confdroid/confdroid_selinux
1
0
Fork 0
Code Issues Projects Wiki Activity

updated parameter documentation and README

Browse Source
This commit is contained in:
Arne Teuke
2017-08-03 12:36:11 +01:00
parent a1177ccacf
commit 0bd13076fd
2 changed files with 9 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@@ -1,6 +1,6 @@
|Repo Name| version | Build Status| |Repo Name| version | Build Status|
|---|---|---|---| |---|---|---|---|
|`cd_selinux`| 0.0.0.4 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_selinux)](https://jenkins.confdroid.com/job/cd_selinux/)| |`cd_selinux`| 0.0.1.0 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_selinux)](https://jenkins.confdroid.com/job/cd_selinux/)|
### Synopsis ### Synopsis
[Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies.](https://en.wikipedia.org/wiki/Security-Enhanced_Linux) [Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies.](https://en.wikipedia.org/wiki/Security-Enhanced_Linux)
@@ -71,7 +71,7 @@ The following parameters are editable via params.pp or through ENC (**__recommen
#### Optional Parameters #### Optional Parameters
* `sx_install_setools` : Whether to install additional selinux tools, i.e. for troubleshooting. * `sx_install_setools` : Whether to install additional selinux tools, i.e. for troubleshooting.
* `sx_selinux_status` : Which selinux status should be configured, sets both the status in the configuration file and on commanbd line. Valid options are `enforcing` and `permissive`. Defaults to `enforcing`.
### SELINUX ### SELINUX
All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored. All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.

10
manifests/params.pp
View File

@@ -25,9 +25,13 @@
# to choose, i.e. `latest` or `present`. # to choose, i.e. `latest` or `present`.
# @param [boolean] sx_install_setools Whether to install additional selinux # @param [boolean] sx_install_setools Whether to install additional selinux
# tools, i.e. for troubleshooting. # tools, i.e. for troubleshooting.
# @param [string] sx_selinux_status The desired selinux status. Valid values # @param [string] sx_selinux_status The desired selinux status. Used for both
# are `enforcing`, ``permissive`, `disabled`. Note that changing from disabled # managing the configuration file as well as the command line (setenforce).
# to any othe other types requires a manual reboot to relable the file system. # Valid values are `enforcing` and `permissive`. While the configuration file
# supports another option 'disabled', this option is not available on
# commandline. Note that changing the active selinux status from `disabled`
# to any the other types requires a manual reboot to re-lable the file system.
# This module does not do that for you to avoid unexpected outages.
# @param [string] sx_selinux_type The desired selinux type. Valid options are # @param [string] sx_selinux_type The desired selinux type. Valid options are
# `targeted`, `minimum` and `mls`. # `targeted`, `minimum` and `mls`.
############################################################################## ##############################################################################