selinux
Ansible role selinux
Install and configure selinux and its required libraries on your system.
| GitHub | GitLab | Downloads | Version |
|---|---|---|---|
 |
 |
 |
 |
Example Playbook
This example is taken from molecule/default/converge.yml and is tested on each push, pull request and release.
---
- name: Converge
hosts: all
become: true
gather_facts: true
roles:
- role: robertdebock.selinux
selinux_reboot: false
selinux_booleans:
- name: http_can_network_connect
- name: abrt_anon_write
state: false
persistent: false
The machine needs to be prepared. In CI this is done using molecule/default/prepare.yml:
---
- name: Prepare
hosts: all
become: true
gather_facts: false
roles:
- role: robertdebock.bootstrap
Also see a full explanation and example on how to use these roles.
Role Variables
The default values for the variables are set in defaults/main.yml:
---
# defaults file for selinux
# The state, either disabled, permissive or enforcing.
selinux_state: enforcing
# The policy, default: see vars/main.yml.
# The policy differs per distribution, mostly because Debian and Ubuntu use 'default' and other distributions use 'targeted'.
selinux_policy: "{{ _selinux_policy[ansible_os_family] | default(_selinux_policy['default']) }}"
# Should the machine be rebooted after changes?
selinux_reboot: true
# You can enable (or disable) booleans by specifying them in this list.
# selinux_booleans:
# - name: http_can_network_connect
# - name: abrt_anon_write
# state: false
# persistent: false
Requirements
- pip packages listed in requirements.txt.
State of used roles
The following roles are used to prepare a system. You can prepare your system in another way.
| Requirement | GitHub | GitLab |
|---|---|---|
| robertdebock.bootstrap |  |
 |
Context
This role is a part of many compatible roles. Have a look at the documentation of these roles for further information.
Here is an overview of related roles:
Compatibility
This role has been tested on these container images:
| container | tags |
|---|---|
| Alpine | all |
| Amazon | Candidate |
| EL | 9 |
| Debian | all |
| Fedora | all |
| Ubuntu | all |
The minimum version of Ansible required is 2.12, tests have been done to:
- The previous version.
- The current version.
- The development version.
If you find issues, please register them in GitHub.
License
Author Information
Please consider sponsoring me.
Install and configure selinux and its required libraries on your system.
ansible-galaxy install robertdebock/ansible-role-selinux