directory_source of selinux_policy_module does seem to work…

Hi,

In one of my cookbook I call the selinux_policy_module to install a module already in .pp format.

### Install the SELinux policies
include_recipe 'selinux_policy::default'
selinux_policy_module 'postfixvas' do
  directory_source  'selinux-qas'
  action  :install
end

Unfortunately i get errors:

Error executing action run on resource 'execute[semodule-install-postfixvas]'
Error executing action install on resource 'selinux_policy_module[postfixvas]' as the run of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp command fails. Actually it seems that the .pp file is not there! (see the complete error message at the end) But there are:

[root@server001 chef-repo_QoD]# ls -al cookbooks/unix_ad4unix/files/default/selinux-qas/*.pp
-rwxrwx---. 1 544 1049089 1412 Mar  8 09:33 cookbooks/unix_ad4unix/files/default/selinux-qas/postfixvas.pp
-rwxrwx---. 1 544 1049089 1683 Mar  8 09:33 cookbooks/unix_ad4unix/files/default/selinux-qas/sshdqas.pp

The .pp file is well provided in a sub directory of files/default/. As you will see, to ensure that the files are accessible, I put a remote_directory resource before to test it. And with the source 'selinux-qas' it finds the file.

### Test remote directory resource
remote_directory '/tmp' do
  source 'selinux-qas'
  owner 'root'
  group 'root'
  mode '0755'
  action :create
end

I'm quite new using Chef, so it is possible that I miss something. Don't slap me too hard if this is the case! ;-)

Full output I get:

[root@server001 chef-repo_QoD]# chef-solo -c .chef/chef-solo.rb
Starting Chef Client, version 12.7.2
Compiling Cookbooks...
Converging 9 resources
Recipe: yum::default
  * yum_globalconfig[/etc/yum.conf] action create
    * template[/etc/yum.conf] action create (up to date)
     (up to date)
Recipe: unix_repo::default
  * yum_repository[rhel-updates-6] action create
    * template[/etc/yum.repos.d/rhel-updates-6.repo] action create (up to date)
    * execute[yum clean metadata rhel-updates-6] action nothing (skipped due to action :nothing)
    * execute[yum-makecache-rhel-updates-6] action nothing (skipped due to action :nothing)
    * ruby_block[yum-cache-reload-rhel-updates-6] action nothing (skipped due to action :nothing)
     (up to date)
  * yum_repository[system-tools-6] action create
    * template[/etc/yum.repos.d/system-tools-6.repo] action create (up to date)
    * execute[yum clean metadata system-tools-6] action nothing (skipped due to action :nothing)
    * execute[yum-makecache-system-tools-6] action nothing (skipped due to action :nothing)
    * ruby_block[yum-cache-reload-system-tools-6] action nothing (skipped due to action :nothing)
     (up to date)
Recipe: unix_ad4unix::default
  * yum_package[vasclnt] action install (up to date)
  * yum_package[quest-sudo] action install (up to date)
  * template[/etc/profile.d/qas-path.sh] action create (up to date)
  * remote_directory[/tmp] action create
  Recipe: <Dynamically Defined Resource>
    * cookbook_file[/tmp/sshdqas.te] action create (up to date)
    * cookbook_file[/tmp/postfixvas.pp] action create (up to date)
    * cookbook_file[/tmp/sshdqas.pp] action create (up to date)
    * cookbook_file[/tmp/postfixvas.te] action create (up to date)
     (up to date)
Recipe: unix_ad4unix::default
  * selinux_policy_module[sshdqas] action install
    * execute[semodule-install-sshdqas] action run (skipped due to only_if)
     (up to date)
  * selinux_policy_module[postfixvas] action install
    * execute[semodule-install-postfixvas] action run

      ================================================================================
      Error executing action `run` on resource 'execute[semodule-install-postfixvas]'
      ================================================================================

      Mixlib::ShellOut::ShellCommandFailed
      ------------------------------------
      Expected process to exit with [0], but received '1'
      ---- Begin output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
      STDOUT:
      STDERR: /usr/sbin/semodule:  Failed on /root/.chef/postfixvas/postfixvas.pp!
      ---- End output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
      Ran /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp returned 1

      Resource Declaration:
      ---------------------
      # In /root/chef-repo_QoD/cookbooks/selinux_policy/providers/module.rb

       62:   execute "semodule-install-#{new_resource.module_name}" do
       63:     command  "/usr/sbin/semodule -i #{filename}"
       64:     only_if "#{shell_boolean(new_resource.updated_by_last_action? || new_resource.force)} || ! (#{module_defined(new_resource.module_name)}) "
       65:     only_if {use_selinux}
       66:   end
       67: end

      Compiled Resource:
      ------------------
      # Declared in /root/chef-repo_QoD/cookbooks/selinux_policy/providers/module.rb:62:in `block in class_from_file'

      execute("semodule-install-postfixvas") do
        action [:run]
        retries 0
        retry_delay 2
        default_guard_interpreter :execute
        command "/usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp"
        backup 5
        returns 0
        declared_type :execute
        cookbook_name :unix_ad4unix
        only_if "false || ! (/usr/sbin/semodule -l | grep -w '^postfixvas') "
        only_if { #code block }
      end

    ================================================================================
    Error executing action `install` on resource 'selinux_policy_module[postfixvas]'
    ================================================================================

    Mixlib::ShellOut::ShellCommandFailed
    ------------------------------------
    execute[semodule-install-postfixvas] (/root/chef-repo_QoD/cookbooks/selinux_policy/providers/module.rb line 62) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
    ---- Begin output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
    STDOUT:
    STDERR: /usr/sbin/semodule:  Failed on /root/.chef/postfixvas/postfixvas.pp!
    ---- End output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
    Ran /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp returned 1

    Resource Declaration:
    ---------------------
    # In /root/chef-repo_QoD/cookbooks/unix_ad4unix/recipes/default.rb

     41:   selinux_policy_module 'postfixvas' do
     42:     directory_source  '/tmp'
     43:     action  :install
     44:   end
     45: end

    Compiled Resource:
    ------------------
    # Declared in /root/chef-repo_QoD/cookbooks/unix_ad4unix/recipes/default.rb:41:in `from_file'

    selinux_policy_module("postfixvas") do
      action [:install]
      retries 0
      retry_delay 2
      default_guard_interpreter :default
      declared_type :selinux_policy_module
      cookbook_name :unix_ad4unix
      recipe_name "default"
      directory_source "/tmp"
      module_name "postfixvas"
    end

Running handlers:
[2016-03-11T18:21:20+01:00] ERROR: Running exception handlers
Running handlers complete
[2016-03-11T18:21:20+01:00] ERROR: Exception handlers complete
Chef Client failed. 0 resources updated in 06 seconds
[2016-03-11T18:21:20+01:00] FATAL: Stacktrace dumped to /root/.chef/chef-stacktrace.out
[2016-03-11T18:21:20+01:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
[2016-03-11T18:21:20+01:00] ERROR: selinux_policy_module[postfixvas] (unix_ad4unix::default line 41) had an error: Mixlib::ShellOut::ShellCommandFailed: execute[semodule-install-postfixvas] (/root/chef-repo_QoD/cookbooks/selinux_policy/providers/module.rb line 62) had an error: Mixlib::ShellOut::ShellCommandFailed: Expected process to exit with [0], but received '1'
---- Begin output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
STDOUT:
STDERR: /usr/sbin/semodule:  Failed on /root/.chef/postfixvas/postfixvas.pp!
---- End output of /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp ----
Ran /usr/sbin/semodule -i /root/.chef/postfixvas/postfixvas.pp returned 1
[2016-03-11T18:21:20+01:00] FATAL: Chef::Exceptions::ChildConvergeError: Chef run process exited unsuccessfully (exit code 1)

sous-chefs / selinux

directory_source of selinux_policy_module does seem to work… #29