From c6d503256196e8204098ab0caf7ca846f3b6647e Mon Sep 17 00:00:00 2001
From: David Galloway <dgallowa@redhat.com>
Date: Fri, 15 Sep 2017 10:17:10 -0400
Subject: [PATCH] common: Check for *any* empty selinux policy module files

Signed-off-by: David Galloway <dgallowa@redhat.com>
---
 roles/common/tasks/nrpe-selinux.yml | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/roles/common/tasks/nrpe-selinux.yml b/roles/common/tasks/nrpe-selinux.yml
index 802cec3..a179e25 100644
--- a/roles/common/tasks/nrpe-selinux.yml
+++ b/roles/common/tasks/nrpe-selinux.yml
@@ -44,19 +44,15 @@
     - pcpupstream_module_status is defined
     - pcpupstream_module_status.stat.size == 0
 
-# abrt was just chosen since it's first in the dir and
-# included with the selinux-policy-targeted package.
-- name: Check for empty SELinux module file
-  stat:
-    path: /etc/selinux/targeted/active/modules/100/abrt/lang_ext
+- name: Check for any empty SELinux module files
+  shell: find /etc/selinux/targeted/active/modules/100 -type f -empty -name lang_ext
   register: selinux_module_status
 
 # ignore_errors in case the package isn't available or installed.
 # The ansible yum module doesn't appear to have a reinstall option.
 - name: Reinstall selinux-policy-targeted if modules are corrupt
   command: yum -y reinstall selinux-policy-targeted
-  when: selinux_module_status.stat.exists == true and
-        selinux_module_status.stat.size == 0
+  when: selinux_module_status.stdout != ''
   ignore_errors: true
 
 - name: nrpe - Remove SELinux policy package
-- 
2.39.5