From 5d3c59f6eb447e9da0d16f720f492a084ca5add5 Mon Sep 17 00:00:00 2001 From: Aron Parsons Date: Thu, 20 Apr 2017 21:20:14 -0400 Subject: [PATCH] only reload systemd on package changes it has been observed on systems that the "systemctl is-active" check can return non-zero status when checking the status of iptables and ip6tables at the same time. this causes idempotent issues when ip6tables is disabled. systemd should not be blindly reloaded if there are units not active. it should only be reloaded if the unit files on disk change. this only occurs at package installation time, so the Exec resource should only be refreshed if the package changes. there are no other resources in this module that manipulate the unit files other than the Package resource. --- manifests/linux/redhat.pp | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp index 88d801b..cda18db 100644 --- a/manifests/linux/redhat.pp +++ b/manifests/linux/redhat.pp @@ -59,9 +59,10 @@ class firewall::linux::redhat ( or ($::operatingsystem == 'Fedora' and versioncmp($::operatingsystemrelease, '15') >= 0)) { if $ensure == 'running' { exec { '/usr/bin/systemctl daemon-reload': - require => Package[$package_name], - before => Service[$service_name, $service_name_v6], - unless => "/usr/bin/systemctl is-active ${service_name} ${service_name_v6}", + require => Package[$package_name], + before => Service[$service_name, $service_name_v6], + subscribe => Package[$package_name], + refreshonly => true, } } } -- 2.45.2