Puppet Class: krb5::kdc::selinux_hotfix

Defined in:
manifests/kdc/selinux_hotfix.pp

Summary

This class provides a hotfix for a broken SELinux policy in EL7

Overview

**NOTE: THIS IS A [PRIVATE](github.com/puppetlabs/puppetlabs-stdlib#assert_private) CLASS**

The OS confinement of this class should be done elsewhere.



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'manifests/kdc/selinux_hotfix.pp', line 7

class krb5::kdc::selinux_hotfix {
  assert_private()

  if $facts['os']['selinux']['current_mode'] and ($facts['os']['selinux']['current_mode'] != 'disabled') {
    simplib::assert_optional_dependency($module_name, 'vox_selinux')

    $_config_dir = $krb5::kdc::config_dir
    $_base_config_dir = inline_template('<%= File.dirname(@_config_dir) %>')

    vox_selinux::module { 'krb5kdc_hotfix':
      ensure     => 'present',
      content_te => epp("${module_name}/selinux/krb5kdc_hotfix.te.epp"),
      builder    => 'simple',
      notify     => Class['krb5::kdc::service']
    }
  }
}