xoxys.selinux/tasks/setup.yml

---
- name: Set current selinux policy
  set_fact:
    selinux_current: "{{ ansible_selinux.config_mode }}"

- block:
    - name: Install dependencies
      package:
        name: "{{ item }}"
        state: present
      loop: "{{ selinux_packages }}"

    - name: Set selinux policy
      selinux:
        policy: "{{ selinux_policy }}"
        state: "{{ selinux_state }}"
      register: __sestatus

    - name: Add .autorelabel file (requires a reboot)
      file:
        path: /.autorelabel
        mode: 0600
        state: touch
      when:
        - selinux_state == "enforcing"
        - selinux_current == "disabled"
        - __sestatus.changed
  become: True
  become_user: root
initial commit 2018-11-15 23:42:58 +01:00			`---`
small refactoring 2019-10-19 15:34:22 +02:00			`- name: Set current selinux policy`
			`set_fact:`
fix indentation 2019-10-19 15:37:38 +02:00			`selinux_current: "{{ ansible_selinux.config_mode }}"`
small refactoring 2019-10-19 15:34:22 +02:00
initial commit 2018-11-15 23:42:58 +01:00			`- block:`
small refactoring 2019-10-19 15:34:22 +02:00			`- name: Install dependencies`
			`package:`
			`name: "{{ item }}"`
			`state: present`
			`loop: "{{ selinux_packages }}"`

initial commit 2018-11-15 23:42:58 +01:00			`- name: Set selinux policy`
			`selinux:`
			`policy: "{{ selinux_policy }}"`
			`state: "{{ selinux_state }}"`
			`register: __sestatus`

			`- name: Add .autorelabel file (requires a reboot)`
			`file:`
			`path: /.autorelabel`
fix: solve linting issues 2021-02-04 21:40:24 +01:00			`mode: 0600`
initial commit 2018-11-15 23:42:58 +01:00			`state: touch`
			`when:`
			`- selinux_state == "enforcing"`
small refactoring 2019-10-19 15:34:22 +02:00			`- selinux_current == "disabled"`
initial commit 2018-11-15 23:42:58 +01:00			`- __sestatus.changed`
			`become: True`
			`become_user: root`