community.general.selogin module – Manages linux user to SELinux user mapping
Note
This module is part of the community.general collection (version 9.4.0).
It is not included in ansible-core.
To check whether it is installed, run ansible-galaxy collection list.
To install it, use: ansible-galaxy collection install community.general.
You need further requirements to be able to use this module,
see Requirements for details.
To use it in a playbook, specify: community.general.selogin.
Synopsis
Manages linux user to SELinux user mapping
Requirements
The below requirements are needed on the host that executes this module.
libselinux
policycoreutils
Parameters
Parameter |
Comments |
|---|---|
Run independent of selinux runtime state Choices:
|
|
a Linux user |
|
Reload SELinux policy after commit. Choices:
|
|
MLS/MCS Security Range (MLS/MCS Systems only) SELinux Range for SELinux login mapping defaults to the SELinux user record range. Default: |
|
SELinux user name |
|
Desired mapping value. Choices:
|
Attributes
Attribute |
Support |
Description |
|---|---|---|
Support: full |
Can run in |
|
Support: none |
Will return details on what has changed (or possibly needs changing in |
Notes
Note
The changes are persistent across reboots
Not tested on any debian based system
Examples
- name: Modify the default user on the system to the guest_u user
community.general.selogin:
login: __default__
seuser: guest_u
state: present
- name: Assign gijoe user on an MLS machine a range and to the staff_u user
community.general.selogin:
login: gijoe
seuser: staff_u
serange: SystemLow-Secret
state: present
- name: Assign all users in the engineering group to the staff_u user
community.general.selogin:
login: '%engineering'
seuser: staff_u
state: present