selinux_permissive – Change permissive domain in SELinux policy

From Get docs
Ansible/docs/2.8/modules/selinux permissive module


selinux_permissive – Change permissive domain in SELinux policy

New in version 2.0.


Synopsis

  • Add and remove a domain from the list of permissive domains.

Requirements

The below requirements are needed on the host that executes this module.

  • policycoreutils-python

Parameters

Parameter Choices/Defaults Comments

domain

string / required

Default:

""

The domain that will be added or removed from the list of permissive domains.


aliases: name

no_reload

boolean

  • no

  • yes

Disable reloading of the SELinux policy after making change to a domain's permissive setting.

The default is no, which causes policy to be reloaded when a domain changes state.

Reloading the policy does not work on older versions of the policycoreutils-python library, for example in EL 6."

permissive

boolean / required

  • no
  • yes

Indicate if the domain should or should not be set as permissive.

store

string

Name of the SELinux policy store to use.



Notes

Note

  • Requires a recent version of SELinux and policycoreutils-python (EL 6 or newer).


Examples

- name: Change the httpd_t domain to permissive
  selinux_permissive:
    name: httpd_t
    permissive: true

Status

Authors

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/selinux_permissive_module.html