New in version 2.2.
semanage fcontext
command.The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments |
---|---|---|
ftype
str |
Default: a
|
File type.
The following file type options can be passed;
a for all files, b for block devices, c for character devices, d for directories, f for regular files, l for symbolic links, p for named pipes, s for socket files. |
reload
bool |
|
Reload SELinux policy after commit.
Note that this does not apply SELinux file contexts to existing files.
|
selevel
str |
SELinux range for the specified target.
aliases: serange |
|
setype
required |
SELinux type for the specified target.
|
|
seuser
str |
SELinux user for the specified target.
|
|
state
str |
|
Whether the SELinux file context must be
absent or present . |
target
str required |
Target path (expression).
aliases: path |
Note
restorecon
manually for the existing files that require the new SELinux file contexts.- name: Allow apache to modify files in /srv/git_repos
sefcontext:
target: '/srv/git_repos(/.*)?'
setype: httpd_git_rw_content_t
state: present
- name: Apply new SELinux file context to filesystem
command: restorecon -irv /srv/git_repos
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
Hint
If you notice any issues in this documentation you can edit this document to improve it.