Skip to content

Latest commit

 

History

History
29 lines (20 loc) · 991 Bytes

selinux_permissive.md

File metadata and controls

29 lines (20 loc) · 991 Bytes

selinux_permissive

Back to resource list

Allows some types to misbehave without stopping them. Not as good as specific policies, but better than disabling SELinux entirely.

This does not set the SELinux state to permissive! Use selinux_state for that.

Actions

Action Description
:add (Default) Adds a permissive, unless already set.
:delete Removes a permissive, if set.

Properties

Name Type Default Description
context String Resource name Name of the context to disable SELinux for.

Examples

# Disable enforcement on Apache
selinux_permissive 'httpd_t' do
  notifies :restart, 'service[httpd]'
end