv4": {"broadcast": "host", "netmask": "255.0.0.0", "network": "127.0.0.0", "address": "127.0.0.1"}, "ipv6": [{"scope": "host", "prefix": "128", "address": "::1"}], "active": true, "type": "loopback"}, "ansible_userspace_bits": "64", "ansible_architecture": "x86_64", "ansible_real_user_id": 0, "ansible_default_ipv4": {"macaddress": "52:54:00:cc:b0:29", "network": "192.168.122.0", "mtu": 1500, "broadcast": "192.168.122.255", "alias": "eth0", "netmask": "255.255.255.0", "address": "192.168.122.6", "interface": "eth0", "type": "ether", "gateway": "192.168.122.1"}, "ansible_swapfree_mb": 923, "ansible_default_ipv6": {}, "ansible_distribution_release": "Maipo", "ansible_system_vendor": "QEMU", "ansible_apparmor": {"status": "disabled"}, "ansible_cmdline": {"LANG": "en_US.UTF-8", "BOOT_IMAGE": "/vmlinuz-3.10.0-685.el7.x86_64", "quiet": true, "rhgb": true, "rd.lvm.lv": "rhel/swap", "crashkernel": "auto", "ro": true, "root": "/dev/mapper/rhel-root"}, "ansible_effective_user_id": 0, "ansible_mounts": [{"uuid": "6335dad8-e6c0-4e2f-8615-67c2482689e1", "size_total": 7606370304, "mount": "/", "size_available": 5997248512, "fstype": "xfs", "device": "/dev/mapper/rhel-root", "options": "rw,seclabel,relatime,attr2,inode64,noquota"}, {"uuid": "06d152e1-bd89-426f-bfed-2bc1a8cb29d7", "size_total": 1063256064, "mount": "/boot", "size_available": 864215040, "fstype": "xfs", "device": "/dev/vda1", "options": "rw,seclabel,relatime,attr2,inode64,noquota"}], "ansible_selinux": {"status": "enabled", "policyvers": 28, "type": "targeted", "mode": "enforcing", "config_mode": "enforcing"}, "ansible_machine": "x86_64", "ansible_os_family": "RedHat", "ansible_userspace_architecture": "x86_64", "ansible_product_uuid": "6A8A00D6-07EC-472F-9B0A-3E253BB315DB", "ansible_kernel": "3.10.0-685.el7.x86_64", "ansible_system": "Linux", "ansible_pkg_mgr": "yum", "ansible_memfree_mb": 1539, "ansible_devices": {"vda": {"scheduler_mode": "", "rotational": "1", "vendor": "0x1af4", "sectors": "18874368", "sas_device_handle": null, "sas_address": null, "host": "SCSI storage controller: Red Hat, Inc Virtio block device", "sectorsize": "512", "removable": "0", "support_discard": "0", "model": null, "partitions": {"vda1": {"sectorsize": 512, "uuid": "06d152e1-bd89-426f-bfed-2bc1a8cb29d7", "sectors": "2097152", "start": "2048", "holders": [], "size": "1.00 GB"}, "vda2": {"sectorsize": 512, "uuid": null, "sectors": "16775168", "start": "2099200", "holders": ["rhel-root", "rhel-swap"], "size": "8.00 GB"}}, "holders": [], "size": "9.00 GB"}, "sr0": {"scheduler_mode": "cfq", "rotational": "1", "vendor": "QEMU", "sectors": "2097151", "sas_device_handle": null, "sas_address": null, "host": "IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]", "sectorsize": "512", "removable": "1", "support_discard": "0", "model": "QEMU DVD-ROM", "partitions": {}, "holders": [], "size": "1024.00 MB"}}, "ansible_user_uid": 0, "ansible_lvm": {"lvs": {"root": {"size_g": "7.09", "vg": "rhel"}, "swap": {"size_g": "0.90", "vg": "rhel"}}, "vgs": {"rhel": {"free_g": "0", "size_g": "8.00", "num_lvs": "2", "num_pvs": "1"}}}, "ansible_distribution": "RedHat", "ansible_env": {"USERNAME": "root", "LANG": "en_US.utf8", "TERM": "xterm-256color", "SHELL": "/bin/bash", "SUDO_COMMAND": "/bin/sh -c echo BECOME-SUCCESS-cpkuvyfsmxhwrrqrymxwoalvfdbuluus; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/setup.py; rm -rf \\"/root/.ansible/tmp/ansible-tmp-1502218152.91-42652173431978/\\" > /dev/null 2>&1", "SHLVL": "1", "SUDO_UID": "0", "SUDO_GID": "0", "PWD": "/root", "LOGNAME": "root", "USER": "root", "PATH": "/sbin:/bin:/usr/sbin:/usr/bin", "MAIL": "/var/mail/root", "SUDO_USER": "root", "LS_COLORS": "rs=0:di=38;5;27:ln=38;5;51:mh=44;38;5;15:pi=40;38;5;11:so=38;5;13:do=38;5;5:bd=48;5;232;38;5;11:cd=48;5;232;38;5;3:or=48;5;232;38;5;9:mi=05;48;5;232;38;5;15:su=48;5;196;38;5;15:sg=48;5;11;38;5;16:ca=48;5;196;38;5;226:tw=48;5;10;38;5;16:ow=48;5;10;38;5;21:st=48;5;21;38;5;15:ex=38;5;34:*.tar=38;5;9:*.tgz=38;5;9:*.arc=38;5;9:*.arj=38;5;9:*.taz=38;5;9:*.lha=38;5;9:*.lz4=38;5;9:*.lzh=38;5;9:*.lzma=38;5;9:*.tlz=38;5;9:*.txz=38;5;9:*.tzo=38;5;9:*.t7z=38;5;9:*.zip=38;5;9:*.z=38;5;9:*.Z=38;5;9:*.dz=38;5;9:*.gz=38;5;9:*.lrz=38;5;9:*.lz=38;5;9:*.lzo=38;5;9:*.xz=38;5;9:*.bz2=38;5;9:*.bz=38;5;9:*.tbz=38;5;9:*.tbz2=38;5;9:*.tz=38;5;9:*.deb=38;5;9:*.rpm=38;5;9:*.jar=38;5;9:*.war=38;5;9:*.ear=38;5;9:*.sar=38;5;9:*.rar=38;5;9:*.alz=38;5;9:*.ace=38;5;9:*.zoo=38;5;9:*.cpio=38;5;9:*.7z=38;5;9:*.rz=38;5;9:*.cab=38;5;9:*.jpg=38;5;13:*.jpeg=38;5;13:*.gif=38;5;13:*.bmp=38;5;13:*.pbm=38;5;13:*.pgm=38;5;13:*.ppm=38;5;13:*.tga=38;5;13:*.xbm=38;5;13:*.xpm=38;5;13:*.tif=38;5;13:*.tiff=38;5;13:*.png=38;5;13:*.svg=38;5;13:*.svgz=38;5;13:*.mng=38;5;13:*.pcx=38;5;13:*.mov=38;5;13:*.mpg=38;5;13:*.mpeg=38;5;13:*.m2v=38;5;13:*.mkv=38;5;13:*.webm=38;5;13:*.ogm=38;5;13:*.mp4=38;5;13:*.m4v=38;5;13:*.mp4v=38;5;13:*.vob=38;5;13:*.qt=38;5;13:*.nuv=38;5;13:*.wmv=38;5;13:*.asf=38;5;13:*.rm=38;5;13:*.rmvb=38;5;13:*.flc=38;5;13:*.avi=38;5;13:*.fli=38;5;13:*.flv=38;5;13:*.gl=38;5;13:*.dl=38;5;13:*.xcf=38;5;13:*.xwd=38;5;13:*.yuv=38;5;13:*.cgm=38;5;13:*.emf=38;5;13:*.axv=38;5;13:*.anx=38;5;13:*.ogv=38;5;13:*.ogx=38;5;13:*.aac=38;5;45:*.au=38;5;45:*.flac=38;5;45:*.mid=38;5;45:*.midi=38;5;45:*.mka=38;5;45:*.mp3=38;5;45:*.mpc=38;5;45:*.ogg=38;5;45:*.ra=38;5;45:*.wav=38;5;45:*.axa=38;5;45:*.oga=38;5;45:*.spx=38;5;45:*.xspf=38;5;45:", "HOME": "/root", "_": "/usr/bin/python"}, "ansible_distribution_major_version": "7", "ansible_user_dir": "/root", "ansible_processor_count": 1, "ansible_hostname": "rhel7-beta", "ansible_effective_group_id": 0, "ansible_swaptotal_mb": 923, "ansible_ens12": {"macaddress": "52:54:00:7b:76:18", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off", "highdma": "off [fixed]", "rx_fcs": "off", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "off [fixed]", "tx_tcp6_segmentation": "off [fixed]", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "off", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "on", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "off [fixed]", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "on [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "type": "ether", "pciid": "0000:00:0c.0", "module": "e1000", "mtu": 1500, "device": "ens12", "promisc": false, "active": true, "speed": 1000}, "ansible_real_group_id": 0, "ansible_bios_date": "04/01/2014", "ansible_all_ipv6_addresses": ["fe80::5054:ff:fecc:b029"], "ansible_interfaces": ["lo", "ens12", "ens13", "eth3", "eth2", "eth1", "eth0"], "ansible_uptime_seconds": 552, "ansible_ens13": {"macaddress": "52:54:00:41:ca:30", "features": {"tx_checksum_ipv4": "off", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "off [fixed]", "tx_tcp6_segmentation": "off [fixed]", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "off", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "off", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "off", "rx_checksumming": "on", "tx_tcp_segmentation": "off", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "off [requested on]", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "off", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "on", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "off [fixed]", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "off [fixed]", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "off [fixed]", "tx_vlan_offload": "on", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "type": "ether", "pciid": "0000:00:0d.0", "module": "8139cp", "mtu": 1500, "device": "ens13", "promisc": false, "active": true, "speed": 100}, "ansible_machine_id": "6a8a00d607ec472f9b0a3e253bb315db", "ansible_ssh_host_key_rsa_public": "AAAAB3NzaC1yc2EAAAADAQABAAABAQDa+Le2wXORn9G+XBtNNkqMvScYIecYVWcRaWCBPwe8bK3rQDrvtGhjTah0Bbs7dtYAeXkQVTTtFuY7/dHGnLFShzgEAYKBh9PXkN+IILOn0L/+9CK2HStEABRlt0jxcVQapfYZfTUub0tTwBladXWen1phykEMSyV9PmdQ8gt/nSnI51jhXscCUSqC3fasGEaete2sBCL4QfFIjA+zfjVPrcY2nY1WUG3NjyLU/MLjAdCqE8JWmrbg+g+Kiyy93Lb870QCbF0up4GFBNLjKbNmMsf+30ZyDJy2zB28E15Jrh1ZD8+wKGofzioCIfkez/mTLBwCzesYqG5kvQeVFp4V", "ansible_gather_subset": ["hardware", "network", "virtual"], "ansible_user_gecos": "root", "ansible_system_capabilities_enforced": "True", "ansible_python": {"executable": "/usr/bin/python", "version": {"micro": 5, "major": 2, "releaselevel": "final", "serial": 0, "minor": 7}, "type": "CPython", "has_sslcontext": true, "version_info": [2, 7, 5, "final", 0]}, "ansible_memory_mb": {"real": {"total": 1839, "used": 300, "free": 1539}, "swap": {"cached": 0, "total": 923, "free": 923, "used": 0}, "nocache": {"used": 184, "free": 1655}}, "ansible_processor_threads_per_core": 1, "ansible_fqdn": "rhel7.4-beta", "ansible_user_gid": 0, "ansible_eth0": {"macaddress": "52:54:00:cc:b0:29", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "pciid": "virtio0", "module": "virtio_net", "mtu": 1500, "device": "eth0", "promisc": false, "ipv4": {"broadcast": "192.168.122.255", "netmask": "255.255.255.0", "network": "192.168.122.0", "address": "192.168.122.6"}, "ipv6": [{"scope": "link", "prefix": "64", "address": "fe80::5054:ff:fecc:b029"}], "active": true, "type": "ether"}, "ansible_eth1": {"macaddress": "52:54:00:2f:d1:67", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "pciid": "virtio4", "module": "virtio_net", "mtu": 1500, "device": "eth1", "promisc": false, "active": true, "type": "ether"}, "ansible_product_name": "Standard PC (i440FX + PIIX, 1996)", "ansible_eth3": {"macaddress": "52:54:00:28:26:0e", "features": {"tx_checksum_ipv4": "off [fixed]", "generic_receive_offload": "on", "tx_checksum_ipv6": "off [fixed]", "tx_scatter_gather_fraglist": "off [fixed]", "rx_all": "off [fixed]", "highdma": "on [fixed]", "rx_fcs": "off [fixed]", "tx_lockless": "off [fixed]", "tx_tcp_ecn_segmentation": "on", "tx_tcp6_segmentation": "on", "tx_gso_robust": "off [fixed]", "tx_ipip_segmentation": "off [fixed]", "tx_tcp_mangleid_segmentation": "off", "tx_checksumming": "on", "vlan_challenged": "off [fixed]", "loopback": "off [fixed]", "fcoe_mtu": "off [fixed]", "scatter_gather": "on", "tx_checksum_sctp": "off [fixed]", "tx_vlan_stag_hw_insert": "off [fixed]", "rx_vlan_stag_hw_parse": "off [fixed]", "tx_gso_partial": "off [fixed]", "rx_vlan_stag_filter": "off [fixed]", "large_receive_offload": "off [fixed]", "tx_scatter_gather": "on", "rx_checksumming": "on [fixed]", "tx_tcp_segmentation": "on", "netns_local": "off [fixed]", "busy_poll": "off [fixed]", "generic_segmentation_offload": "on", "tx_udp_tnl_segmentation": "off [fixed]", "tcp_segmentation_offload": "on", "l2_fwd_offload": "off [fixed]", "rx_vlan_offload": "off [fixed]", "ntuple_filters": "off [fixed]", "tx_gre_csum_segmentation": "off [fixed]", "tx_nocache_copy": "off", "tx_mpls_segmentation": "off [fixed]", "tx_udp_tnl_csum_segmentation": "off [fixed]", "udp_fragmentation_offload": "on", "tx_sctp_segmentation": "off [fixed]", "tx_sit_segmentation": "off [fixed]", "tx_checksum_fcoe_crc": "off [fixed]", "hw_tc_offload": "off [fixed]", "tx_checksum_ip_generic": "on", "tx_fcoe_segmentation": "off [fixed]", "rx_vlan_filter": "on [fixed]", "tx_vlan_offload": "off [fixed]", "receive_hashing": "off [fixed]", "tx_gre_segmentation": "off [fixed]"}, "pciid": "virtio6", "module": "virtio_net", "mtu": 1500, "device": "eth3", "promisc": false, "active": true, "type": "ether"}, "ansible_system_capabilities": ["cap_chown", "cap_dac_override", "cap_dac_read_search", "cap_fowner", "cap_fsetid", "cap_kill", "cap_setgid", "cap_setuid", "cap_setpcap", "cap_linux_immutable", "cap_net_bind_service", "cap_net_broadcast", "cap_net_admin", "cap_net_raw", "cap_ipc_lock", "cap_ipc_owner", "cap_sys_module", "cap_sys_rawio", "cap_sys_chroot", "cap_sys_ptrace", "cap_sys_pacct", "cap_sys_admin", "cap_sys_boot", "cap_sys_nice", "cap_sys_resource", "cap_sys_time", "cap_sys_tty_config", "cap_mknod", "cap_lease", "cap_audit_write", "cap_audit_control", "cap_setfcap", "cap_mac_override", "cap_mac_admin", "cap_syslog", "35", "36+ep"], "ansible_nodename": "rhel7-beta", "ansible_all_ipv4_addresses": ["192.168.122.6"], "ansible_python_version": "2.7.5"}}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
ok: [rhel7-beta]
META: ran handlers
TASK [rhel-system-roles.selinux : Install SELinux tools] ***************************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:2
Using module file /usr/lib/python2.7/site-packages/ansible/modules/packaging/os/yum.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000 `" && echo ansible-tmp-1502218154.07-77239379615000="` echo /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218154.07-77239379615000=/root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000\n', '')
<rhel7-beta> PUT /tmp/tmpB_iInR TO /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/yum.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpB_iInR /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/yum.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/ /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/yum.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-rjbvknlfmwwawdngduafzejmztfaqzzt; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/yum.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218154.07-77239379615000/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"msg": "", "invocation": {"module_args": {"name": ["libselinux-utils", "libselinux-python", "policycoreutils-python"], "list": null, "install_repoquery": true, "conf_file": null, "disable_gpg_check": false, "state": "present", "disablerepo": null, "update_cache": false, "enablerepo": null, "exclude": null, "validate_certs": true, "installroot": "/", "skip_broken": false}}, "changed": false, "results": ["libselinux-utils-2.5-11.el7.x86_64 providing libselinux-utils is already installed", "libselinux-python-2.5-11.el7.x86_64 providing libselinux-python is already installed", "policycoreutils-python-2.5-17.1.el7.x86_64 providing policycoreutils-python is already installed"], "rc": 0}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
ok: [rhel7-beta] => {
"changed": false,
"invocation": {
"module_args": {
"conf_file": null,
"disable_gpg_check": false,
"disablerepo": null,
"enablerepo": null,
"exclude": null,
"install_repoquery": true,
"installroot": "/",
"list": null,
"name": [
"libselinux-utils",
"libselinux-python",
"policycoreutils-python"
],
"skip_broken": false,
"state": "present",
"update_cache": false,
"validate_certs": true
}
},
"msg": "",
"rc": 0,
"results": [
"libselinux-utils-2.5-11.el7.x86_64 providing libselinux-utils is already installed",
"libselinux-python-2.5-11.el7.x86_64 providing libselinux-python is already installed",
"policycoreutils-python-2.5-17.1.el7.x86_64 providing policycoreutils-python is already installed"
]
}
TASK [rhel-system-roles.selinux : Install SELinux tool semanage on Fedora] *********************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:10
skipping: [rhel7-beta] => {
"changed": false,
"skip_reason": "Conditional result was False",
"skipped": true
}
TASK [rhel-system-roles.selinux : Drop all local modifications first] **************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:17
Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901 `" && echo ansible-tmp-1502218155.63-195727590664901="` echo /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218155.63-195727590664901=/root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901\n', '')
<rhel7-beta> PUT /tmp/tmpN7FjOI TO /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/command.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpN7FjOI /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/command.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/ /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/command.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-jdyvjmpupakjfomuixmvnemqfcuvhuma; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/command.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218155.63-195727590664901/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"changed": true, "end": "2017-08-08 14:49:18.024783", "stdout": "", "cmd": "echo \\"boolean -D\\nlogin -D\\nport -D\\nfcontext -D\\n\\" | /usr/sbin/semanage -i -", "rc": 0, "start": "2017-08-08 14:49:15.918032", "stderr": "", "delta": "0:00:02.106751", "invocation": {"module_args": {"warn": true, "executable": null, "_uses_shell": true, "_raw_params": "echo \\"boolean -D\\nlogin -D\\nport -D\\nfcontext -D\\n\\" | /usr/sbin/semanage -i -", "removes": null, "creates": null, "chdir": null}}, "warnings": []}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
changed: [rhel7-beta] => {
"changed": true,
"cmd": "echo \"boolean -D\nlogin -D\nport -D\nfcontext -D\n\" | /usr/sbin/semanage -i -",
"delta": "0:00:02.106751",
"end": "2017-08-08 14:49:18.024783",
"invocation": {
"module_args": {
"_raw_params": "echo \"boolean -D\nlogin -D\nport -D\nfcontext -D\n\" | /usr/sbin/semanage -i -",
"_uses_shell": true,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"warn": true
}
},
"rc": 0,
"start": "2017-08-08 14:49:15.918032",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
TASK [rhel-system-roles.selinux : Set permanent SELinux mode] **********************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:20
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/selinux.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859 `" && echo ansible-tmp-1502218158.17-236159863669859="` echo /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218158.17-236159863669859=/root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859\n', '')
<rhel7-beta> PUT /tmp/tmpEn4UZ_ TO /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/selinux.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpEn4UZ_ /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/selinux.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/ /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/selinux.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-bjkytanlzstqysevhqzyvbureweoosck; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/selinux.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218158.17-236159863669859/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"changed": false, "configfile": "/etc/selinux/config", "invocation": {"module_args": {"policy": "targeted", "configfile": "/etc/selinux/config", "state": "enforcing"}}, "state": "enforcing", "policy": "targeted", "msg": ""}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
ok: [rhel7-beta] => {
"changed": false,
"configfile": "/etc/selinux/config",
"invocation": {
"module_args": {
"configfile": "/etc/selinux/config",
"policy": "targeted",
"state": "enforcing"
}
},
"msg": "",
"policy": "targeted",
"state": "enforcing"
}
TASK [rhel-system-roles.selinux : Set running SELinux mode] ************************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:24
Using module file /usr/lib/python2.7/site-packages/ansible/modules/commands/command.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271 `" && echo ansible-tmp-1502218158.49-129135323113271="` echo /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218158.49-129135323113271=/root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271\n', '')
<rhel7-beta> PUT /tmp/tmpggb1x1 TO /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/command.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpggb1x1 /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/command.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/ /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/command.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-fmwswhkawmnzkpybisdrobofffjxtfpk; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/command.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218158.49-129135323113271/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"changed": true, "end": "2017-08-08 14:49:18.789288", "stdout": "", "cmd": ["/usr/sbin/setenforce", "enforcing"], "rc": 0, "start": "2017-08-08 14:49:18.784913", "stderr": "", "delta": "0:00:00.004375", "invocation": {"module_args": {"warn": true, "executable": null, "_uses_shell": false, "_raw_params": "/usr/sbin/setenforce enforcing", "removes": null, "creates": null, "chdir": null}}, "warnings": []}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
changed: [rhel7-beta] => {
"changed": true,
"cmd": [
"/usr/sbin/setenforce",
"enforcing"
],
"delta": "0:00:00.004375",
"end": "2017-08-08 14:49:18.789288",
"invocation": {
"module_args": {
"_raw_params": "/usr/sbin/setenforce enforcing",
"_uses_shell": false,
"chdir": null,
"creates": null,
"executable": null,
"removes": null,
"warn": true
}
},
"rc": 0,
"start": "2017-08-08 14:49:18.784913",
"stderr": "",
"stderr_lines": [],
"stdout": "",
"stdout_lines": []
}
TASK [rhel-system-roles.selinux : Set SELinux booleans] ****************************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:28
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/seboolean.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709 `" && echo ansible-tmp-1502218158.96-160292123045709="` echo /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218158.96-160292123045709=/root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709\n', '')
<rhel7-beta> PUT /tmp/tmpiSw7PX TO /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/seboolean.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpiSw7PX /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/seboolean.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/ /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/seboolean.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-ugmwdsekehulwudhmfmdursmrtvcluhr; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/seboolean.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218158.96-160292123045709/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"invocation": {"module_args": {"state": true, "persistent": false, "name": "samba_enable_home_dirs"}}, "changed": true, "name": "samba_enable_home_dirs"}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
Using module file /usr/lib/python2.7/site-packages/ansible/modules/system/seboolean.py
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'echo ~ && sleep 0'"'"''
changed: [rhel7-beta] => (item={u'state': u'on', u'name': u'samba_enable_home_dirs'}) => {
"changed": true,
"invocation": {
"module_args": {
"name": "samba_enable_home_dirs",
"persistent": false,
"state": true
}
},
"item": {
"name": "samba_enable_home_dirs",
"state": "on"
},
"name": "samba_enable_home_dirs"
}
<rhel7-beta> (0, '/root\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'( umask 77 && mkdir -p "` echo /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225 `" && echo ansible-tmp-1502218159.29-274545494835225="` echo /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225 `" ) && sleep 0'"'"''
<rhel7-beta> (0, 'ansible-tmp-1502218159.29-274545494835225=/root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225\n', '')
<rhel7-beta> PUT /tmp/tmpFF_kju TO /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/seboolean.py
<rhel7-beta> SSH: EXEC sftp -b - -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 '[rhel7-beta]'
<rhel7-beta> (0, 'sftp> put /tmp/tmpFF_kju /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/seboolean.py\n', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 rhel7-beta '/bin/sh -c '"'"'chmod u+x /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/ /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/seboolean.py && sleep 0'"'"''
<rhel7-beta> (0, '', '')
<rhel7-beta> ESTABLISH SSH CONNECTION FOR USER: None
<rhel7-beta> SSH: EXEC ssh -C -o ControlMaster=auto -o ControlPersist=60s -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o ConnectTimeout=10 -o ControlPath=/root/.ansible/cp/eaf930e679 -tt rhel7-beta '/bin/sh -c '"'"'sudo -H -S -n -u root /bin/sh -c '"'"'"'"'"'"'"'"'echo BECOME-SUCCESS-rfjquszumlatwggacabuiuxzjqgthotz; /usr/bin/python /root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/seboolean.py; rm -rf "/root/.ansible/tmp/ansible-tmp-1502218159.29-274545494835225/" > /dev/null 2>&1'"'"'"'"'"'"'"'"' && sleep 0'"'"''
<rhel7-beta> (0, '\r\n{"invocation": {"module_args": {"state": true, "persistent": true, "name": "ssh_sysadm_login"}}, "changed": true, "name": "ssh_sysadm_login"}\r\n', 'Shared connection to rhel7-beta closed.\r\n')
changed: [rhel7-beta] => (item={u'state': u'on', u'name': u'ssh_sysadm_login', u'persistent': u'yes'}) => {
"changed": true,
"invocation": {
"module_args": {
"name": "ssh_sysadm_login",
"persistent": true,
"state": true
}
},
"item": {
"name": "ssh_sysadm_login",
"persistent": "yes",
"state": "on"
},
"name": "ssh_sysadm_login"
}
TASK [rhel-system-roles.selinux : Set SELinux file contexts] ***********************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:35
TASK [rhel-system-roles.selinux : Restore SELinux labels on filesystem tree] *******************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:44
TASK [rhel-system-roles.selinux : Set an SELinux label on a port] ******************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:48
TASK [rhel-system-roles.selinux : Set linux user to SELinux user mapping] **********************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.selinux/tasks/main.yml:56
META: ran handlers
META: ran handlers
PLAY RECAP *************************************************************************************************************************************************
rhel7-beta : ok=6 changed=3 unreachable=0 failed=0
I suppose nothing on the control node has changed between the working and broken cases? (Only on the client node.) I think knowing the versions of libselinux-python, libselinux and libselinux-utils on the client node (both on the failing one and the working one) could be useful (but I know nothing about selinux). (In reply to Pavel Cahyna from comment #3) > I think knowing the versions of libselinux-python, libselinux and > libselinux-utils on the client node (both on the failing one and the working > one) could be useful (but I know nothing about selinux). Both beta and GA have libselinux-utils-2.5-11.el7 and libselinux-python-2.5-11.el7. OTOH some other packages changed: policycoreutils* changed from 2.5-16.el7 to 2.5-17.1.el7 (includes policycoreutils-python) selinux-policy* changed from 3.13.1-145.el7 to 3.13.1-166.el7 In the output from the beta machine I see "policycoreutils-python-2.5-17.1.el7.x86_64 providing policycoreutils-python is already installed" although this version is supposed to have policycoreutils-python-2.5-16.el7. How is that possible? (Although it probably does not matter that much.) By the way: I am not able to reproduce the problem on a fresh install (although I connevcted to localhost, not to another system). It doesn't seem to be related directly to the Ansible role. It should be reproducible using the following command: echo -e "boolean -D \nlogin -D\nport -D\nfcontext -D" | /usr/sbin/semanage -i - But I was not able to reproduce it. How was the system installed? Is it up to date? Is it possible that it uses an old kernel? I encountered this issue using to freshly installed RHEL 7.4 virtual instances. Both my Control Node and my target client were brand new 7.4 instances. My target client had selinux disabled in the kickstart file at install with the following line:
selinux --disabled
[root@rhel74-test2 ~]# cat /etc/selinux/config
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of three two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
This would be a very valid use case where the customer does not enable it during deployment so we need to ensure all required packages are installed to enable it for the first time.
[root@rhel74-test2 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.4 (Maipo)
[root@rhel74-test2 ~]# yum repolist
Loaded plugins: product-id, search-disabled-repos, subscription-manager
repo id repo name status
rhel-7-server-extras-rpms/x86_64 Red Hat Enterprise Linux 7 Server - Extras (RPMs) 603
rhel-7-server-rpms/7Server/x86_64 Red Hat Enterprise Linux 7 Server (RPMs) 16,936
repolist: 17,539
[root@rhel74-test2 ~]# rpm -qa |grep -e selinux -e policy
policycoreutils-2.5-17.1.el7.x86_64
selinux-policy-3.13.1-166.el7.noarch
pcp-selinux-3.11.8-7.el7.x86_64
libselinux-utils-2.5-11.el7.x86_64
selinux-policy-targeted-3.13.1-166.el7.noarch
checkpolicy-2.5-4.el7.x86_64
libselinux-2.5-11.el7.x86_64
policycoreutils-python-2.5-17.1.el7.x86_64
libselinux-python-2.5-11.el7.x86_64
Using the test command you provided yields the following output:
[root@rhel74-test2 ~]# echo -e "boolean -D \nlogin -D\nport -D\nfcontext -D" | /usr/sbin/semanage -i -
SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.
SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory
/sbin/load_policy: Can't load policy: No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.
SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory
/sbin/load_policy: Can't load policy: No such file or directory
libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).
OSError: No such file or directory
It seems to produce an error that it cannot access or load the policy /etc/selinux/targeted/policy/policy.30 which *does* actually exist:
[root@rhel74-test2 ~]# ls -l /etc/selinux/targeted/policy/policy.30
-rw-r--r-- 1 root root 3730486 Aug 15 11:12 /etc/selinux/targeted/policy/policy.30
I can reproduce it as well now, very easily:
1. sed -i -e 's/\(^SELINUX=\)enforcing$/\1disabled/' /etc/selinux/config
2. reboot
3. ansible-playbook -c local -i localhost, selinux-playbook.yml
(where selinux-playbook.yml has
---
- hosts: all
become: yes
become_method: sudo
become_user: root
vars:
SELinux_type: targeted
SELinux_mode: enforcing
SELinux_change_running: 1
SELinux_booleans:
- { name: 'samba_enable_home_dirs', state: 'on' }
- { name: 'ssh_sysadm_login', state: 'on', persistent: 'yes' }
roles:
- rhel-system-roles.selinux
)
At this point the provided command
echo -e "boolean -D \nlogin -D\nport -D\nfcontext -D" | /usr/sbin/semanage -i -
fails as well.
This is reproducible on a single machine, no need to configure separate target and control hosts.
I am reassigning it back to the rhel-system-roles component as IMO the role is responsible for enabling SELinux if it is disabled, not libsepol.
Turns out that SELinux can not be enabled without a reboot. The role needs to change the configuration file /etc/selinux/config so that it is enabled on next boot. Right now it fails to do that and I filed an issue about that: https://github.com/linux-system-roles/selinux/issues/1. (It should also warn the user about the necessity of a reboot, try to do what it can even without SELinux enabled and if this is not possible, fail more gracefully.) I'm sorry for a delay and thanks for the great investigation. The problem seems to be in 'semanage import' which doesn't work on a system with SELinux disabled even with -N option: # echo -e "fcontext -D" | /usr/sbin/semanage import -N -f - SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version. ... while 'semanage fcontext', which should do the same thing, can handle it: # semanage fcontext -D -N # The role would need to be changed in order not to use 'semanage import'. At the same time, it would need to use '-N' option when SELinux is disabled. And we will try to fix it in semanage when it's clear where's the bug. (In reply to Petr Lautrbach from comment #11) > And we will try to fix it in semanage when it's clear where's the bug. Will the fix be applied also to RHEL 6 and older releases of RHEL 7? Or is the role guaranteed to work only against the latest release of RHEL 7? Terry, can you please remind us what the supported versions of the target systems are supposed to be? I've got a patch which fixes mode setting when SELinux is disabled [1] [1] https://github.com/bachradsusi/linux-system-roles-selinux/commit/9565c8aa4dd78bdfa14984b335bc8d83aa4b2dbf # sestatus SELinux status: disabled # grep '^SELINUX=' /etc/selinux/config SELINUX=disabled # ansible-playbook /usr/share/doc/rhel-system-roles/selinux/example-selinux-playbook.yml PLAY [all] ************************************************************************************************************************************************************************************ TASK [Gathering Facts] ************************************************************************************************************************************************************************ ok: [localhost] TASK [Creates directory] ********************************************************************************************************************************************************************** ok: [localhost] TASK [Add a System Api Roles SELinux User] **************************************************************************************************************************************************** ok: [localhost] TASK [rhel-system-roles.selinux : Install SELinux tools] ************************************************************************************************************************************** ok: [localhost] TASK [rhel-system-roles.selinux : Install SELinux tool semanage on Fedora] ******************************************************************************************************************** skipping: [localhost] TASK [rhel-system-roles.selinux : Set permanent SELinux mode] ********************************************************************************************************************************* changed: [localhost] TASK [rhel-system-roles.selinux : Set running SELinux mode] *********************************************************************************************************************************** fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["/usr/sbin/setenforce", "enforcing"], "delta": "0:00:00.002610", "end": "2017-08-23 22:10:09.103556", "failed": true, "rc": 1, "start": "2017-08-23 22:10:09.100946", "stderr": "/usr/sbin/setenforce: SELinux is disabled", "stderr_lines": ["/usr/sbin/setenforce: SELinux is disabled"], "stdout": "", "stdout_lines": []} to retry, use: --limit @/usr/share/doc/rhel-system-roles/selinux/example-selinux-playbook.retry PLAY RECAP ************************************************************************************************************************************************************************************ localhost : ok=5 changed=1 unreachable=0 failed=1 # grep '^SELINUX=' /etc/selinux/config SELINUX=enforcing We must test compatibility with RHEL 6.9 and later. Does Petr's PR resolve this at the role level for both RHEL 6 & 7? From my POV - yes, it resolves the problem on RHEL6, RHEL7 and Fedora. There's no incompatible change as '-N' option is supported on RHEL-6 and later and the rest of the patch changes the order of steps: 1. Install SELinux tools 2. Set permanent SELinux mode via /etc/selinux/config 3. Set running SELinux mode - works only when SELinux is not disabled 4. Drop all local modifications - this is the place where '-N' option is added so that it works with SELinux disabled 5. Reload SELinux policy - only if SELinux is not disabled 6. Set SELinux file contexts, booleans and so on - all of them don't work with SELinux disabled due to limitations in Ansible modules I can confirm comment 13. What it does now: # ansible-playbook -c local -i localhost, selinux-playbook.yml PLAY [all] ********************************************************************* TASK [Gathering Facts] ********************************************************* ok: [localhost] TASK [linux-system-roles.selinux : Install SELinux tools] ********************** ok: [localhost] TASK [linux-system-roles.selinux : Install SELinux tool semanage on Fedora] **** skipping: [localhost] TASK [linux-system-roles.selinux : Set permanent SELinux mode] ***************** changed: [localhost] TASK [linux-system-roles.selinux : Set running SELinux mode] ******************* fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["/usr/sbin/setenforce", "enforcing"], "delta": "0:00:00.003845", "end": "2017-08-28 11:33:42.915867", "failed": true, "rc": 1, "start": "2017-08-28 11:33:42.912022", "stderr": "/usr/sbin/setenforce: SELinux is disabled", "stderr_lines": ["/usr/sbin/setenforce: SELinux is disabled"], "stdout": "", "stdout_lines": []} to retry, use: --limit @/root/selinux-playbook.retry PLAY RECAP ********************************************************************* localhost : ok=3 changed=1 unreachable=0 failed=1 So it fails, but it configures selinux in /etc/selinux/config and after a reboot it passes. I believe the user should be informed about why it has failed and that a reboot is necessary, but it is definitely an improvement so I am merging it. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2017:2607 (In reply to Pavel Cahyna from comment #17) > I believe the user should be informed about why it has failed and that a > reboot is necessary, but it is definitely an improvement so I am merging it. https://github.com/ansible/ansible/pull/31251 says: "I also changed the behavior of this module to not report changes every time but instead return reboot_required as a boolean indicating whether a system needs a reboot for policy change to to effect." Seems to do what we need. Petr, can you please review the PR and check whether we may benefit from this added functionality? Pavel, lets discuss it on github - https://github.com/linux-system-roles/selinux/issues/6 |
Description of problem: rhel-system-role.selinux fails basic configuration on RHEL 7.4 GA client, though it succeeds against 7.4 beta client. Version-Release number of selected component (if applicable): [root@rhel74-controlnode demo]# cat /etc/redhat-release Red Hat Enterprise Linux Server release 7.4 (Maipo) [root@rhel74-controlnode demo]# rpm -qa ansible rhel-system-roles selinux* selinux-policy-3.13.1-166.el7.noarch ansible-2.3.1.0-3.el7.noarch selinux-policy-targeted-3.13.1-166.el7.noarch rhel-system-roles-0.2-2.el7.noarch How reproducible: Steps to Reproduce: 1. Use the following ansible playbook to enable targeted enforcing selinux. --- - hosts: rhel become: yes become_method: sudo become_user: root vars: SELinux_type: targeted SELinux_mode: enforcing SELinux_change_running: 1 SELinux_booleans: - { name: 'samba_enable_home_dirs', state: 'on' } - { name: 'ssh_sysadm_login', state: 'on', persistent: 'yes' } roles: - rhel-system-roles.selinux Actual results: - Works successfully against a RHEL 7.4 Beta client. - Fails against a RHEL 7.4 GA release client with errors "SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.", "SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory", "/sbin/load_policy: Can't load policy: No such file or directory", "libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).", "SELinux: Could not downgrade policy file /etc/selinux/targeted/policy/policy.30, searching for an older version.", "SELinux: Could not open policy file <= /etc/selinux/targeted/policy/policy.30: No such file or directory", "/sbin/load_policy: Can't load policy: No such file or directory", "libsemanage.semanage_reload_policy: load_policy returned error code 2. (No such file or directory).", "OSError: No such file or directory"