Defined Type: selinux::permissive

Defined in:
manifests/permissive.pp

Overview

selinux::permissive

This method will set a context to permissive

Examples:

Mark oddjob_mkhomedir_t permissive

selinux::permissive { 'allow-oddjob_mkhomedir_t':
  context  => 'oddjob_mkhomedir_t',
}

Parameters:

  • context (Any)

    A particular domain-context, like "oddjob_mkhomedir_t"



12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
# File 'manifests/permissive.pp', line 12

define selinux::permissive (
  $context,
) {

  include ::selinux

  Anchor['selinux::module post'] ->
  Selinux::Permissive[$title] ->
  Anchor['selinux::end']

  exec { "add_${context}":
    command => shellquote('semanage', 'permissive', '-a', $context),
    unless  => sprintf('semanage permissive -l | grep -Fx %s', shellquote($context)),
    path    => '/bin:/sbin:/usr/bin:/usr/sbin',
    require => Class['selinux::package'],
  }
}