selinux_permissive – Change permissive domain in SELinux policy
New in version 2.0.
Synopsis
- Add and remove a domain from the list of permissive domains.
Requirements
The below requirements are needed on the host that executes this module.
- policycoreutils-python
Parameters
| Parameter | Choices/Defaults | Comments |
|---|---|---|
| domain
string / required
|
Default:
""
|
The domain that will be added or removed from the list of permissive domains.
aliases: name |
| no_reload
boolean
|
|
Disable reloading of the SELinux policy after making change to a domain's permissive setting.
The default is
no, which causes policy to be reloaded when a domain changes state.
Reloading the policy does not work on older versions of the policycoreutils-python library, for example in EL 6."
|
| permissive
boolean / required
|
|
Indicate if the domain should or should not be set as permissive.
|
| store
string
|
Name of the SELinux policy store to use.
|
Notes
Note
- Requires a recent version of SELinux and
policycoreutils-python(EL 6 or newer).
Examples
- name: Change the httpd_t domain to permissive
selinux_permissive:
name: httpd_t
permissive: true
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Michael Scherer (@mscherer) <misc@zarb.org>
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/selinux_permissive_module.html