/ home / ansible / ansible.builtin / v2.9.27 / module / selogin

ansible.builtin.selogin (v2.9.27) — module

Manages linux user to SELinux user mapping

| "added in version" 2.8 of ansible.builtin"

Authors: Dan Keder (@dankeder), Petr Lautrbach (@bachradsusi), James Cassell (@jamescassell)

preview | supported by community

Install Ansible via `pip`

Install with pip install ansible==2.9.27

Description

Manages linux user to SELinux user mapping

Requirements

libselinux
policycoreutils

Usage examples

Scanned by Steampunk Spotter

# Modify the default user on the system to the guest_u user
- selogin:
    login: __default__
    seuser: guest_u
    state: present

Scanned by Steampunk Spotter

# Assign gijoe user on an MLS machine a range and to the staff_u user
- selogin:
    login: gijoe
    seuser: staff_u
    serange: SystemLow-Secret
    state: present

Scanned by Steampunk Spotter

# Assign all users in the engineering group to the staff_u user
- selogin:
    login: '%engineering'
    seuser: staff_u
    state: present

Inputs

    
login:
    description:
    - a Linux user
    required: true

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Desired mapping value.
    required: true

reload:
    default: true
    description:
    - Reload SELinux policy after commit.

seuser:
    description:
    - SELinux user name
    required: true

selevel:
    aliases:
    - serange
    default: s0
    description:
    - MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping
      defaults to the SELinux user record range.

ignore_selinux_state:
    default: false
    description:
    - Run independent of selinux runtime state
    type: bool

Install Ansible via pip

Description

Requirements

Usage examples

Inputs

Install Ansible via `pip`