seboolean – Toggles SELinux booleans

Synopsis

  • Toggles SELinux booleans.

Requirements

The below requirements are needed on the host that executes this module.

  • libselinux-python

  • libsemanage-python

Parameters

Parameter Choices/Defaults Comments
ignore_selinux_state
boolean
added in 2.8
    Choices:
  • no ←
  • yes
Useful for scenarios (chrooted environment) that you can't get the real SELinux state.
name
- / required
Name of the boolean to configure.
persistent
boolean
    Choices:
  • no ←
  • yes
Set to yes if the boolean setting should survive a reboot.
state
boolean / required
    Choices:
  • no
  • yes
Desired boolean value

Notes

Note

  • Not tested on any Debian based system.

Examples

- name: Set httpd_can_network_connect flag on and keep it persistent across reboots
  seboolean:
    name: httpd_can_network_connect
    state: yes
    persistent: yes

Status

Red Hat Support

More information about Red Hat’s support of this module is available from this Red Hat Knowledge Base article.

Authors

  • Stephen Fromm (@sfromm)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.