diff --git a/environments/standalone.yaml b/environments/standalone.yaml index 8db4638da0..5b0d75d219 100644 --- a/environments/standalone.yaml +++ b/environments/standalone.yaml @@ -6,6 +6,8 @@ resource_registry: OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml + # Manage SELinux + OS::TripleO::Services::SELinux: ../puppet/services/selinux.yaml OS::TripleO::Services::OpenStackClients: ../puppet/services/openstack-clients.yaml # Disable non-openstack services that are enabled by default diff --git a/environments/standalone/standalone-overcloud.yaml b/environments/standalone/standalone-overcloud.yaml index 4fede99107..ac8f634a8e 100644 --- a/environments/standalone/standalone-overcloud.yaml +++ b/environments/standalone/standalone-overcloud.yaml @@ -91,6 +91,7 @@ resource_registry: OS::TripleO::Services::MistralExecutor: OS::Heat::None OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml OS::TripleO::Services::PankoApi: OS::Heat::None + OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml OS::TripleO::Services::SaharaApi: OS::Heat::None OS::TripleO::Services::SaharaEngine: OS::Heat::None OS::TripleO::Services::Tacker: OS::Heat::None diff --git a/environments/standalone/standalone-tripleo.yaml b/environments/standalone/standalone-tripleo.yaml index 82402ab2c3..cc010a6111 100644 --- a/environments/standalone/standalone-tripleo.yaml +++ b/environments/standalone/standalone-tripleo.yaml @@ -99,6 +99,7 @@ resource_registry: OS::TripleO::Services::MistralExecutor: OS::Heat::None OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml OS::TripleO::Services::PankoApi: OS::Heat::None + OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml OS::TripleO::Services::SaharaApi: OS::Heat::None OS::TripleO::Services::SaharaEngine: OS::Heat::None OS::TripleO::Services::Tacker: OS::Heat::None diff --git a/releasenotes/notes/standalone-selinux-configuration-39a0c7285d8e4c66.yaml b/releasenotes/notes/standalone-selinux-configuration-39a0c7285d8e4c66.yaml new file mode 100644 index 0000000000..6e7aa2311e --- /dev/null +++ b/releasenotes/notes/standalone-selinux-configuration-39a0c7285d8e4c66.yaml @@ -0,0 +1,4 @@ +--- +fixes: + - | + SELinux can be configured on the Standalone deployment by setting SELinuxMode. diff --git a/roles/Standalone.yaml b/roles/Standalone.yaml index 8dd5a9d7fb..9b07c06ef9 100644 --- a/roles/Standalone.yaml +++ b/roles/Standalone.yaml @@ -159,6 +159,7 @@ - OS::TripleO::Services::SaharaApi - OS::TripleO::Services::SaharaEngine - OS::TripleO::Services::Securetty + - OS::TripleO::Services::SELinux - OS::TripleO::Services::SensuClient - OS::TripleO::Services::SkydiveAgent - OS::TripleO::Services::SkydiveAnalyzer diff --git a/sample-env-generator/standalone.yaml b/sample-env-generator/standalone.yaml index ad02ffe047..ca98419d5f 100644 --- a/sample-env-generator/standalone.yaml +++ b/sample-env-generator/standalone.yaml @@ -51,6 +51,9 @@ environments: OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml + # Manage SELinux + OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml + OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml # Disable non-openstack services that are enabled by default @@ -163,6 +166,9 @@ environments: resource_registry: OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-bridge.yaml + # Manage SELinux + OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml + OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml # Disable non-openstack services that are enabled by default