seport - Manages SELinux network port type definitions¶

New in version 2.0.

Synopsis
- Requirements
Parameters
Notes
Examples
Status
Maintenance
- Author

Synopsis ¶

Manages SELinux network port type definitions.

Requirements ¶

The below requirements are needed on the host that executes this module.

libselinux-python
policycoreutils-python

Parameters ¶

Parameter	Choices/Defaults	Comments
ports required		Ports or port ranges. Can be a list (since 2.6) or comma separated string.
proto required	Choices: tcp udp	Protocol for the specified port.
reload bool	Choices: no yes ←	Reload SELinux policy after commit.
setype required		SELinux type for the specified port.
state required	Choices: absent present ←	Desired boolean value.

Notes ¶

Note

The changes are persistent across reboots.
Not tested on any debian based system.

Examples ¶

- name: Allow Apache to listen on tcp port 8888
  seport:
    ports: 8888
    proto: tcp
    setype: http_port_t
    state: present

- name: Allow sshd to listen on tcp port 8991
  seport:
    ports: 8991
    proto: tcp
    setype: ssh_port_t
    state: present

- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
  seport:
    ports: 10000-10100,10112
    proto: tcp
    setype: memcache_port_t
    state: present

- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
  seport:
    ports:
      - 10000-10100
      - 10112
    proto: tcp
    setype: memcache_port_t
    state: present

Status ¶

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance ¶

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author ¶

Dan Keder

Hint

If you notice any issues in this documentation you can edit this document to improve it.