forked from evolix/ansible-roles
Fail if /var has nodev or noexec option enabled.
This commit is contained in:
parent
14883aa95e
commit
bd39adaf68
|
@ -43,15 +43,11 @@
|
||||||
- lxc_unprivilegied_containers | bool
|
- lxc_unprivilegied_containers | bool
|
||||||
- root_subuids.rc != 0
|
- root_subuids.rc != 0
|
||||||
|
|
||||||
- name: /var has mount options dev and exec enabled
|
- name: Check if /var has not mount options nodev or noexec
|
||||||
mount:
|
shell: findmnt | grep -E "/var[^/]" | grep -e nodev -e noexec
|
||||||
path: /var
|
register: check_var
|
||||||
opts: dev,exec
|
changed_when: false
|
||||||
state: remounted
|
failed_when: "check_var.rc == 0"
|
||||||
with_items: "{{ ansible_mounts }}"
|
|
||||||
when: "item.mount == '/var' and
|
|
||||||
('nodev' in item.options.split(',') or
|
|
||||||
'noexec' in item.options.split(','))"
|
|
||||||
|
|
||||||
- name: Create containers
|
- name: Create containers
|
||||||
include: create-container.yml
|
include: create-container.yml
|
||||||
|
|
Loading…
Reference in a new issue