community.general.selogin (8.5.0) — module

Install collection

Install with ansible-galaxy collection install community.general:==8.5.0

Add to requirements.yml

  collections:
    - name: community.general
      version: 8.5.0

Description

Manages linux user to SELinux user mapping

Requirements

• libselinux
• policycoreutils

Usage examples

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Modify the default user on the system to the guest_u user
  community.general.selogin:
    login: __default__
    seuser: guest_u
    state: present

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Assign gijoe user on an MLS machine a range and to the staff_u user
  community.general.selogin:
    login: gijoe
    seuser: staff_u
    serange: SystemLow-Secret
    state: present

Scanned by Steampunk Spotter

• Success
  Steampunk Spotter scan finished with no errors, warnings or hints.

- name: Assign all users in the engineering group to the staff_u user
  community.general.selogin:
    login: '%engineering'
    seuser: staff_u
    state: present

Inputs

    
login:
    description:
    - a Linux user
    required: true
    type: str

state:
    choices:
    - present
    - absent
    default: present
    description:
    - Desired mapping value.
    type: str

reload:
    default: true
    description:
    - Reload SELinux policy after commit.
    type: bool

seuser:
    description:
    - SELinux user name
    type: str

selevel:
    aliases:
    - serange
    default: s0
    description:
    - MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping
      defaults to the SELinux user record range.
    type: str

ignore_selinux_state:
    default: false
    description:
    - Run independent of selinux runtime state
    type: bool