seboolean: add integration tests (#32438)

test/integration/targets/seboolean/aliases

@@ -0,0 +1,2 @@
+needs/root
+posix/ci/group2

test/integration/targets/seboolean/tasks/main.yml

@@ -0,0 +1,22 @@
+# (c) 2017, Martin Krizek <mkrizek@redhat.com>
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+- include: seboolean.yml
+  when:
+    - ansible_selinux is defined
+    - ansible_selinux != False
+    - ansible_selinux.status == 'enabled'

test/integration/targets/seboolean/tasks/seboolean.yml

@@ -0,0 +1,74 @@
+# (c) 2017, Martin Krizek <mkrizek@redhat.com>
+
+# This file is part of Ansible
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible.  If not, see <http://www.gnu.org/licenses/>.
+
+- name: Cleanup
+  shell: setsebool -P httpd_can_network_connect 0
+##########################################################################################
+- name: set flag and don't keep it persistent
+  seboolean:
+    name: httpd_can_network_connect
+    state: yes
+  register: output
+
+- name: get getsebool output
+  shell: semanage boolean -l | grep 'httpd_can_network_connect\W'
+  register: getsebool_output
+
+- name: check output
+  assert:
+    that:
+      - output|changed
+      - not output|failed
+      - output.name == 'httpd_can_network_connect'
+      - getsebool_output.stdout.startswith('httpd_can_network_connect      (on   ,  off)')
+##########################################################################################
+- name: unset flag
+  seboolean:
+    name: httpd_can_network_connect
+    state: no
+
+- name: get getsebool output
+  shell: semanage boolean -l | grep 'httpd_can_network_connect\W'
+  register: getsebool_output
+
+- name: check output
+  assert:
+    that:
+      - output|changed
+      - not output|failed
+      - output.name == 'httpd_can_network_connect'
+      - getsebool_output.stdout.startswith('httpd_can_network_connect      (off  ,  off)')
+##########################################################################################
+- name: set flag and keep it persistent
+  seboolean:
+    name: httpd_can_network_connect
+    state: yes
+    persistent: yes
+  register: output
+
+- name: get getsebool output
+  shell: semanage boolean -l | grep 'httpd_can_network_connect\W'
+  register: getsebool_output
+
+- name: check output
+  assert:
+    that:
+      - output|changed
+      - not output|failed
+      - output.name == 'httpd_can_network_connect'
+      - getsebool_output.stdout.startswith('httpd_can_network_connect      (on   ,   on)')
+##########################################################################################