selinux – Change policy and state of SELinux
Synopsis
- Configures the SELinux mode and policy.
- A reboot may be required after usage.
- Ansible will not issue this reboot but will let you know when it is required.
Requirements
The below requirements are needed on the host that executes this module.
- libselinux-python
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| configfile
-
|
Default:
"/etc/selinux/config"
|
The path to the SELinux configuration file, if non-standard.
aliases: conf, file |
| policy
-
|
The name of the SELinux policy to use (e.g. targeted) will be required if state is not disabled.
|
|
| state
- / required
|
|
The SELinux mode.
|
Examples
- name: Enable SELinux
selinux:
policy: targeted
state: enforcing
- name: Put SELinux in permissive mode, logging actions that would be blocked.
selinux:
policy: targeted
state: permissive
- name: Disable SELinux
selinux:
state: disabled
Return Values
Common return values are documented here, the following are the fields unique to this module:
| Key | Returned | Description |
|---|---|---|
| configfile
string
|
always |
Path to SELinux configuration file.
Sample:
/etc/selinux/config
|
| msg
string
|
always |
Messages that describe changes that were made.
Sample:
Config SELinux state changed from 'disabled' to 'permissive'
|
| policy
string
|
always |
Name of the SELinux policy.
Sample:
targeted
|
| reboot_required
boolean
|
always |
Whether or not an reboot is required for the changes to take effect.
Sample:
True
|
| state
string
|
always |
SELinux mode.
Sample:
enforcing
|
Status
- This module is guaranteed to have no backward incompatible interface changes going forward. [stableinterface]
- This module is maintained by the Ansible Core Team. [core]
Red Hat Support
More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.
Authors
- Derek Carter (@goozbach) <goozbach@friocorte.com>
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/selinux_module.html