Puppet Class: cis_security_hardening::rules::selinux

Defined in:
manifests/rules/selinux.pp

Summary

Ensure SELinux is installed

Overview

SELinux provides Mandatory Access Controls.

Rationale: Without a Mandatory Access Control system installed only the default Discretionary Access Control system will be available.

Examples:

class { 'cis_security_hardening::rules::selinux':
    enforce => true,
}

Parameters:

  • enforce (Boolean) (defaults to: false)

    Enforce the rule



19
20
21
22
23
24
25
26
27
 
# File 'manifests/rules/selinux.pp', line 19

class cis_security_hardening::rules::selinux (
  Boolean $enforce = false,
) {
  if $enforce {
    ensure_packages(['libselinux'], {
        ensure => present,
    })
  }
}