seport – Manages SELinux network port type definitions

From Get docs
Ansible/docs/2.7/modules/seport module


seport – Manages SELinux network port type definitions

New in version 2.0.


Synopsis

  • Manages SELinux network port type definitions.

Requirements

The below requirements are needed on the host that executes this module.

  • libselinux-python
  • policycoreutils-python

Parameters

Parameter Choices/Defaults Comments

ports

- / required

Ports or port ranges. Can be a list (since 2.6) or comma separated string.

proto

- / required

  • tcp
  • udp

Protocol for the specified port.

reload

boolean

  • no
  • yes

Reload SELinux policy after commit.

setype

- / required

SELinux type for the specified port.

state

- / required

  • absent
  • present

Desired boolean value.



Notes

Note

  • The changes are persistent across reboots.
  • Not tested on any debian based system.


Examples

- name: Allow Apache to listen on tcp port 8888
  seport:
    ports: 8888
    proto: tcp
    setype: http_port_t
    state: present

- name: Allow sshd to listen on tcp port 8991
  seport:
    ports: 8991
    proto: tcp
    setype: ssh_port_t
    state: present

- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
  seport:
    ports: 10000-10100,10112
    proto: tcp
    setype: memcache_port_t
    state: present

- name: Allow memcached to listen on tcp ports 10000-10100 and 10112
  seport:
    ports:
      - 10000-10100
      - 10112
    proto: tcp
    setype: memcache_port_t
    state: present

Status

Authors

  • Dan Keder (@dankeder)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/seport_module.html