community.general.selinux_permissive module – Change permissive domain in SELinux policy
Note
This module is part of the community.general collection (version 10.1.0).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.general
.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.general.selinux_permissive
.
Synopsis
Add and remove a domain from the list of permissive domains.
Requirements
The below requirements are needed on the host that executes this module.
policycoreutils-python
Parameters
Parameter |
Comments |
---|---|
The domain that will be added or removed from the list of permissive domains. |
|
Disable reloading of the SELinux policy after making change to a domain’s permissive setting. The default is Reloading the policy does not work on older versions of the Choices:
|
|
Indicate if the domain should or should not be set as permissive. Choices:
|
|
Name of the SELinux policy store to use. Default: |
Attributes
Attribute |
Support |
Description |
---|---|---|
Support: full |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
Requires a recent version of SELinux and
policycoreutils-python
(EL 6 or newer).
Examples
- name: Change the httpd_t domain to permissive
community.general.selinux_permissive:
name: httpd_t
permissive: true