Puppet Class: confdroid_selinux::params

Inherited by:
confdroid_selinux::main::dirs
confdroid_selinux::main::files
confdroid_selinux::main::config
confdroid_selinux::main::install
Defined in:
manifests/params.pp

Summary

Class holds all parameters for the confdroid_selinux module and is inherited by all classes except defines.

Overview

confdroid_selinux::params.pp Module name: confdroid_selinux Author: 12ww1160 (12ww1160@ConfDroid.com)

Parameters:

  • sx_pkg_ensure (String) (defaults to: 'latest')

    which package type to choose, i.e. latest or present.

  • sx_reqpackages (Array[String]) (defaults to: ['selinux-policy','policycoreutils','setroubleshoot-server','policycoreutils-python-utils'])

    List of packages required for selinux management. The default list includes the following packages: selinux-policy, policycoreutils, setroubleshoot-server, policycoreutils-python.

  • sx_selinux_status (String) (defaults to: 'enforcing')

    The desired selinux status. Used for both managing the configuration file as well as the command line (setenforce). Valid values are enforcing and permissive. While the configuration file supports another option ‘disabled’, this option is not available on commandline. Note that changing the active selinux status from disabled to any the other types requires a manual reboot to re-label the file system. This module does not do that for you to avoid unexpected outages.

  • sx_selinux_type (String) (defaults to: 'targeted')

    The desired selinux type. Valid options are targeted, minimum and mls.



23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'manifests/params.pp', line 23

class confdroid_selinux::params (

  Array[String] $sx_reqpackages       = ['selinux-policy','policycoreutils','setroubleshoot-server','policycoreutils-python-utils'],
  String $sx_pkg_ensure               = 'latest',
  String $sx_selinux_status           = 'enforcing',
  String $sx_selinux_type             = 'targeted',

) {
# default facts
  $fqdn                     = $facts['networking']['fqdn']
  $hostname                 = $facts['networking']['hostname']
  $domain                   = $facts['networking']['domain']
  $os_name                  = $facts['os']['name']
  $os_release               = $facts['os']['release']['major']

# directories
  $sx_main_dir              = '/etc/selinux'

# files
  $sx_main_file             = "${sx_main_dir}/config"
  $sx_main_file_erb         = 'confdroid_selinux/main/selinux_config.erb'

# includes must be last
  include confdroid_selinux::main::config
}