Defined Type: selinux::setbool

Defined in:
manifests/setbool.pp

Overview

[root@management1 audit]# getsebool daemons_dump_core daemons_dump_core –> off [root@management1 audit]# setsebool daemons_dump_core on [root@management1 audit]# getsebool daemons_dump_core daemons_dump_core –> on [root@management1 audit]#

Parameters:

  • boolname (Any) (defaults to: $name)
  • value (Any) (defaults to: true) 


9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'manifests/setbool.pp', line 9

define selinux::setbool (
                          $boolname = $name,
                          $value    = true,
                        ) {
  #
  include ::selinux

  # policycoreutils
  if(!defined(Package[$selinux::params::policycoreutils]))
  {
    package { $selinux::params::policycoreutils:
      ensure => 'installed',
    }
  }

  exec { "selinux::setbool ${boolname} ${value}":
    command => inline_template('setsebool <%= @boolname %> <%= scope.function_bool2onoff([@value]) %>'),
    unless  => inline_template('getsebool <%= @boolname %> | grep <%= scope.function_bool2onoff([@value]) %>'),
    path    => '/bin:/sbin:/usr/bin:/usr/sbin',
    require => Package[$selinux::params::policycoreutils],
  }
}