18 lines
417 B
YAML
18 lines
417 B
YAML
---
|
|
- name: Ensure SELinux is enabled and enforcing
|
|
hosts: all
|
|
become: true
|
|
|
|
tasks:
|
|
- name: Set SELinux to enforcing
|
|
ansible.posix.selinux:
|
|
policy: targeted
|
|
state: enforcing
|
|
notify: Reboot if SELinux state changed
|
|
|
|
handlers:
|
|
- name: Reboot if SELinux state changed
|
|
ansible.builtin.reboot:
|
|
msg: "Rebooting to apply SELinux changes"
|
|
reboot_timeout: 600
|