Puppet Class: nfs::selinux_hotfix

Defined in:

manifests/selinux_hotfix.pp

Summary

Provides hotfix for broken SElinux policy

Overview

This class provides a hotfix for a broken SELinux policy in EL7, selinux-policy < 3.13.1-229.el7_6.9.

The OS confinement of this class should be done elsewhere

# File 'manifests/selinux_hotfix.pp', line 10

class nfs::selinux_hotfix {
  assert_private()

  if $facts['os']['selinux']['current_mode'] and $facts['os']['selinux']['current_mode'] != 'disabled' {
    vox_selinux::module { 'gss_hotfix':
      ensure     => 'present',
      content_te => file("${module_name}/selinux/gss_hotfix.te"),
      builder    => 'simple'
    }
  }
}