Skip to content
No description, website, or topics provided.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


Table of Contents

  1. Description
  2. Setup - The basics of getting started with selinux_core
  3. Usage - Configuration options and additional functionality
  4. Reference - User documentation
  5. Limitations - OS compatibility, etc.
  6. Development - Guide for contributing to the module


Manage SELinux context of files.


Setup Requirements

In order to use the selinux module, you must have selinux ruby bindings available on the system.


To set the SELinux context on a file, use the following code:

file { "/path/to/file":
  selinux_ignore_defaults => false,
  selrange => 's0',
  selrole => 'object_r',
  seltype => 'krb5_home_t',
  seluser => 'user_u',

To manage a SELinux policy module, use the following code:

selmodule { 'selmodule_policy':
  ensure => present,
  selmoduledir => '/usr/share/selinux/targeted',

To manage SELinux booleans, use the following code:

selboolean { 'collectd_tcp_network_connect':
  persistent => true,
  value => on,


Please see for the reference documentation, and the selinux section of the file type.

This module is documented using Puppet Strings.

For a quick primer on how Strings works, please see this blog post or the for Puppet Strings.

To generate documentation locally, run the following code:

bundle install
bundle exec puppet strings generate ./lib/**/*.rb

This command will create a browsable \_index.html file in the doc directory. The references available here are all generated from YARD-style comments embedded in the code base. When any development happens on this module, the impacted documentation should also be updated.


This module is only available on platforms that have selinux ruby bindings available.


Puppet Labs modules on the Puppet Forge are open projects, and community contributions are essential for keeping them great. We can't access the huge number of platforms and myriad of hardware, software, and deployment configurations that Puppet is intended to serve.

We want to keep it as easy as possible to contribute changes so that our modules work in your environment. There are a few guidelines that we need contributors to follow so that we can have a chance of keeping on top of things.

For more information, see our module contribution guide.

You can’t perform that action at this time.