# In tasks/selinux_module.yml (can be in a common/shared tasks directory)
- name: Compile SELinux module
  ansible.builtin.shell: |
    cd {{ selinux_module_dir }}
    checkmodule -M -m -o {{ selinux_module_name }}.mod {{ selinux_module_name }}.te
    semodule_package -o {{ selinux_module_name }}.pp -m {{ selinux_module_name }}.mod
  tags:
    - selinux

- name: Install SELinux module
  ansible.builtin.command: semodule -i {{ selinux_module_dir }}/{{ selinux_module_name }}.pp
  tags:
    - selinux

- name: Cleanup SELinux module build files
  ansible.builtin.file:
    path: "{{ selinux_module_dir }}/{{ selinux_module_name }}.mod"
    state: absent
  tags:
    - selinux