tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Moved setroubleshoot from selinux base class to selinux::setroubleshoot.

Browse source
This commit is contained in:
Timo Mkinen 2013-04-06 01:21:38 +03:00
parent 5070a0d6f3
commit c8a2ff7436
1 changed files with 28 additions and 17 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
selinux/manifests/init.pp
View file

@ -23,7 +23,7 @@ class selinux {
default: { fail("Invalid SELinux mode ${selinux_type}") } default: { fail("Invalid SELinux mode ${selinux_type}") }
} }
package { [ "selinux-policy-targeted", "setroubleshoot" ]: package { "selinux-policy":
ensure => installed, ensure => installed,
} }
@ -37,21 +37,6 @@ class selinux {
notify => Exec["set-selinux-mode"], notify => Exec["set-selinux-mode"],
} }
if $::operatingsystem in ["CentOS","RedHat"] and $::operatingsystemrelease =~ /^[1-5]\./ {
service { "setroubleshoot":
ensure => $selinux_type ? {
disabled => stopped,
default => running,
},
enable => $selinux_type ? {
disabled => false,
default => true,
},
hasstatus => true,
require => Package["setroubleshoot"],
}
}
exec { "set-selinux-mode": exec { "set-selinux-mode":
command => $selinux_type ? { command => $selinux_type ? {
"enforcing" => "setenforce 1", "enforcing" => "setenforce 1",
@ -63,7 +48,33 @@ class selinux {
require => File["/etc/selinux/config"], require => File["/etc/selinux/config"],
} }
if $selinux_type != "disabled" {
include selinux::tools include selinux::tools
package { "selinux-policy-targeted":
ensure => installed,
}
}
}
# Install setroubleshoot
#
class selinux::setroubleshoot {
if $::selinux == "true" {
package { "setroubleshoot":
ensure => installed,
}
if $::operatingsystem in ["CentOS","RedHat"] and $::operatingsystemrelease =~ /^[1-5]\./ {
service { "setroubleshoot":
ensure => running,
enable => true,
hasstatus => true,
require => Package["setroubleshoot"],
}
}
}
} }