From 8e533aaf447022c62865130f2ffc88690f06aef1 Mon Sep 17 00:00:00 2001
From: James Slagle <jslagle@redhat.com>
Date: Fri, 22 Apr 2016 09:30:38 -0400
Subject: Add tripleo::selinux

Adds a class to configure SELinux. The code is taken from
puppet-openstack-cloud:
https://github.com/redhat-cip/puppet-openstack-cloud

This allows to share the same code for usage by both the Undercloud and
Overcloud.

Co-Authored By: Emilien Macchi <emilien@redhat.com>
Co-Authored By: Yanis Guenane <yguenane@redhat.com>

blueprint undercloud-elements
Change-Id: If214005df733d41c2fa4e197df247d8a14baaa14
---
 templates/selinux/sysconfig_selinux.erb | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 templates/selinux/sysconfig_selinux.erb

(limited to 'templates')

diff --git a/templates/selinux/sysconfig_selinux.erb b/templates/selinux/sysconfig_selinux.erb
new file mode 100644
index 0000000..dfb1e53
--- /dev/null
+++ b/templates/selinux/sysconfig_selinux.erb
@@ -0,0 +1,11 @@
+# This file controls the state of SELinux on the system.
+# SELINUX= can take one of these three values:
+#     enforcing - SELinux security policy is enforced.
+#     permissive - SELinux prints warnings instead of enforcing.
+#     disabled - No SELinux policy is loaded.
+SELINUX=<%= @mode %>
+# SELINUXTYPE= can take one of these two values:
+#     targeted - Targeted processes are protected,
+#     minimum - Modification of targeted policy. Only selected processes are protected.
+#     mls - Multi Level Security protection.
+SELINUXTYPE=targeted
-- 
cgit 1.2.3-korg