SHARE
TWEET

SELinux

a guest Feb 17th, 2017 99 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. META:
  2.  
  3.   - { role: configureSELinux, selinux_policy: "permissive", selinux_type: "targeted"}
  4.  
  5. TASK:
  6.  
  7. ---
  8.  
  9.   - name: Configure SELinux Policy and Type
  10.     template: src=selinux.j2 dest={{ selinux_path }}
  11.  
  12. TEMPLATES:
  13.  
  14. # This file controls the state of SELinux on the system.
  15. # SELINUX= can take one of these three values:
  16. #       enforcing - SELinux security policy is enforced.
  17. #       permissive - SELinux prints warnings instead of enforcing.
  18. #       disabled - SELinux is fully disabled.
  19. {% if selinux_policy is defined and selinux_policy in selinux_policy_list -%}
  20. SELINUX= {{ selinux_policy }}
  21. {% else %}
  22. {%- endif %}
  23. # SELINUXTYPE= type of policy in use. Possible values are:
  24. #       targeted - Only targeted network daemons are protected.
  25. #       strict - Full SELinux protection.
  26. {% if selinux_type is defined and selinux_type in selinux_type_list -%}
  27. SELINUXTYPE={{ selinux_type }}
  28. {%- endif %}
  29.  
  30. DEFAULTS:
  31.  
  32. ---
  33. # defaults file for configureSELinux
  34. #
  35. selinux_path: /etc/sysconfig/selinux.test
  36.  
  37. selinux_policy: "from defaulti"
  38. selinux_type: " "
  39.  
  40. selinux_policy_list:
  41.  - enforcing
  42.  - permissive
  43.  - disabled
  44.  
  45. selinux_type_list:
  46.  - targeted
  47.  - strict
RAW Paste Data
Top