roles/samba-dc: Additional BIND SELinux contexts
The `/var/lib/samba/bind-dns` directory contains files that are hard-linked to files in the `/var/lib/samba/private` directory. All paths for a file must have the same context, or `restorecon` will effectively "toggle" the labels each time it is run.jenkins-master
parent
94154a9f2b
commit
f458a46e3f
|
|
@ -1,10 +1,16 @@
|
||||||
samba_selinux_contexts:
|
samba_selinux_contexts:
|
||||||
- path: /var/lib/samba/bind-dns/dns.keytab
|
- path: /var/lib/samba/bind-dns/dns.keytab
|
||||||
setype: named_conf_t
|
setype: named_conf_t
|
||||||
|
- path: /var/lib/samba/private/dns.keytab
|
||||||
|
setype: named_conf_t
|
||||||
- path: /var/lib/samba/bind-dns/named.conf.*
|
- path: /var/lib/samba/bind-dns/named.conf.*
|
||||||
setype: named_conf_t
|
setype: named_conf_t
|
||||||
- path: /var/lib/samba/bind-dns/dns(/.*)?
|
- path: /var/lib/samba/bind-dns/dns(/.*)?
|
||||||
setype: named_var_run_t
|
setype: named_var_run_t
|
||||||
|
- path: /var/lib/samba/private/sam.ldb.d/metadata.tdb
|
||||||
|
setype: named_var_run_t
|
||||||
|
- path: /var/lib/samba/private/sam.ldb.d/.*DNSZONES.*\.ldb
|
||||||
|
setype: named_var_run_t
|
||||||
samba_firewall:
|
samba_firewall:
|
||||||
- dns
|
- dns
|
||||||
- kerberos
|
- kerberos
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue