security.yml 537 Bytes
Newer Older
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
---

- name: Set SELinux mode on CentOS
  selinux:
    policy: targeted
    state: "{{ selinux_mode }}"
  when: ansible_facts['distribution'] == "CentOS"

- name: Allow PostgreSQL to modify files in "{{ path_to_icat }}" on CentOS
  sefcontext:
    target: '{{ path_to_icat }}(/.*)?'
    setype: postgresql_db_t
    state: present
  when: ansible_facts['distribution'] == "CentOS"

- name: Apply new SELinux file context to filesystem
  command: restorecon -irv "{{ path_to_icat }}"
  when: ansible_facts['distribution'] == "CentOS"

...