ansible / ansible.builtin / v2.8.18 / module / sefcontext Manages SELinux file context mapping definitions | "added in version" 2.2 of ansible.builtin" Authors: Dag Wieers (@dagwieers) preview | supported by communityansible.builtin.sefcontext (v2.8.18) — module
pip
Install with pip install ansible==2.8.18
Manages SELinux file context mapping definitions.
Similar to the C(semanage fcontext) command.
- name: Allow apache to modify files in /srv/git_repos sefcontext: target: '/srv/git_repos(/.*)?' setype: httpd_git_rw_content_t state: present
- name: Apply new SELinux file context to filesystem command: restorecon -irv /srv/git_repos
ftype: choices: - a - b - c - d - f - l - p - s default: a description: - The file type that should have SELinux contexts applied. - 'The following file type options are available:' - C(a) for all files, - C(b) for block devices, - C(c) for character devices, - C(d) for directories, - C(f) for regular files, - C(l) for symbolic links, - C(p) for named pipes, - C(s) for socket files. type: str state: choices: - absent - present default: present description: - Whether the SELinux file context must be C(absent) or C(present). type: str reload: default: true description: - Reload SELinux policy after commit. - Note that this does not apply SELinux file contexts to existing files. type: bool setype: description: - SELinux type for the specified target. required: true type: str seuser: description: - SELinux user for the specified target. type: str target: aliases: - path description: - Target path (expression). required: true type: str selevel: aliases: - serange description: - SELinux range for the specified target. type: str ignore_selinux_state: default: false description: - Useful for scenarios (chrooted environment) that you can't get the real SELinux state. type: bool version_added: '2.8' version_added_collection: ansible.builtin