selinux - Change policy and state of SELinux
Synopsis
- Configures the SELinux mode and policy. A reboot may be required after usage. Ansible will not issue this reboot but will let you know when it is required.
Requirements (on host that executes module)
- libselinux-python
Options
| parameter | required | default | choices | comments |
|---|---|---|---|---|
| conf | no | /etc/selinux/config | path to the SELinux configuration file, if non-standard | |
| policy | no | name of the SELinux policy to use (example: targeted) will be required if state is not disabled
| ||
| state | yes |
| The SELinux mode |
Examples
# Enable SELinux
- selinux:
policy: targeted
state: enforcing
# Put SELinux in permissive mode, logging actions that would be blocked.
- selinux:
policy: targeted
state: permissive
# Disable SELinux
- selinux:
state: disabled
Return Values
Common return values are documented here Return Values, the following are the fields unique to this module:
| name | description | returned | type | sample |
|---|---|---|---|---|
| configfile | Path to SELinux configuration file | always | string | /etc/selinux/config |
| msg | Messages that describe changes that were made | always | string | Config SELinux state changed from 'disabled' to 'permissive' |
| policy | Name of the SELinux policy | always | string | targeted |
| reboot_required | Whether or not an reboot is required for the changes to take effect | always | bool | True |
| state | SELinux mode | always | string | enforcing |
Notes
Note
- Not tested on any debian based system
Status
This module is flagged as stableinterface which means that the maintainers for this module guarantee that no backward incompatible interface changes will be made.
Maintenance Info
For more information about Red Hat’s this support of this module, please refer to this knowledge base article<https://access.redhat.com/articles/rhel-top-support-policies>
For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.4/selinux_module.html