Ansible roles
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

41 lines
1.0 KiB

---
- name: Copy SELinux policy
copy: src=zabbix_server.te dest=/etc/selinux/targeted/local/
register: zabbix_server_selinux_policy
tags: zabbix
- name: Install needed packages
yum:
name: policycoreutils
tags: zabbix
- name: Compile SELinux policy
shell: |
cd /etc/selinux/targeted/local/
checkmodule -M -m -o zabbix_server.mod zabbix_server.te
semodule_package -o zabbix_server.pp -m zabbix_server.mod
when: zabbix_server_selinux_policy.changed
tags: zabbix
- name: Load policy for Zabbix Proxy
command: semodule -i /etc/selinux/targeted/local/zabbix_server.pp
when: zabbix_server_selinux_policy.changed
tags: zabbix
- name: Set SELinux context
sefcontext:
target: '/var/lib/zabbix/sessions(/.*)?'
setype: httpd_var_lib_t
state: present
tags: zabbix
- name: Restore SELinux context
command: restorecon -R /var/lib/zabbix/
changed_when: False
tags: zabbix
- name: Allow network connections in SELinux
seboolean: name=zabbix_can_network state=True persistent=True
tags: zabbix