PDA

View Full Version : SLES 15 SLES Set to Permissive Mode



semajkp
23-Sep-2019, 15:36
Happy Monday All,

I'm working on a task to set SELinux to permissive mode for RHEL/Debian and to set Apparmor to permissive mode for SLES15/12/11. I have my code in place for SELinux but I don't know what to do for SLES! This is what I have:


---
- name: install selinux dependencies when selinux is installed on Debian
apt:
name: ['policycoreutils', 'checkpolicy', 'selinux-basics', 'python-selinux' ]
state: present
when: ansible_distribution|lower == 'debian'
- name: Set SELinux to permissive mode | RHEL
selinux:
policy: targeted
state: permissive
register: task_result
when: ansible_distribution|lower == 'redhat'
- name: Set SELinux to permissive mode | Debian
selinux:
policy: default
state: permissive
register: task_result
when:
- ansible_selinux_python_present|bool
- ansible_distribution|lower == 'debian'
- name: Reboot the server and wait for it to come back up.
reboot:
when: task_result is changed
...

Ansible Version:


ansible 2.8.4
config file = /etc/ansible/ansible.cfg
configured module search path = [u'/home/jamekeit/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
ansible python module location = /usr/lib/python2.7/site-packages/ansible
executable location = /usr/bin/ansible
python version = 2.7.5 (default, May 31 2018, 09:41:32) [GCC 4.8.5 20150623 (Red Hat 4.8.5-28)]

Controller Machine OS:


NAME="Red Hat Enterprise Linux Server"
VERSION="7.5 (Maipo)"
ID="rhel"

Pointers will be greatly appreciated!

Can anyone help me out with setting apparmor to permissive for SLES?

I'm totally stuck!

strahil-nikolov-dxc
26-Sep-2019, 05:54
I guess you can disable/stop the apparmor service.