Is there a way to require the selinux cookbook as a dependency but only for
Vagrant & Test Kitchen? I was thinking of using that to just disable
SELinux but I wouldn’t want it to be a mandatory dependency for everyone.
What's the appropriate way to handle SELinux configuration for a Vagrantfile
or .kitchen.yml that ships with a community cookbook?
I updated the nexus cookbook to use a new base box in the Vagrantfile and
now it will fail if you have recipe[nginx] on the run list, because the new
base box has SELinux enabled.
Is there a way to require the selinux cookbook as a dependency but only for
Vagrant & Test Kitchen? I was thinking of using that to just disable SELinux
but I wouldn't want it to be a mandatory dependency for everyone.
My personal opinion (as one of the maintainers of the bento project)
is to just use baseboxes that have SELinux in a permissive state
(enabled but not enforcing). That gives the greatest flexibility
whilst testing.
What's the appropriate way to handle SELinux configuration for a
Vagrantfile
or .kitchen.yml that ships with a community cookbook?
I updated the nexus cookbook to use a new base box in the Vagrantfile and
now it will fail if you have recipe[nginx] on the run list, because the
new
base box has SELinux enabled.
Is there a way to require the selinux cookbook as a dependency but only
for
Vagrant & Test Kitchen? I was thinking of using that to just disable
SELinux
but I wouldn't want it to be a mandatory dependency for everyone.
My personal opinion (as one of the maintainers of the bento project)
is to just use baseboxes that have SELinux in a permissive state
(enabled but not enforcing). That gives the greatest flexibility
whilst testing.
You could accomplish what you are looking for several different ways:
Put the SELinux recipe you need into the Vagrantfile’s runlist.
This one is a bit of an ugly hack: add a recipe to your cookbook that simply contains a script that calls “setenforce 0”. Use include_recipe to call it only if you are running from a Vagrantfile.
Leave SELinux enabled, and make your cookbook compatible with SELinux. Since you are developing a community cookbook, this may actually be your best choice. After all, if your cookbook breaks for you with SELinux, it’s going to break for anybody else who uses it, too!
What’s the appropriate way to handle SELinux configuration for a Vagrantfile or .kitchen.yml that ships with a community cookbook?
I updated the nexus cookbook to use a new base box in the Vagrantfile and now it will fail if you have recipe[nginx] on the run list, because the new base box has SELinux enabled.
Is there a way to require the selinux cookbook as a dependency but only for Vagrant & Test Kitchen? I was thinking of using that to just disable SELinux but I wouldn’t want it to be a mandatory dependency for everyone.