New in version 2.2.
semanage fcontext
command.The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
ftype str | Default: a | File type. The following file type options can be passed; a for all files, b for block devices, c for character devices, d for directories, f for regular files, l for symbolic links, p for named pipes, s for socket files. |
reload bool |
| Reload SELinux policy after commit. Note that this does not apply SELinux file contexts to existing files. |
selevel str | SELinux range for the specified target. aliases: serange | |
setype required | SELinux type for the specified target. | |
seuser str | SELinux user for the specified target. | |
state str |
| Whether the SELinux file context must be absent or present . |
target str required | Target path (expression). aliases: path |
Note
restorecon
manually for the existing files that require the new SELinux file contexts.- name: Allow apache to modify files in /srv/git_repos sefcontext: target: '/srv/git_repos(/.*)?' setype: httpd_git_rw_content_t state: present - name: Apply new SELinux file context to filesystem command: restorecon -irv /srv/git_repos
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.
For a list of other modules that are also maintained by the Ansible Community, see here.
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.7/modules/sefcontext_module.html