salt.modules.selinux

Execute calls on selinux

Note

This module requires the semanage and setsebool commands to be available on the minion. On RHEL-based distros, this means that the policycoreutils and policycoreutils-python packages must be installed. If not on a RHEL-based distribution, consult the selinux documentation for your distro to ensure that the proper packages are installed.

salt.modules.selinux.getenforce()

Return the mode selinux is running in

CLI Example:

salt '*' selinux.getenforce

salt.modules.selinux.getsebool(boolean)

Return the information on a specific selinux boolean

CLI Example:

salt '*' selinux.getsebool virt_use_usb

salt.modules.selinux.list_sebool()

Return a structure listing all of the selinux booleans on the system and what state they are in

CLI Example:

salt '*' selinux.list_sebool

salt.modules.selinux.selinux_fs_path(*args)

Return the location of the SELinux VFS directory

CLI Example:

salt '*' selinux.selinux_fs_path

salt.modules.selinux.setenforce(mode)

Set the SELinux enforcing mode

CLI Example:

salt '*' selinux.setenforce enforcing

salt.modules.selinux.setsebool(boolean, value, persist=False)

Set the value for a boolean

CLI Example:

salt '*' selinux.setsebool virt_use_usb off

salt.modules.selinux.setsebools(pairs, persist=False)

Set the value of multiple booleans

CLI Example:

salt '*' selinux.setsebools '{virt_use_usb: on, squid_use_tproxy: off}'