How can I run a salt state if a command prints zero rows?

Question

I've got Salt and SELinux running on CentOS7.

I want to run restorecon -Rv /path/to/something, but only if it's necessary. I know that Salt has the onlyif and unless commands, but I'm having a heck of a time googling for what I want. I want to write something to this effect:

Fix SELinux Permissions:
  cmd.run:
    - name: restorecon -Rv /path/to/something
    - onlyif: restorecon -Rv -n /path/to/something produces any lines

I've tried the return code, but that's always 0. I don't actually want to run this command every time I run the state - just when the dir actually needs to change. Otherwise salt will report that it ran the command and there were changes even when there weren't really.

How can I get this to work the way I want?

score 1 · Accepted Answer · answered Dec 01 '15 at 20:26

1

It looks like this will do what I want:

restore selinux permissions:
  cmd.run:
    - name: restorecon -Rv /path/to/folder/
    - onlyif:
        - "if [[ $(restorecon -Rv -n /path/to/folder/) ]]; then exit 0; else exit 1; fi"

answered Dec 01 '15 at 20:26

Wayne Werner

709
4
14
26

How can I run a salt state if a command prints zero rows?

1 Answers1