Salt Stack Formula to set up and configure SELinux, Security-Enhanced Linux
- This formula aims to follow the conventions and recommendations described at http://docs.saltstack.com/topics/conventions/formulas.html
- Set up map.jinja to handle defaults and make the formula modular
- Break out setroubleshoot into its own formula
- Fork this repository and then add your fork as a GitFS backend in your Salt master config.
- Configure your Pillar top file (
/srv/pillar/top.sls), see pillar.example - Include this Formula within another Formula or simply define your needed states within the Salt top file (
/srv/salt/top.sls).
Manage SELinux - includes all of the states listed below
Install SELinux packages
Manage SELinux config
Manage SELinux booleans
Manage SELinux ports
Manage SELinux file contexts
Manage SELinux modules
Manage setroubleshoot (install, configure email alerts)
None
None
Contributions are always welcome. All development guidelines you have to know are
- write clean code (proper YAML+Jinja syntax, no trailing whitespaces, no empty lines with whitespaces, LF only)
- set sane default settings
- test your code (see Testing below)
- update README.rst doc
Tested with:
- 2018.3.x
Tested with:
- CentOS 6
- CentOS 7
Testing is done with Test Kitchen for machine setup and testinfra for integration tests.
- Python & modules in requirements.txt
- Ruby
- Vagrant - required since SELinux doesn't work inside Docker containers, open to suggestions
gem install bundler bundle install pip install -r requirements.txt kitchen test