Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- META:
- - { role: configureSELinux, selinux_policy: "permissive", selinux_type: "targeted"}
- TASK:
- ---
- - name: Configure SELinux Policy and Type
- template: src=selinux.j2 dest={{ selinux_path }}
- TEMPLATES:
- # This file controls the state of SELinux on the system.
- # SELINUX= can take one of these three values:
- # enforcing - SELinux security policy is enforced.
- # permissive - SELinux prints warnings instead of enforcing.
- # disabled - SELinux is fully disabled.
- {% if selinux_policy is defined and selinux_policy in selinux_policy_list -%}
- SELINUX= {{ selinux_policy }}
- {% else %}
- {%- endif %}
- # SELINUXTYPE= type of policy in use. Possible values are:
- # targeted - Only targeted network daemons are protected.
- # strict - Full SELinux protection.
- {% if selinux_type is defined and selinux_type in selinux_type_list -%}
- SELINUXTYPE={{ selinux_type }}
- {%- endif %}
- DEFAULTS:
- ---
- # defaults file for configureSELinux
- #
- selinux_path: /etc/sysconfig/selinux.test
- selinux_policy: "from defaulti"
- selinux_type: " "
- selinux_policy_list:
- - enforcing
- - permissive
- - disabled
- selinux_type_list:
- - targeted
- - strict
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement