Ansible - Set SELinux boolean using the seboolean module
by
Jeremy Canfield |
Updated: August 18 2022
| Ansible articles
If you are not familiar with modules, check out Ansible - Getting Started with Modules.
By default, SELinux is configured with certain booleans turned on and others turned off. For example, the getsebool command can be used to see that the httpd_can_network_connect_db is turned off.
~]# getsebool httpd_can_network_connect_db
httpd_can_network_connect_db --> off
The seboolan module can be used to turn a booleans on or off.
---
- hosts: web
remote_user: root
tasks:
- name: turn the SELinux httpd_can_network_connnect_db boolean on
seboolean:
name: httpd_can_network_connect_db
state: on
persistent: yes
...
Did you find this article helpful?
If so, consider buying me a coffee over at