ansible.posix.seboolean module – Toggles SELinux booleans

Note

This module is part of the ansible.posix collection (version 1.5.4).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install ansible.posix. You need further requirements to be able to use this module, see Requirements for details.

To use it in a playbook, specify: ansible.posix.seboolean.

New in ansible.posix 1.0.0

Synopsis

  • Toggles SELinux booleans.

Requirements

The below requirements are needed on the host that executes this module.

  • libselinux-python

  • libsemanage-python

  • python3-libsemanage

Parameters

Parameter

Comments

ignore_selinux_state

boolean

Useful for scenarios (chrooted environment) that you can’t get the real SELinux state.

Choices:

  • false ← (default)

  • true

name

string / required

Name of the boolean to configure.

persistent

boolean

Set to true if the boolean setting should survive a reboot.

Choices:

  • false ← (default)

  • true

state

boolean / required

Desired boolean value

Choices:

  • false

  • true

Notes

Note

  • Not tested on any Debian based system.

Examples

- name: Set httpd_can_network_connect flag on and keep it persistent across reboots
  ansible.posix.seboolean:
    name: httpd_can_network_connect
    state: true
    persistent: true

Authors

  • Stephen Fromm (@sfromm)