remove static selinux rules

defaults/main.yml

@@ -1,11 +1,18 @@
 ---
-# not working currently
 cups_version: 2.2.10
 
-# Install dependencies or
+# Install dependencies or custom driver packages
-# custom driver packages
 cups_packages_extra: []
 
+## Example
+# cups_selinux_fcontext:
+#   - { target: '/opt/brother', setype: 'bin_t' }
+cups_selinux_fcontext: []
+## Example
+# cups_selinux_restorecon:
+#   - -R /opt/brother
+cups_selinux_restorecon: []
+
 cups_admin_username: cupsadm
 cups_admin_password: secure
 

tasks/selinux.yml

@@ -5,21 +5,12 @@
         target: "{{ item.target }}"
         setype: "{{ item.setype }}"
         state: present
-      loop:
+      loop: "{{ cups_selinux_fcontext }}"
-        - { target: '/opt/brother', setype: 'bin_t' }
-        - { target: '/etc/opt/brother', setype: 'cupsd_rw_etc_t' }
-        - { target: '/opt/brother/Printers/(.*/)?inf(/.*)?', setype: 'cupsd_rw_etc_t' }
-        - { target: '/opt/brother/Printers/(.*/)?lpd(/.*)?', setype: 'bin_t' }
-        - { target: '/opt/brother/Printers/(.*/)?cupswrapper(/.*)?', setype: 'bin_t' }
       notify: __cupsd_restart
 
     - name: Apply new SELinux file context to filesystem
       command: "restorecon {{ item }}"
-      loop:
+      loop: "{{ cups_selinux_restorecon }}"
-        - -R /opt/brother
-        - -R /etc/opt/brother
-        - -R /opt/brother/Printers
-        - -RFv /usr/lib/cups/filter
       changed_when: False
       notify: __cupsd_restart