Documentation

sefcontext - Manages SELinux file context mapping definitions

New in version 2.2.

Synopsis

  • Manages SELinux file context mapping definitions
  • Similar to the semanage fcontext command

Requirements (on host that executes module)

  • libselinux-python
  • policycoreutils-python

Options

parameter required default choices comments
ftype
no a
File type.
reload
no True
Reload SELinux policy after commit.
selevel
no
SELinux range for the specified target.

aliases: serange
setype
yes
SELinux type for the specified target.
seuser
no
SELinux user for the specified target.
state
no present
  • present
  • absent
Desired boolean value.
target
yes
Target path (expression).

aliases: path

Examples

# Allow apache to modify files in /srv/git_repos
- sefcontext:
    target: '/srv/git_repos(/.*)?'
    setype: httpd_git_rw_content_t
    state: present

Notes

Note

  • The changes are persistent across reboots

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Support

This module is community maintained without core committer oversight.

For more information on what this means please read Module Support

For help in developing on modules, should you be so inclined, please read Community Information & Contributing, Testing Ansible and Developing Modules.