Puppet Class: selinux::base
- Defined in:
- manifests/base.pp
Overview
Class: selinux::base
This class ensures selinux utilities and services are installed and running. It will also install the ruby bindings which are required to use puppet’s selinux resource types.
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 |
# File 'manifests/base.pp', line 7
class selinux::base {
service { 'auditd':
ensure => running,
enable => true,
}
# required to build custom policy modules.
package { ['checkpolicy', 'policycoreutils']: ensure => present }
case $::osfamily {
'RedHat': {
case $::operatingsystemmajrelease {
'8': {
package{ 'selinux-policy-devel':
ensure => present,
}
$rubypkg_alias = 'libselinux-ruby'
}
'7': {
package { 'policycoreutils-python':
ensure => present,
}
package{ 'selinux-policy-devel':
ensure => present,
}
$rubypkg_alias = 'libselinux-ruby'
}
'6': {
package { 'policycoreutils-python':
ensure => present,
}
$rubypkg_alias = 'libselinux-ruby'
}
'5': {
package{ 'selinux-policy-devel':
ensure => present,
}
case $::lsbdistrelease {
/^5.0$/, /^5.1$/, /^5.2$/, /^5.3$/: {
$rubypkg_alias = 'libselinux-ruby-puppet'
}
default: {
package { 'libselinux-ruby-puppet':
ensure => absent,
before => Package['selinux-ruby-bindings'],
}
$rubypkg_alias = 'libselinux-ruby'
}
}
} # '5'
'4': { $rubypkg_alias = 'libselinux-ruby-puppet' }
default: { $rubypkg_alias = 'libselinux-ruby' }
}
}
'Debian': {
case $::lsbdistcodename {
'sid', 'squeeze': { $rubypkg_alias = 'libselinux-ruby1.8' }
default: { $rubypkg_alias = 'libselinux-puppet-ruby1.8' }
}
}
default: {
fail "Unsupported OS family '${::osfamily}'"
}
}
# if needed, you can fetch and build libselinux-ruby-puppet from
# http://github.com/twpayne/libselinux-ruby-puppet
package { 'selinux-ruby-bindings':
ensure => present,
name => $rubypkg_alias,
}
}
|