selogin – Manages linux user to SELinux user mapping
From Get docs
Ansible/docs/2.8/modules/selogin module
selogin – Manages linux user to SELinux user mapping
New in version 2.8.
Synopsis
- Manages linux user to SELinux user mapping
Requirements
The below requirements are needed on the host that executes this module.
- libselinux
- policycoreutils
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
ignore_selinux_state boolean |
|
Run independent of selinux runtime state |
login - / required |
a Linux user | |
reload - |
Default: "yes" |
Reload SELinux policy after commit. |
selevel - |
Default: "s0" |
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range.
|
seuser - / required |
SELinux user name | |
state - / required |
|
Desired mapping value. |
Notes
Note
- The changes are persistent across reboots
- Not tested on any debian based system
Examples
# Modify the default user on the system to the guest_u user
- selogin:
login: __default__
seuser: guest_u
state: present
# Assign gijoe user on an MLS machine a range and to the staff_u user
- selogin:
login: gijoe
seuser: staff_u
serange: SystemLow-Secret
state: present
# Assign all users in the engineering group to the staff_u user
- selogin:
login: '%engineering'
seuser: staff_u
state: present
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Dan Keder (@dankeder)
- Petr Lautrbach (@bachradsusi)
- James Cassell (@jamescassell)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/selogin_module.html