``selinux``
===========

This module configures :doc:`selinux`. It allows configuring the SELinux mode
as well as setting SELinux booleans.


Parameters
----------

``selinux_mode``
~~~~~~~~~~~~~~~~

Acceptable values are ``enforcing``, ``permissive``, and ``disabled``. The
module configures this mode for the next reboot. It also sets it right away
unless the mode to be configured is ``disabled`` or SELinux is currently
disabled. In the former case the current mode is set to ``permissive``. In the
latter case nothing is done before the next reboot.


Defined Types
-------------

``set_sebool``
~~~~~~~~~~~~~~

Sets the SELinux boolean specified as the resource title unless SELinux is
disabled, in which case it does nothing.

Parameters:

- ``enable``

  If true, the boolean is set to ``on``. If false, the boolean is set to
  ``off``.


Examples
--------

Allow httpd to access user's home directories::

  selinux::set_sebool {'httpd_enable_homedirs': enable => true }