From 3fb2da635990955cc55988706828fd30e6a49132 Mon Sep 17 00:00:00 2001 From: Michael Scherer Date: Mon, 5 Aug 2013 23:54:08 +0200 Subject: [PATCH] use lgetfilecon_raw instead of lgetfilecon to not depend on local level translation If SELinux is enabled and mcstrans is running, daemons are restarted on each run. After further debugging, it turn out that ansible compare the untranslated level 's0' with the translated level 'SystemLow' due to mcstrans being running, which trigger a handler since this is considered as a change. --- lib/ansible/module_common.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/ansible/module_common.py b/lib/ansible/module_common.py index 062ec0e036c..08454467be9 100644 --- a/lib/ansible/module_common.py +++ b/lib/ansible/module_common.py @@ -315,7 +315,7 @@ class AnsibleModule(object): if not HAVE_SELINUX or not self.selinux_enabled(): return context try: - ret = selinux.lgetfilecon(self._to_filesystem_str(path)) + ret = selinux.lgetfilecon_raw(self._to_filesystem_str(path)) except OSError, e: if e.errno == errno.ENOENT: self.fail_json(path=path, msg='path %s does not exist' % path)