updates selinux tools

2018-10-22 18:53:55 +02:00
parent cb79331c26
commit 0a68f80156
1 changed files with 18 additions and 16 deletions
--- a/manifests/selinux/config.pp
+++ b/manifests/selinux/config.pp
@@ -26,6 +26,8 @@ class cd_nagios::selinux::config (

  if $ng_use_selinux_tools == true {

+    require cd_selinux
+
  # it appears that selinux hehaves differently accross different nodes,
  # so all we can do for now is to create a list of the AVC alerts and come up
  # with a solution on that later.
@@ -38,23 +40,23 @@ class cd_nagios::selinux::config (
    }

    # sealert tac-cgi
-    exec { 'create_policy_taccgi':
-      command     =>  template($ng_taccgi_erb),
-      path        =>  ['/usr/bin','/usr/sbin'],
-      user        =>  $ng_user,
-      cwd         =>  $ng_user_home,
-      creates     =>  "${ng_user_home}/my-taccgi.pp",
-      notify      =>  Exec['semodule_taccgi'],
-    }
+#    exec { 'create_policy_taccgi':
+#      command     =>  template($ng_taccgi_erb),
+#      path        =>  ['/usr/bin','/usr/sbin'],
+#      user        =>  $ng_user,
+#      cwd         =>  $ng_user_home,
+#      creates     =>  "${ng_user_home}/my-taccgi.pp",
+#      notify      =>  Exec['semodule_taccgi'],
+#    }

-    exec { 'semodule_taccgi':
-      command     =>  "semodule -i ${ng_user_home}/my-taccgi.pp",
-      path        =>  ['/usr/bin','/usr/sbin'],
-      user        =>  $ng_user,
-      cwd         =>  $ng_user_home,
-      require     =>  Exec['create_policy_taccgi'],
-      refreshonly =>  true,
-    }
+#    exec { 'semodule_taccgi':
+#      command     =>  "semodule -i ${ng_user_home}/my-taccgi.pp",
+#      path        =>  ['/usr/bin','/usr/sbin'],
+#      user        =>  $ng_user,
+#      cwd         =>  $ng_user_home,
+#      require     =>  Exec['create_policy_taccgi'],
+#      refreshonly =>  true,
+#    }

    # sealert status.cgi