Puppet Class: selajnux

Defined in:
manifests/init.pp

Overview

Class: selajnux

Handle selinux in hiera.

Parameters

  • ‘selajnux::allow`

Configure selinux boolean value to “on”.

  • ‘selajnux::deny`

Configure selinux boolean value to “off”.

Variables

No required variables.

Examples

Authors

Alexander Salmin

Examples:

include selajnux

selajnux::allow:
  - httpd_can_network_connect
  - httpd_can_network_relay

Parameters:

  • allow (Any) (defaults to: [])
  • deny (Any) (defaults to: []) 


35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
 
# File 'manifests/init.pp', line 35

class selajnux ( $allow = [], $deny = []) {

    # Allow the following selinux booleans
    # In hiera: selajnux::allow
    $allow.each | $name | {
        selboolean { $name:
          name  => $name,
          value => on,
        }
    }

    # Deny the following selinux booleans
    # In hiera: selajnux::deny
    $deny.each | $name | {
        selboolean { $name:
          name  => $name,
          value => off,
        }
    }

}