Puppet Class: almalinux_hardening::system::selinux::unconfined

Defined in:
manifests/system/selinux/unconfined.pp

Summary

Ensure No Daemons are Unconfined by SELinux

Overview

Puppet Module to perform AlmaLinux 8 OS Hardening with CIS benchmark. Copyright © 2022 Jonas Hügli

Examples:

include almalinux_hardening::system::selinux::unconfined


22
23
24
25
26
27
28
29
30
31
32
33
 
# File 'manifests/system/selinux/unconfined.pp', line 22

class almalinux_hardening::system::selinux::unconfined {
  if $almalinux_hardening::enable_selinux_unconfined {
    if $daemons_unconfined != 'None' {
      $daemons_unconfined.each | $daemon_unconfined | {
        notify { "daemon_unconfined - ${daemon_unconfined}":
          message  => "There is a unconfined daemon: ${daemon_unconfined}! Please fix if quickly!",
          loglevel => 'warning',
        }
      }
    }
  }
}