2019-02-12 22:31:40 +00:00
|
|
|
---
|
|
|
|
|
- block:
|
|
|
|
|
- name: Add SELinux file context mapping definitions
|
|
|
|
|
sefcontext:
|
|
|
|
|
target: "{{ item.target }}"
|
|
|
|
|
setype: "{{ item.setype }}"
|
|
|
|
|
state: present
|
|
|
|
|
loop:
|
|
|
|
|
- { target: '/opt/brother', setype: 'bin_t' }
|
|
|
|
|
- { target: '/etc/opt/brother', setype: 'cupsd_rw_etc_t' }
|
|
|
|
|
- { target: '/opt/brother/Printers/(.*/)?inf(/.*)?', setype: 'cupsd_rw_etc_t' }
|
|
|
|
|
- { target: '/opt/brother/Printers/(.*/)?lpd(/.*)?', setype: 'bin_t' }
|
|
|
|
|
- { target: '/opt/brother/Printers/(.*/)?cupswrapper(/.*)?', setype: 'bin_t' }
|
|
|
|
|
notify: __cupsd_restart
|
|
|
|
|
|
|
|
|
|
- name: Apply new SELinux file context to filesystem
|
|
|
|
|
command: "restorecon {{ item }}"
|
|
|
|
|
loop:
|
|
|
|
|
- -R /opt/brother
|
|
|
|
|
- -R /etc/opt/brother
|
|
|
|
|
- -R /opt/brother/Printers
|
|
|
|
|
- -RFv /usr/lib/cups/filter
|
2019-02-12 22:34:25 +00:00
|
|
|
changed_when: False
|
2019-02-12 22:31:40 +00:00
|
|
|
notify: __cupsd_restart
|
|
|
|
|
|
|
|
|
|
- name: Allow cups execmem/execstack
|
|
|
|
|
seboolean:
|
|
|
|
|
name: cups_execmem
|
|
|
|
|
state: yes
|
|
|
|
|
persistent: yes
|
|
|
|
|
notify: __cupsd_restart
|
|
|
|
|
become: True
|
|
|
|
|
become_user: root
|
