seport – Manages SELinux network port type definitions¶
New in version 2.0.
Synopsis¶
Manages SELinux network port type definitions.
Requirements¶
The below requirements are needed on the host that executes this module.
libselinux-python
policycoreutils-python
Parameters¶
| Parameter | Choices/Defaults | Comments |
|---|---|---|
|
ignore_selinux_state
boolean
added in 2.8 |
|
Run independent of selinux runtime state
|
|
ports
list
/ required
|
Ports or port ranges.
Can be a list (since 2.6) or comma separated string.
|
|
|
proto
string
/ required
|
|
Protocol for the specified port.
|
|
reload
boolean
|
|
Reload SELinux policy after commit.
|
|
setype
string
/ required
|
SELinux type for the specified port.
|
|
|
state
string
|
|
Desired boolean value.
|
Notes¶
Note
The changes are persistent across reboots.
Not tested on any debian based system.
Examples¶
- name: Allow Apache to listen on tcp port 8888
seport:
ports: 8888
proto: tcp
setype: http_port_t
state: present
- name: Allow sshd to listen on tcp port 8991
seport:
ports: 8991
proto: tcp
setype: ssh_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
seport:
ports: 10000-10100,10112
proto: tcp
setype: memcache_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
seport:
ports:
- 10000-10100
- 10112
proto: tcp
setype: memcache_port_t
state: present
Status¶
This module is not guaranteed to have a backwards compatible interface. [preview]
This module is maintained by the Ansible Community. [community]