Lars Tobias Skjong-Børsting larstobi
larstobi
/ selinux-create-policy
Created
November 22, 2011 20:12
— forked from larsar/selinux-create-policy
Creating SELinux policy for failing stuff
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| For instance Puppet server will not start under RHEL SELinux. Try to start it, then run the following script. Continue this cycle until it starts. It will probably work for different SELinux challenges as well. | |
| The script requires: | |
| $yum install policycoreutils-python | |
| cd /tmp && \ | |
| cat /var/log/audit/audit.log | audit2allow -m puppetmaster > puppetmaster.te && \ | |
| checkmodule -M -m puppetmaster.te -o puppetmaster.mod && \ | |
| semodule_package -m puppetmaster.mod -o puppetmaster.pp && \ | |
| semodule -i puppetmaster.pp |
larstobi
/ hieradata.yaml
Created
September 14, 2012 11:06
— forked from zipkid/hieradata.yaml
Using hiera as node classifier.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :hierarchy: | |
| - Nodes/%{fqdn} | |
| - Domain/%{domain} | |
| - %{environment} | |
| - common | |
| :backends: | |
| - yaml | |
| - puppet |