mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-01-11 23:25:28 +01:00

Ansible Collection for Posix

Find a file

Petr Lautrbach 23f20588aa seboolean: make it work with disabled SELinux Sometimes it's necessary to configure SELinux before it's enabled on the system. There's `ignore_selinux_state` which should allow it. Before this change `seboolean` module failed on SELinux disabled system even with `ignore_selinux_state: true` and SELinux policy installed while `semanage boolean` worked as expected: $ ansible -i 192.168.121.153, -m seboolean -a "name=ssh_sysadm_login state=on ignore_selinux_state=true" all 192.168.121.153 \| FAILED! => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": false, "msg": "Failed to get list of boolean names" } $ ssh root@192.168.121.153 semanage boolean -l \| grep ssh_sysadm_login ssh_sysadm_login (off , off) Allow ssh to sysadm login It's caused by `selinux.security_get_boolean_names()` and `selinux.security_get_boolean_active(name)` which required SELinux enabled system. This change adds a fallback to semanage API which works in SELinux disabled system when SELinux targeted policy is installed: ANSIBLE_LIBRARY=plugins/modules ansible -i 192.168.121.153, -m seboolean -a "name=ssh_sysadm_login state=on persistent=true ignore_selinux_state=true" all 192.168.121.153 \| CHANGED => { "ansible_facts": { "discovered_interpreter_python": "/usr/bin/python3" }, "changed": true, "name": "ssh_sysadm_login", "persistent": true, "state": true } $ ssh root@192.168.121.153 semanage boolean -l \| grep ssh_sysadm_login ssh_sysadm_login (on , on) Allow ssh to sysadm login Note that without `persistent=true` this module is effectively NO-OP now. Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>		2024-01-22 11:32:58 +01:00
.azure-pipelines	Support for FreeBSD 12.4 was removed.	2024-01-09 07:30:04 +01:00
.github	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
changelogs	seboolean: make it work with disabled SELinux	2024-01-22 11:32:58 +01:00
docs	Release 1.5.2 commit	2023-04-10 10:43:31 +09:00
hacking	Migrate hacking/cgroup_perf_recap_graph.py (#12 )	2020-04-22 23:05:09 -05:00
meta	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
plugins	seboolean: make it work with disabled SELinux	2024-01-22 11:32:58 +01:00
tests	Remove Shippable leftovers.	2024-01-09 07:25:45 +01:00
.gitignore	Update changelog generation configuration	2020-06-17 15:57:15 +05:30
bindep.txt	bindep - install rsync on all EL variants	2023-02-22 20:07:25 -05:00
CHANGELOG.rst	Release 1.5.4	2023-05-10 13:17:59 -05:00
codecov.yml	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
COPYING	Initial commit	2020-03-09 13:15:28 +00:00
galaxy.yml	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
PSF-license.txt	Update with actual CPython 3.9.5 license.	2022-05-16 08:00:40 +02:00
README.md	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
requirements.txt	Remove sanity jobs from shippable	2020-06-16 19:46:58 -04:00
shippable.yml	refactor to comply with current ansible-lint and sanity guidelines	2023-12-06 17:22:59 -06:00
test-requirements.txt	Add support for running ansible-test unit in zuul	2020-06-17 09:34:36 -04:00

README.md

ansible.posix

An Ansible Collection of modules and plugins that target POSIX UNIX/Linux and derivative Operating Systems.

Supported Versions of Ansible

Ansible version compatibility

This collection has been tested against following Ansible versions: >=2.14.

Included content

Modules

Name	Description
ansible.posix.acl	Set and retrieve file ACL information.
ansible.posix.at	Schedule the execution of a command or script file via the at command
ansible.posix.authorized_key	Adds or removes an SSH authorized key
ansible.posix.firewalld	Manage arbitrary ports/services with firewalld
ansible.posix.firewalld_info	Gather information about firewalld
ansible.posix.mount	Control active and configured mount points
ansible.posix.patch	Apply patch files using the GNU patch tool
ansible.posix.rhel_facts	Facts module to set or override RHEL specific facts.
ansible.posix.rhel_rpm_ostree	Ensure packages exist in a RHEL for Edge rpm-ostree based system
ansible.posix.rpm_ostree_upgrade	Manage rpm-ostree upgrade transactions
ansible.posix.seboolean	Toggles SELinux booleans
ansible.posix.selinux	Change policy and state of SELinux
ansible.posix.synchronize	A wrapper around rsync to make common tasks in your playbooks quick and easy
ansible.posix.sysctl	Manage entries in sysctl.conf.

Installing this collection

You can install the ansible.posix collection with the Ansible Galaxy CLI:

ansible-galaxy collection install ansible.posix

You can also include it in a requirements.yml file and install it with ansible-galaxy collection install -r requirements.yml, using the format:

---
collections:
  - name: ansible.posix

Using this collection

See Ansible Using collections for more details.

Contributing to this collection

We welcome community contributions to this collection. See Contributing to Ansible-maintained collections for complete details.

Code of Conduct

This collection follows the Ansible project's Code of Conduct. Please read and familiarize yourself with this document.

Release notes

See changelog for more details.

External requirements

None

Tested with Ansible

ansible-core 2.17 (devel)
ansible-core 2.16 (stable)
ansible-core 2.15 (stable)
ansible-core 2.14 (stable)

Roadmap

More information

Licensing

GNU General Public License v3.0 or later.

See COPYING to see the full text.