From d438f096a71d23f7f74a7d1ff5a70b034e7c5ad1 Mon Sep 17 00:00:00 2001
From: Janne Blomqvist <janne.blomqvist@aalto.fi>
Date: Tue, 11 Sep 2018 16:10:58 +0300
Subject: [PATCH] Make role work with chroot connections on EL 7.

For chroot connection (e.g. when building images instead of working on
live hosts) one cannot restart services etc.

Also due to Ansible bug 21026 one must run systemctl instead of using
the service module, limiting support to EL 7 for the time being.
---
 handlers/main.yml |  5 ++++-
 tasks/install.yml | 13 ++++++++++++-
 2 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/handlers/main.yml b/handlers/main.yml
index 2a437b4..9e7a5de 100644
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -3,5 +3,8 @@
   service:
     name: "{{ sshd_service }}"
     state: reloaded
-  when: "sshd_allow_reload and ansible_virtualization_type|default(None) != 'docker'"
+  when:
+    - sshd_allow_reload
+    - ansible_virtualization_type|default(None) != 'docker'
+    - ansible_connection != 'chroot'
   listen: reload_sshd
diff --git a/tasks/install.yml b/tasks/install.yml
index 3a04046..bdf7438 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -41,7 +41,18 @@
     name: "{{ sshd_service }}"
     enabled: true
     state: started
-  when: "sshd_manage_service and ansible_virtualization_type|default(None) != 'docker'"
+  when:
+    - sshd_manage_service
+    - ansible_virtualization_type|default(None) != 'docker'
+    - ansible_connection != 'chroot'
+
+# Due to ansible bug 21026, cannot use service module on RHEL 7
+- name: Enable service in chroot
+  command: systemctl enable {{ sshd_service }}
+  when:
+    - ansible_connection == 'chroot'
+    - ansible_os_family == 'RedHat'
+    - ansible_distribution_major_version|int >= 7
 
 - name: Register that this role has run
   set_fact: sshd_has_run=true