From 99af4c4a86cab59cb4a0b3e1ade8eb102524800c Mon Sep 17 00:00:00 2001
From: Aaron Guise <aaron.guise@ultrafast.co.nz>
Date: Tue, 19 Oct 2021 15:55:21 +1300
Subject: [PATCH] Add SELinux module install to role

---
 files/checkmk-agent-autoupgrade.pp | Bin 0 -> 977 bytes
 tasks/RedHat.yml                   |  20 ++++++++++++++++++++
 2 files changed, 20 insertions(+)
 create mode 100644 files/checkmk-agent-autoupgrade.pp

diff --git a/files/checkmk-agent-autoupgrade.pp b/files/checkmk-agent-autoupgrade.pp
new file mode 100644
index 0000000000000000000000000000000000000000..0fd89b3113c156fc959827207ad21eb7033b9973
GIT binary patch
literal 977
zcmb_aK~BRk5Deu2LLiVhaq9<);0Jr*1}7d61;=VlTRU<bi349iyq6Q~6p!i@AtBL`
z#yg(fwH;;OKVLr%s;UAnlyAB}*Z6ohy?1_inLdPeSlNkMmr9f!D}gJeSy;1NFK5l%
z`ZQ~X6ozgdo7Ns`^7i^hH0*-c9pwb~h(H&Ev3-A{5>|?h?_F}ivk(tpad>*RCe=~Y
zBZNX@scDxUJ`6m~k$32J)Em2X-J9sTRHrk|v5xN$G-Nn$Q(K#bTeWqf`CHsQ2zB(J
zC6gC1!Y?7Z0hz}~0kT=Q3(scVHZ!h8AILgJc!a0`nZr*9WV3!Rf6?ei9mum7;SoZi
pabLPP@?R3~#YE@n#kM47ma{r3a?qH)a=yww%-U$4%B1Fg;0xP|M2i3b

literal 0
HcmV?d00001

diff --git a/tasks/RedHat.yml b/tasks/RedHat.yml
index f15fcd9..fdecb65 100644
--- a/tasks/RedHat.yml
+++ b/tasks/RedHat.yml
@@ -6,6 +6,26 @@
     state: present
   notify: restart xinetd
 
+- name: Fix SeLinux Auto-Updates
+  block:
+    - name: list installed selinux modules
+      command: /usr/sbin/semodule -l
+      register: installed_mods
+    - name: check_mk_mod_installed
+      set_fact:
+        cmk_mod_installed: True
+      when: '"check-mk-agent-self-update" in installed_mods.stdout'
+    - name: copy file
+      copy:
+        src: files/checkmk-agent-autoupgrade.pp
+        dest: /tmp/checkmk-agent-autoupgrade.pp
+      when: cmk_mod_installed is not defined
+    - name: install the module
+      command: /usr/sbin/semodule -i /tmp/checkmk-agent-autoupgrade.pp
+      when: cmk_mod_installed is not defined
+  when: ansible_selinux
+  tags: selinux-pre
+
 - name: Gather facts of packages
   package_facts:
     manager: "auto"