ansible / ansible.builtin / v2.7.7 / module / sefcontext Manages SELinux file context mapping definitions | "added in version" 2.2 of ansible.builtin" Authors: Dag Wieers (@dagwieers) preview | supported by communityansible.builtin.sefcontext (v2.7.7) — module
pip
Install with pip install ansible==2.7.7
Manages SELinux file context mapping definitions.
Similar to the C(semanage fcontext) command.
- name: Allow apache to modify files in /srv/git_repos sefcontext: target: '/srv/git_repos(/.*)?' setype: httpd_git_rw_content_t state: present
- name: Apply new SELinux file context to filesystem command: restorecon -irv /srv/git_repos
ftype: default: a description: - File type. - The following file type options can be passed; C(a) for all files, C(b) for block devices, C(c) for character devices, C(d) for directories, C(f) for regular files, C(l) for symbolic links, C(p) for named pipes, C(s) for socket files. type: str state: choices: - absent - present default: present description: - Whether the SELinux file context must be C(absent) or C(present). type: str reload: default: 'yes' description: - Reload SELinux policy after commit. - Note that this does not apply SELinux file contexts to existing files. type: bool setype: description: - SELinux type for the specified target. required: true seuser: description: - SELinux user for the specified target. type: str target: aliases: - path description: - Target path (expression). required: true type: str selevel: aliases: - serange description: - SELinux range for the specified target. type: str