Merge pull request #856 from tobias-urdin/selinux_ignore_defaults

Ignore SELinux defaults for systemd on RHEL based
voxpupuli · Aug 30, 2020 · f6b3a8f · f6b3a8f
2 parents b05b6b2 + 85f3be4
commit f6b3a8f
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 3 deletions.
diff --git a/manifests/config.pp b/manifests/config.pp
@@ -231,9 +231,10 @@
 
   if $facts['systemd'] { # systemd fact provided by systemd module
     systemd::service_limits { "${service_name}.service":
-      limits          => { 'LimitNOFILE' => $file_limit },
+      selinux_ignore_defaults => ($facts['os']['family'] == 'RedHat'),
+      limits                  => { 'LimitNOFILE' => $file_limit },
       # The service will be notified when config changes
-      restart_service => false,
+      restart_service         => false,
     }
   }
 

diff --git a/metadata.json b/metadata.json
@@ -69,7 +69,7 @@
     },
     {
       "name": "camptocamp/systemd",
-      "version_requirement": ">= 2.1.0 < 3.0.0"
+      "version_requirement": ">= 2.10.0 < 3.0.0"
     }
   ],
   "tags": [

diff --git a/spec/classes/rabbitmq_spec.rb b/spec/classes/rabbitmq_spec.rb
@@ -148,8 +148,11 @@
           end
 
           if facts[:systemd]
+            selinux_ignore_defaults = facts[:os]['family'] == 'RedHat'
+
             it do
               is_expected.to contain_systemd__service_limits("#{name}.service").
+                with_selinux_ignore_defaults(selinux_ignore_defaults).
                 with_limits('LimitNOFILE' => value).
                 with_restart_service(false)
             end