Failed on "Set SELinux boolean ssh_sysadm_login accordingly"
c0debreaker opened this issue · comments
Description of problem:
I ran ansible-playbook harden-al2.yml. However, it's failing at Set SELinux boolean ssh_sysadm_login accordingly.
SCAP Security Guide Version:
Operating System Version:
Amazon Linux 2
Steps to Reproduce:
- I ran ansible-playbook harden-al2.yml
Actual Results:
It failed with this errors
An exception occurred during task execution. To see the full traceback, use -vvv. The error was: ImportError: No module named selinux
fatal: [localhost]: FAILED! => {"changed": false, "msg": "Failed to import the required Python library (libselinux-python) on ip-172-31-8-206.ec2.internal's Python /usr/bin/python2. Please read module documentation and install in the appropriate location. If the required library is installed, but Ansible is using the wrong Python interpreter, please consult the documentation on ansible_python_interpreter"}
Expected Results:
It should not fail.
Additional Information/Debugging Steps:
We stopped using Python 2. Can I comment it out from the yml file so that it bypasses it?
I'm also wondering why we would need Python 2 especially it's already deprecated version.
I got another error after commenting the above. Maybe there should be a better way of check it before running it?
TASK [amazon-linux-2-ansible-hardening : Deactivate Wireless Network Interfaces] *************************************************************************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["nmcli", "radio", "wifi", "off"], "delta": "0:00:00.129288", "end": "2024-05-25 07:07:41.986603", "msg": "non-zero return code", "rc": 8, "start": "2024-05-25 07:07:41.857315", "stderr": "Error: NetworkManager is not running.", "stderr_lines": ["Error: NetworkManager is not running."], "stdout": "", "stdout_lines": []}