community.general.seport – Manages SELinux network port type definitions
Note
This plugin is part of the community.general collection (version 3.8.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
To use it in a playbook, specify: community.general.seport
.
Requirements
The below requirements are needed on the host that executes this module.
libselinux-python
policycoreutils-python
Parameters
Parameter |
Comments |
---|---|
Run independent of selinux runtime state Choices:
|
|
Ports or port ranges. Can be a list (since 2.6) or comma separated string. |
|
Protocol for the specified port. Choices:
|
|
Reload SELinux policy after commit. Choices:
|
|
SELinux type for the specified port. |
|
Desired boolean value. Choices:
|
Examples
- name: Allow Apache to listen on tcp port 8888
community.general.seport:
ports: 8888
proto: tcp
setype: http_port_t
state: present
- name: Allow sshd to listen on tcp port 8991
community.general.seport:
ports: 8991
proto: tcp
setype: ssh_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
community.general.seport:
ports: 10000-10100,10112
proto: tcp
setype: memcache_port_t
state: present
- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
community.general.seport:
ports:
- 10000-10100
- 10112
proto: tcp
setype: memcache_port_t
state: present
Authors
Dan Keder (@dankeder)