[SYSTEXT-1044] Add RHEL 2FA support #2
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This merges pull request saltstack-formulas#229 (googleauth: RHEL support)
Author
|
This shouldn't be merged without a good review and some additional testing. |
opserve-bart
suggested changes
May 12, 2023
selinux.fcontext_policy_present only works once, if the policy is
already present the salt state errors, add an unless statement to
check if the policy is already in place.
Error:
----------
ID: users_googleauth_selinux_present
Function: selinux.fcontext_policy_present
Name: /etc/google_authenticator.d(/.*)?
Result: False
Comment: Error adding new rule: {'pid': 10389, 'retcode': 1, 'stdout': '', 'stderr': 'ValueError: File context for /etc/google_authenticator.d(/.*)? already defined'}
Started: 07:14:38.736705
Duration: 609.271 ms
Changes:
When we set replace to false we only generate an initial config and changes to the pillar are never applied, set replace to true to fix this.
opserve-menno
force-pushed
the
SYSTEXT-1044
branch
from
e36f671 to
24e8cfb
Compare
opserve-bart
approved these changes
May 15, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is pull request #229 with some additional fixes.
This includes a workaround for Salt's selinux.fcontext_policy_present state and makes sure we replace the 2FA code if updated in the pillar.