added main directory control

README.md

@@ -1,6 +1,6 @@
 |Repo Name| version | Build Status|
 |---|---|---|---|
-|`cd_selinux`| 0.0.0.1 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_selinux)](https://jenkins.confdroid.com/job/cd_selinux/)|
+|`cd_selinux`| 0.0.0.2 | [![Build Status](https://jenkins.confdroid.com/buildStatus/icon?job=cd_selinux)](https://jenkins.confdroid.com/job/cd_selinux/)|
 
 ### Synopsis
 [Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies.](https://en.wikipedia.org/wiki/Security-Enhanced_Linux)
@@ -18,6 +18,8 @@
   * [native Puppet deployment](#native-puppet-deployment)
   * [through Foreman](#through-foreman)
 * [Parameters](#parameters)
+  * [Mandatory Parameters](#mandatory-parameters)
+  * [Optional Parameters](#optional-parameters)
 * [SELINUX](#selinux)
 * [Known Problems](#known-problems)
 * [Support](#support)
@@ -61,6 +63,11 @@ See [more details about class deployment on Confdroid.com](https://confdroid.com
 ### Parameters
 The following parameters are editable via params.pp or through ENC (**__recommended__**). Values changed will take immediate effect at next puppet run. Services will be restarted where neccessary.
 
+#### Mandatory Parameters
+
+#### Optional Parameters
+* `sx_install_setools`    : Whether to install additional selinux tools, i.e. for troubleshooting.
+
 
 ### SELINUX
 All files and directories are configured with correct selinux context. If selinux is disabled, these contexts are ignored.

manifests/main/config.pp

@@ -25,6 +25,6 @@ class cd_selinux::main::config (
 
 ) inherits cd_selinux::params {
 
-  require cd_selinux::main::install
+  include cd_selinux::main::dirs
 
 }

manifests/main/dirs.pp

@@ -0,0 +1,40 @@
+## cd_selinux::dirs.pp
+# Module name: cd_selinux
+# Author: Arne Teuke (arne_teuke@ConfDroid.com)
+# # License:
+#    This file is part of cd_selinux.
+#
+#    cd_selinux is used for providing automatic configuration of SELINUX
+#    Copyright (C) 2016  ConfDroid (copyright@ConfDroid.com)
+#    This program is free software: you can redistribute it and/or modify
+#    it under the terms of the GNU General Public License as published by
+#    the Free Software Foundation, either version 3 of the License, or
+#    (at your option) any later version.
+#
+#    This program is distributed in the hope that it will be useful,
+#    but WITHOUT ANY WARRANTY; without even the implied warranty of
+#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#    GNU General Public License for more details.
+#
+#    You should have received a copy of the GNU General Public License
+#    along with this program.  If not, see <http://www.gnu.org/licenses/>.
+# @summary Class manages all directories required for cd_selinux.
+###############################################################################
+class cd_selinux::dirs (
+
+) inherits cd_selinux::params {
+
+  require cd_selinux::main::install
+
+  file { $sx_main_dir:
+    ensure    =>  directory,
+    path      =>  $sx_main_dir,
+    owner     =>  'root',
+    group     =>  'root',
+    mode      =>  '0755',
+    selrange  =>  s0,
+    selrole   =>  object_r,
+    seltype   =>  selinux_config_t,
+    seluser   =>  system_u,
+  }
+}

manifests/params.pp

@@ -44,6 +44,9 @@ $reqpackages_tools  = $::operatingsystem ? {
                                         'policycoreutils-python'],
   }
 
+# directories
+sx_main_dir   = '/etc/selinux'
+
 # includes must be last
   include cd_selinux::main::config
 }