Controls/gitea-pages
0
2
Fork 0
Code Pull Requests Actions Activity

typos

Browse Source
This commit is contained in:
buchel_k
2024-06-14 16:03:07 +02:00
parent 888252a3f3
commit 094450c951
2 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
_toc.yml
View File

@@ -39,7 +39,7 @@ chapters:
sections:
- file: admin-guide/configuration/icinga2
- file: admin-guide/configuration/packages
- file: admon-guide/configuration/python
- file: admin-guide/configuration/python
- file: admin-guide/configuration/package_updates
- file: admin-guide/configuration/package_repositories
- file: admin-guide/configuration/services

12
admin-guide/configuration/selinux_configuration.md
View File

@@ -13,7 +13,7 @@ Enable or disable SELinux with `base::selinux`. Options:
Example:
```yml
```yaml
base::selinux_mode: 'disabled'
```
@@ -25,13 +25,13 @@ The `permissive` option is useful for setting up a new server to see where SELin
To record such violations `auditd` needs to run:
```yml
```yaml
base::enable_auditd: true
```
On RHEL9 and later this is enabled by default if SELinux is `permissive` or `enforcing`.
Then `setroubleshootd` is very helpful to learn how to configure SELinux if an action is wrongly considered a violation:
```yml
```yaml
selinux::setroubleshootd: true
```
On RHEL9 and later this is enabled by default if SELinux is `permissive` or `enforcing`.
@@ -54,7 +54,7 @@ selinux::booleans: [ 'httpd_can_network_connect', 'domain_can_mmap_files']
### File Context (`fcontext`)
Set fcontext for specific directories/directory
```yml
```yaml
selinux::fcontext:
logbook-data:
pathspec: '/var/www/html/logbook-data(/.*)?'
@@ -68,7 +68,7 @@ a unique arbitrary key name for each entry is needed.
If you wish to have the same fcontext configuation as another path do
```yml
```yaml
selinux::fcontext::equivalence:
apache_ssl_conf:
path: '/srv/online/config/ssl.conf'
@@ -98,7 +98,7 @@ Note that the `setroubleshootd` log output ususally gives you a narrower search
Each such module needs to be added with a unique key at the Hiera key `selinux::modules::te`. A full example is
```yml
```yaml
selinux::modules::te:
# SELinux is preventing /usr/local/bin/musrview from setattr access on the directory /usr/lib/fontconfig/cache
'musrview-font-cache': |