selinux_permissive – Change permissive domain in SELinux policy
New in version 2.0.
Synopsis
- Add and remove a domain from the list of permissive domains.
Requirements
The below requirements are needed on the host that executes this module.
- policycoreutils-python
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| domain string / required | Default: "" | The domain that will be added or removed from the list of permissive domains. aliases: name |
| no_reload boolean |
| Disable reloading of the SELinux policy after making change to a domain's permissive setting. The default is no, which causes policy to be reloaded when a domain changes state.Reloading the policy does not work on older versions of the policycoreutils-python library, for example in EL 6." |
| permissive boolean / required |
| Indicate if the domain should or should not be set as permissive. |
| store string | Name of the SELinux policy store to use. |
Notes
Note
- Requires a recent version of SELinux and
policycoreutils-python(EL 6 or newer).
Examples
- name: Change the httpd_t domain to permissive
selinux_permissive:
name: httpd_t
permissive: true
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Michael Scherer (@mscherer) <misc@zarb.org>
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/selinux_permissive_module.html