Forge Home

selinux_core

Manage SELinux context of files

265,079 downloads

18,142 latest version

5.0 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 1.2.0 (latest)
  • 1.1.0
  • 1.0.4
  • 1.0.3
  • 1.0.2
  • 1.0.1
  • 1.0.0
released Oct 4th 2021
This version is compatible with:
  • Puppet Enterprise 2023.2.x, 2023.1.x, 2023.0.x, 2021.7.x, 2021.6.x, 2021.5.x, 2021.4.x, 2021.3.x, 2021.2.x, 2021.1.x, 2021.0.x, 2019.8.x, 2019.7.x, 2019.5.x, 2019.4.x, 2019.3.x, 2019.2.x, 2019.1.x, 2019.0.x
  • Puppet >= 6.0.0 < 8.0.0
  • CentOS, OracleLinux, RedHat, Scientific, Debian, Ubuntu, windows, Fedora, Darwin, SLES, Solaris, Rocky, AlmaLinux

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'puppetlabs-selinux_core', '1.2.0'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add puppetlabs-selinux_core
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install puppetlabs-selinux_core --version 1.2.0

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.

Download

Documentation

puppetlabs/selinux_core — version 1.2.0 Oct 4th 2021

selinux_core

Modules Status Modules Status Modules Status Modules Status Modules Status

Table of Contents

  1. Description
  2. Setup - The basics of getting started with selinux_core
  3. Usage - Configuration options and additional functionality
  4. Reference - User documentation
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module

Description

Manage SELinux context of files.

Setup

Setup Requirements

In order to use the selinux module, you must have selinux ruby bindings available on the system.

Usage

To set the SELinux context on a file, use the following code:

file { "/path/to/file":
  selinux_ignore_defaults => false,
  selrange => 's0',
  selrole => 'object_r',
  seltype => 'krb5_home_t',
  seluser => 'user_u',
}

To manage a SELinux policy module, use the following code:

selmodule { 'selmodule_policy':
  ensure => present,
  selmoduledir => '/usr/share/selinux/targeted',
}

To manage SELinux booleans, use the following code:

selboolean { 'collectd_tcp_network_connect':
  persistent => true,
  value => on,
}

Reference

Please see REFERENCE.md for the reference documentation, and the selinux section of the file type.

This module is documented using Puppet Strings.

For a quick primer on how Strings works, please see this blog post or the README.md for Puppet Strings.

To generate documentation locally, run the following code:

bundle install
bundle exec puppet strings generate ./lib/**/*.rb

This command will create a browsable \_index.html file in the doc directory. The references available here are all generated from YARD-style comments embedded in the code base. When any development happens on this module, the impacted documentation should also be updated.

Limitations

This module is only available on platforms that have selinux ruby bindings available.

Development

Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve.

We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things.

For more information, see our module contribution guide.