--- - name: Set correct SELinux context sefcontext: target: "/opt/prosody(/.*)?" setype: lib_t seuser: system_u state: present tags: prosody - name: Restore SELinux context command: restorecon -R /opt/prosody/modules changed_when: false tags: prosody - name: Copy SELinux policy copy: src=prosody-ansible.te dest=/etc/selinux/targeted/local/ register: prosody_selinux_policy tags: prosody - name: Compile and load SELinux policy shell: | cd /etc/selinux/targeted/local/ checkmodule -M -m -o prosody-ansible.mod prosody-ansible.te semodule_package -o prosody-ansible.pp -m prosody-ansible.mod semodule -i /etc/selinux/targeted/local/prosody-ansible.pp when: prosody_selinux_policy.changed tags: prosody - name: Allow prosody to query LDAP and HTTP servers seboolean: name={{ item }} state=true persistent=true loop: - authlogin_nsswitch_use_ldap - nis_enabled tags: prosody