Add tripleo::selinux

Adds a class to configure SELinux. The code is taken from puppet-openstack-cloud: https://github.com/redhat-cip/puppet-openstack-cloud This allows to share the same code for usage by both the Undercloud and Overcloud. Co-Authored By: Emilien Macchi <emilien@redhat.com> Co-Authored By: Yanis Guenane <yguenane@redhat.com> blueprint undercloud-elements Change-Id: If214005df733d41c2fa4e197df247d8a14baaa14
author: James Slagle <jslagle@redhat.com> 2016-04-22 09:30:38 -0400
committer: James Slagle <jslagle@redhat.com> 2016-05-05 13:19:20 -0400
commit: 8e533aaf447022c62865130f2ffc88690f06aef1 (patch)
tree: c5fa4b9d5bca33c321b7c407f8e062320f45374f /templates/selinux
parent: 0bf0f72defc5260346717cf7c9d836342b34ebd6 (diff)
1 files changed, 11 insertions, 0 deletions
diff --git a/templates/selinux/sysconfig_selinux.erb b/templates/selinux/sysconfig_selinux.erb
new file mode 100644
index 0000000..dfb1e53
--- /dev/null
+++ b/templates/selinux/sysconfig_selinux.erb
@@ -0,0 +1,11 @@
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#     enforcing - SELinux security policy is enforced.
+#     permissive - SELinux prints warnings instead of enforcing.
+#     disabled - No SELinux policy is loaded.
+SELINUX=<%= @mode %>
+# SELINUXTYPE= can take one of these two values:
+#     targeted - Targeted processes are protected,
+#     minimum - Modification of targeted policy. Only selected processes are protected.
+#     mls - Multi Level Security protection.
+SELINUXTYPE=targeted
author	James Slagle <jslagle@redhat.com>	2016-04-22 09:30:38 -0400
committer	James Slagle <jslagle@redhat.com>	2016-05-05 13:19:20 -0400
commit	8e533aaf447022c62865130f2ffc88690f06aef1 (patch)
tree	c5fa4b9d5bca33c321b7c407f8e062320f45374f /templates/selinux
parent	0bf0f72defc5260346717cf7c9d836342b34ebd6 (diff)