CentOS 8: proper selinux package naming

artem-sidorenko · artem-sidorenko · commit 9cc66c97d29b · 2019-10-30T14:58:53.000+01:00
there is a difference between rhel 8 and before

Signed-off-by: Artem Sidorenko &lt;artem.sidorenko@t-systems.com&gt;
diff --git a/.travis.yml b/.travis.yml
@@ -32,9 +32,6 @@ script:
   -  bundle exec rake kitchen KITCHEN_LOCAL_YAML=.kitchen.dokken.yml
 
 matrix:
-  allow_failures:
-    # temporaray disable failing tests until all problems are fixed
-    - env: INSTANCE=centos-8
   include:
     - env: UNIT_AND_LINT=1
       script:
diff --git a/attributes/default.rb b/attributes/default.rb
@@ -31,6 +31,14 @@
   default['ssh-hardening']['sshclient']['package'] = 'openssh-client'
 end
 
+# Define the package name for selinux utils
+if node['platform_family'] == 'fedora' || # rubocop:disable Style/ConditionalAssignment
+   node['platform_family'] == 'rhel' && node['platform_version'].to_f >= 8
+  default['ssh-hardening']['selinux']['package'] = 'policycoreutils-python-utils'
+else
+  default['ssh-hardening']['selinux']['package'] = 'policycoreutils-python'
+end
+
 # Define the server package name
 case node['platform']
 when 'suse', 'opensuse', 'opensuseleap'
diff --git a/recipes/server.rb b/recipes/server.rb
@@ -56,9 +56,7 @@
   module_file = ::File.join(cache_dir, 'ssh_password.mod')
   package_file = ::File.join(cache_dir, 'ssh_password.pp')
 
-  package 'policycoreutils-python'
-  # on fedora we need an addtional package for semodule_package
-  package 'policycoreutils-python-utils' if node['platform_family'] == 'fedora'
+  package node['ssh-hardening']['selinux']['package']
 
   if node['ssh-hardening']['ssh']['server']['use_pam']
     # UsePAM yes: disable and remove the additional SELinux policy
