community.general.selogin – Manages linux user to SELinux user mapping¶

Note

This plugin is part of the community.general collection (version 1.3.6).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.selogin.

Synopsis
Requirements
Parameters
Notes
Examples

Synopsis ¶

Manages linux user to SELinux user mapping

Requirements ¶

The below requirements are needed on the host that executes this module.

libselinux
policycoreutils

Parameters ¶

Parameter	Choices/Defaults	Comments
ignore_selinux_state boolean	Choices: no ← yes	Run independent of selinux runtime state
login string / required		a Linux user
reload boolean	Choices: no yes ←	Reload SELinux policy after commit.
selevel string	Default: "s0"	MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. aliases: serange
seuser string		SELinux user name
state string	Choices: present ← absent	Desired mapping value.

Notes ¶

Note

The changes are persistent across reboots
Not tested on any debian based system

Examples ¶

- name: Modify the default user on the system to the guest_u user
  community.general.selogin:
    login: __default__
    seuser: guest_u
    state: present

- name: Assign gijoe user on an MLS machine a range and to the staff_u user
  community.general.selogin:
    login: gijoe
    seuser: staff_u
    serange: SystemLow-Secret
    state: present

- name: Assign all users in the engineering group to the staff_u user
  community.general.selogin:
    login: '%engineering'
    seuser: staff_u
    state: present

Authors¶

Dan Keder (@dankeder)
Petr Lautrbach (@bachradsusi)
James Cassell (@jamescassell)

community.general.selogin – Manages linux user to SELinux user mapping¶

Synopsis¶

Requirements¶

Parameters¶

Notes¶

Examples¶