Force execution of provider

gistfile1.txt

selinux_policy_module modulename do
  action :deploy
end
end

file "#{path}/#{modulename}.pp" do
  action :delete
end

selinux_policy_module modulename do
  action :deploy
  force true
end

file "#{path}/#{modulename}.pp" do
  action :delete
end

selinux_policy_module modulename do
  action :deploy
end

provider

# Support whyrun
def whyrun_supported?
  true
end

use_inline_resources

# Compile and deploy module (also upgrade)
action :deploy do
  modulename="#{new_resource.name}"

  attributesfile="#{Chef::Config[:file_cache_path]}/semodule-#{modulename}/#{modulename}.te"

  directory "#{Chef::Config[:file_cache_path]}/semodule-#{modulename}" do
    action :create
  end

  # only create the .te file if new_resource.content is not nil?
  file attributesfile do
    content new_resource.content
    path "#{Chef::Config[:file_cache_path]}/semodule-#{modulename}"
    only_if {use_selinux}
  end unless new_resource.content.nil?

  # We need to extract the module version from the .te file to ensure that we do not try to make & load the same version again

  if match = IO.read(attributesfile).match(/policy_module *\(.*, *(.*)\)/i)
    module_version = match.captures[0]
  end

  raise "No policy_module version defined in #{Chef::Config[:file_cache_path]}/semodule-#{modulename}/#{modulename}.te" if module_version.nil?

  execute "semodule-deploy-#{new_resource.name}" do
    command "/usr/bin/make -f /usr/share/selinux/devel/Makefile load"
    only_if {new_resource.force or (module_version != shell_out("/usr/sbin/semodule -l | grep #{modulename} | cut -f2").stdout.chomp())}
    cwd "#{Chef::Config[:file_cache_path]}/semodule-#{modulename}"
    only_if {use_selinux}
  end
end