29 lines
675 B
YAML
29 lines
675 B
YAML
---
|
|
- name: Set current selinux policy
|
|
set_fact:
|
|
selinux_current: "{{ ansible_selinux.config_mode }}"
|
|
|
|
- block:
|
|
- name: Install dependencies
|
|
package:
|
|
name: "{{ item }}"
|
|
state: present
|
|
loop: "{{ selinux_packages }}"
|
|
|
|
- name: Set selinux policy
|
|
selinux:
|
|
policy: "{{ selinux_policy }}"
|
|
state: "{{ selinux_state }}"
|
|
register: __sestatus
|
|
|
|
- name: Add .autorelabel file (requires a reboot)
|
|
file:
|
|
path: /.autorelabel
|
|
state: touch
|
|
when:
|
|
- selinux_state == "enforcing"
|
|
- selinux_current == "disabled"
|
|
- __sestatus.changed
|
|
become: True
|
|
become_user: root
|