configpolicy

dustin/configpolicy

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dustin C. Hatch	f9e8c78e5a	roles/websites: Set authorized_keys file perms Because the various "webapp.*" users' home directories are under `/srv/www`, the default SELinux context type is `httpd_sys_content_t`. The SSH daemon is not allowed to read files with this label, so it cannot load the contents of these users' `authorized_keys` files. To address this, we have to explicitly set the SELinux type to `ssh_home_t`.	2020-12-30 20:59:27 -06:00
Dustin C. Hatch	1f16b4c3e4	websites: Add role for nratonpass.com The websites/nratonpass.com role prepares a machine to host http://nratonpass.com/. The website itself is published via rsync by Jenkins.	2018-07-29 09:34:21 -05:00

Author

SHA1

Message

Date

Dustin C. Hatch

f9e8c78e5a

roles/websites: Set authorized_keys file perms

Because the various "webapp.*" users' home directories are under
`/srv/www`, the default SELinux context type is `httpd_sys_content_t`.
The SSH daemon is not allowed to read files with this label, so it
cannot load the contents of these users' `authorized_keys` files.  To
address this, we have to explicitly set the SELinux type to
`ssh_home_t`.

2020-12-30 20:59:27 -06:00

Dustin C. Hatch

1f16b4c3e4

websites: Add role for nratonpass.com

The *websites/nratonpass.com* role prepares a machine to host
http://nratonpass.com/. The website itself is published via rsync by
Jenkins.

2018-07-29 09:34:21 -05:00

2 Commits