Ansible - Set SELinux boolean using the seboolean module

If you are not familiar with modules, check out Ansible - Getting Started with Modules.

By default, SELinux is configured with certain booleans turned on and others turned off. For example, the getsebool command can be used to see that the httpd_can_network_connect_db is turned off.

~]# getsebool httpd_can_network_connect_db
httpd_can_network_connect_db --> off

 

The seboolan module can be used to turn a booleans on or off.

---
- hosts: web
  remote_user: root
  tasks:
  - name: turn the SELinux httpd_can_network_connnect_db boolean on
    seboolean:
      name: httpd_can_network_connect_db
      state: on
      persistent: yes
...

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee

Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.





Please enter dbe73 in the box below so that we can be sure you are a human.