Forge Home

Modules

Resources

PuppetEcosystemPuppet CommunityUpdates

selinux

Manage SELinux
Project URLRSS FeedReport issues

22,730 downloads

5,848 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 2.3.0 (latest)
  • 2.2.0
  • 2.1.0
  • 2.0.0
  • 1.3.0
  • 1.1.0
  • 1.0.0
released Dec 14th 2017
This version is compatible with:
  • Puppet Enterprise 2018.1.x, 2017.3.x, 2017.2.x, 2017.1.x, 2016.5.x, 2016.4.x
  • Puppet >= 4.0.0 < 6.0.0
  • , , ,

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'ghoneycutt-selinux', '2.0.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add ghoneycutt-selinux
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install ghoneycutt-selinux --version 2.0.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download
Tags: selinux

Documentation

ghoneycutt/selinux — version 2.0.0 Dec 14th 2017

selinux module

===

Compability

This module has been tested to work on the following systems with Puppet versions 4 and 5. For an exact matrix of Puppet and Ruby versions, please consult .travis.yml.

  • EL 5
  • EL 6
  • EL 7

Documented with Puppet Strings

Puppet Strings documentation

Class Descriptions

Class selinux

Description

The selinux class manages SELinux for enterprise linux systems. By default, it enables SELinux. To use, simply include ::selinux.

Parameters

See man page selinux(8) for more information regarding the configuration settings.

mode (type: String)

Operation mode of SELinux, valid values are 'enforcing', 'permissive' and 'disabled'.

  • Default: 'disabled'

type (type: String)

The type of policies in use, valid values are 'targeted' and 'strict'.

  • Default: 'targeted'

setlocaldefs (type: String, Integer or Undef)

String or Integer to pass to SETLOCALDEFS option. Valid values are 0 and 1. If left undef, then the SETLOCALDEFS section is not included in the config_file.

  • Default: undef

config_file (type: Stdlib::Absolutepath)

The path to the selinux configuration path to manage.

  • Default: '/etc/selinux/config'

Examples

To enable SELinux

include ::selinux

To disable SELinux

class { '::selinux':
  mode => 'disabled',
}