Details
-
New Feature
-
Status: Accepted
-
Normal
-
Resolution: Unresolved
-
None
-
None
-
EL8 (expected to be released 2019), Fedora 26+
-
-
Platform OS
-
Needs Assessment
Description
In the old days `semodule --list` provided the version of the modules loaded. Then this output was removed and now only lists the modules loaded.
The new param `--list-modules=full` looks like this:
# semodule --list-modules=full | head -n2
|
200 container pp
|
100 abrt pp
|
...
|
where 200 is the priority of the module and pp the type (IMHO cil or pp is possible). Priority is there because you can have the same named module loaded multiple times and the higher priority wins.
Anyway, this doesn't help puppet to determine what version of the module is loaded to determine if it needs to load the module again.
I now wan't to reload the module if puppet changes the source of the module it manages. But right now the selmodule provider does not support sending a notify to reload the module:
Test-case:
exec { '/bin/true':
|
}
|
~> selmodule { 'tomcat':
|
ensure => 'present',
|
}
|
produces:
# puppet apply /tmp/test.pp
|
Notice: Compiled catalog for server in environment production in 0.06 seconds
|
Notice: /Stage[main]/Main/Exec[/bin/true]/returns: executed successfully
|
Notice: Applied catalog in 1.11 seconds
|
It's not trying to reload the tomcat module.
