blob: 38a1e831985668bcc4a95a272b663876e08fd7a6 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
- name: install packages
dnf:
name: '{{ selinux_packages }}'
state: present
- name: start auditd
systemd:
name: auditd
enabled: yes
state: started
- name: enable selinux
lineinfile:
path: /etc/selinux/config
regexp: ^SELINUX=
line: SELINUX={{ 'enforcing' if selinux_enabled else 'disabled' }}
state: present
register: selinux_config
- name: reboot to apply selinux mode
reboot:
when: selinux_config.changed
|