selogin – Manages linux user to SELinux user mapping
New in version 2.8.
Synopsis
- Manages linux user to SELinux user mapping
Requirements
The below requirements are needed on the host that executes this module.
- libselinux
- policycoreutils
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
ignore_selinux_state boolean |
| Run independent of selinux runtime state |
login - / required | a Linux user | |
reload - | Default: "yes" | Reload SELinux policy after commit. |
selevel - | Default: "s0" | MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. aliases: serange |
seuser - / required | SELinux user name | |
state - / required |
| Desired mapping value. |
Notes
Note
- The changes are persistent across reboots
- Not tested on any debian based system
Examples
# Modify the default user on the system to the guest_u user - selogin: login: __default__ seuser: guest_u state: present # Assign gijoe user on an MLS machine a range and to the staff_u user - selogin: login: gijoe seuser: staff_u serange: SystemLow-Secret state: present # Assign all users in the engineering group to the staff_u user - selogin: login: '%engineering' seuser: staff_u state: present
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Dan Keder (@dankeder)
- Petr Lautrbach (@bachradsusi)
- James Cassell (@jamescassell)
Hint
If you notice any issues in this documentation, you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.9/modules/selogin_module.html