blob: 0d8f52dab7445a9ea07b8a176e1561a8baece29b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
|
- name: Déploiement des modules SELinux pour Centos
copy:
src: "{{ item }}-centos-8.2.pp"
dest: /root/
mode: 0644
loop:
- tor-bind-pop_port
- tor-dac-capabilities
- tor-set-capabilities
- tor-bind-unreserved_port
when: ansible_distribution == "CentOS" and ansible_distribution_major_version|int >= 8
- name: Déploiement des modules SELinux pour Fedora
copy:
src: "{{ item }}-fedora-32.pp"
dest: /root/
mode: 0644
loop:
- tor-bind-pop_port
- tor-dac-capabilities
- tor-set-capabilities
- tor-bind-unreserved_port
when: ansible_distribution == "Fedora" and ansible_distribution_version|int >= 32
- name: Vérification des modules
shell: semodule -l | grep '{{ item }}'
args:
executable: /usr/bin/zsh
loop:
- tor-bind-pop_port
- tor-dac-capabilities
- tor-set-capabilities
- tor-bind-unreserved_port
register: semodulelist
ignore_errors: yes
when: ansible_selinux.status != "disabled"
- name: Installation des modules sur Centos
command: semodule -i /root/'{{ item }}'-centos-8.2.pp
loop:
- tor-bind-pop_port
- tor-dac-capabilities
- tor-set-capabilities
- tor-bind-unreserved_port
when: semodulelist is failed and ansible_selinux.status != "disabled" and ansible_distribution == "CentOS"
- name: Installation des modules sur Fedora
command: semodule -i /root/'{{ item }}'-fedora-32.pp
loop:
- tor-bind-pop_port
- tor-dac-capabilities
- tor-set-capabilities
- tor-bind-unreserved_port
when: semodulelist is failed and ansible_selinux.status != "disabled" and ansible_distribution == "Fedora"
- name: Activation du booleen SELinux
seboolean:
name: tor_can_network_relay
state: yes
persistent: yes
ignore_errors: yes
when: ansible_selinux.status != "disabled"
- name: Restauration des contextes SELinux pour hidden_services
command: /sbin/restorecon -R /var/lib/tor/
when: ansible_selinux.status != "disabled"
|
