Download as
Browse Code »

Commit cf8c73a7d3e4da8f79ea7071f3724e4deb1529c2

Authored by Antonio Terceiro
1 parent aebfbe16
Exists in master and in 65 other branches 3.x, add_you_are_here_breadcrumbs_label, api_for_colab, backup, backup_not_prod, cdtc_configuration, create_institution_bootstrap_modal, design_validation, dev-lappis, dev_env_minimal, disable_email_dev, docs, fix_edit_software_permission, fix_edit_software_with_another_license, fix_hover_button_whitening, fix_members_pagination, fix_models_translations, fix_software_api, fix_software_block_migration, fix_validations_and_tests, focus_search_field_theme, gov-user-refactoring, gov-user-refactoring-rails4, header_fix, institution_modal_on_rating, kalibro-conf-refactoring, kalibro-processor-package, lxc, margin_fix, mezuro_cookbook, organization_rating_style_changes, performance, prezento, r3, refactor_software_communities, refactor_software_for_sisp, register_page, release-process, release-process-v2, remove-unused-images, remove_backup_emails, remove_secondary_email_from_user, removing_super_archives_email, review_message, scope2method, signals_community_noosfero, sisp_colab_config, sisp_dev, sisp_dev_master, sisp_improvements, sisp_simple_version, software_as_organization, software_catalog_style_fix, software_catalog_style_fixes, spb_minimal_env, spec_refactor, stable-4.x, stable-devel, support_docs, syslog, temp_soft_comm_refactoring, thread_dropdown, thread_page, update_software_api, update_softwares_boxes

Add SELinux

Showing 2 changed files with 15 additions and 0 deletions   Show diff stats
cookbooks/basics/files/default/selinux_config 0 → 100644
  Diff comments   View file @cf8c73a
... ... @@ -0,0 +1,4 @@
  1 +# MANAGED WITH CHEF. DO NOT CHANGE BY HAND
  2 +
  3 +SELINUX=enforcing
  4 +SELINUXTYPE=targeted
... ...
cookbooks/basics/recipes/default.rb
  Diff comments   View file @cf8c73a
1 1 # enable EPEL repository by default
2 2 package 'epel-release'
3 3  
  4 +# replicate production security setup
  5 +package 'selinux-policy'
  6 +package 'policycoreutils-python'
  7 +cookbook_file '/etc/selinux/config' do
  8 + source 'selinux_config'
  9 + owner 'root'
  10 + group 'root'
  11 + mode 0644
  12 +end
  13 +execute 'setenforce Enforcing'
  14 +
4 15 package 'vim'
5 16 package 'bash-completion'
6 17 package 'rsyslog'
... ...