I see that the Copr role has a policy module in Ansible (both source and binary), copies the binary to the destination and loads it with "semodule -i".  Can I do this? It seems suboptimal because a binary is stored in Ansible, and because the policy module should be built on the same distro version as where it's going to be loaded. I'll try to build the module one the destination host directly, unless you think it's a bad idea from a security perspective.

A.