Puppet Class: st2::profile::selinux

Inherits:
st2::params
Defined in:
manifests/profile/selinux.pp

Summary

Configure SELinux so that StackStorm services run properly

Overview

Examples:

Basic Usage

include st2::profile::selinux


6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
 
# File 'manifests/profile/selinux.pp', line 6

class st2::profile::selinux inherits st2::params {
  # note: the selinux module downcases the mode in the fact
  if ($::osfamily == 'RedHat') and ($::selinux_current_mode == 'enforcing') {
    if !defined(Package['policycoreutils-python']) {
      package { 'policycoreutils-python':
        ensure => present,
      }
    }

    # nginx doesn't so we have to enable this here
    selinux::boolean {'st2 nginx httpd_can_network_connect':
      ensure => 'on',
      name   => 'httpd_can_network_connect',
    }

    # note: rabbitmq puppet module manages its own SELinux config
  }
}