How SELinux screws with scripts when run over VMware Tools

SELinux by default prohibits certain things from working through VMware tools (Ansible connection or plain API). This can be solved two ways: Disabling SELinux: BAD, but easy Writing a custom SELinux policy: complicated but more secure Note: Adding/Changing this policy through a VMware tools connection is thankfully possible Example policy This policy is the base for a VMware tools policy and allows entering the rpm context (yum). module custom-vmtools 1. [Read More]

Ansible VMware Connection Plugin & Become

When using VMware as the connection plugin to connect to remote hosts you commonly set two facts for username and password: ansible_vmware_tools_user:"mkamner"ansible_vmare_tools_password:"Super Secret PW"This will work just fine for windows and with many tasks on linux. However, if you want to use become: true on linux it will fail with the strangest error messages. For example: apt will fail, because it can’t acquire the lock file The solution is rather simple, become does not honor the VMware facts set, instead it wants two different facts set: [Read More]