From d9c5b06ab7bb53602d4f3892f518aae1f7b96fe2 Mon Sep 17 00:00:00 2001
From: valentin <poubelle@romanet.fr>
Date: Wed, 10 Nov 2021 12:08:27 +0100
Subject: [PATCH] removed user confirmation, sshd restart

---
 ocanary-setup.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/ocanary-setup.sh b/ocanary-setup.sh
index 3393eda..a9b53ac 100755
--- a/ocanary-setup.sh
+++ b/ocanary-setup.sh
@@ -121,7 +121,8 @@ sudo semanage port -a -t ssh_port_t -p tcp 2222
 # Change opencanaryd file type to a 'bin_t' type. Will ensure that the file type does not trisition to a confined domain
 # Without this instruction, SELinux will block many actions
 echo "Adding rules for SELinux to let opencanaryd service run..."
-sudo chcon -t bin_t /var/lib/canary-env/bin/opencanaryd 
+#sudo chcon -t bin_t /var/lib/canary-env/bin/opencanaryd 
+sudo semanage fcontext -a -t bin_t /var/lib/canary-env/bin/opencanaryd
 
 echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for production"
 # ----- TODO Change this setting -----
@@ -132,7 +133,10 @@ echo "Setting SELinux to permisive - IMPORTANT - This action must be removed for
 # Restart ssh-server
 read -p "Restart ssh server now ?" -r
 echo	"" 
-if [[ $REPLY =~ ^[Yy]$ ]]
+
+# - Don't ask user confirmation (run with ansible)
+if [ true ]
+#if [[ $REPLY =~ ^[Yy]$ ]]
 then
 	echo "SSH Server restarting..." 
 	sudo systemctl restart sshd.service