Note
This plugin is part of the ansible.posix collection.
To install it use: ansible-galaxy collection install ansible.posix.
To use it in a playbook, specify: ansible.posix.selinux.
New in version 1.0.0: of ansible.posix
The below requirements are needed on the host that executes this module.
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| configfile string | Default: "/etc/selinux/config" | The path to the SELinux configuration file, if non-standard. aliases: conf, file |
| policy string | The name of the SELinux policy to use (e.g. targeted) will be required if state is not disabled. | |
| state string / required |
| The SELinux mode. |
- name: Enable SELinux
ansible.posix.selinux:
policy: targeted
state: enforcing
- name: Put SELinux in permissive mode, logging actions that would be blocked.
ansible.posix.selinux:
policy: targeted
state: permissive
- name: Disable SELinux
ansible.posix.selinux:
state: disabled
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| configfile string | always | Path to SELinux configuration file. Sample: /etc/selinux/config |
| msg string | always | Messages that describe changes that were made. Sample: Config SELinux state changed from 'disabled' to 'permissive' |
| policy string | always | Name of the SELinux policy. Sample: targeted |
| reboot_required boolean | always | Whether or not an reboot is required for the changes to take effect. Sample: True |
| state string | always | SELinux mode. Sample: enforcing |
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/ansible/posix/selinux_module.html