Allow standalone to manage selinux
In some cases we may need to disable selinux (like in CI). The role needs the SELinux service so that the management can be done during the deployment. NOTE: this squashes the original patch with the bugfix patch I4dde00e615be3a3c13fa8a21f8a5eb4ca9dbfbec Change-Id: Ife3c4600f5bd70490a68059eb27c5100743a5298 Closes-Bug: #1797910 (cherry picked from commit7451fc44de
) (cherry picked from commit62418388b2
)
This commit is contained in:
parent
b26af243aa
commit
8b13603740
|
@ -6,6 +6,8 @@ resource_registry:
|
|||
OS::TripleO::Standalone::Net::SoftwareConfig: ../net-config-standalone.yaml
|
||||
OS::TripleO::NodeExtraConfigPost: ../extraconfig/post_deploy/standalone_post.yaml
|
||||
|
||||
# Manage SELinux
|
||||
OS::TripleO::Services::SELinux: ../puppet/services/selinux.yaml
|
||||
OS::TripleO::Services::OpenStackClients: ../puppet/services/openstack-clients.yaml
|
||||
|
||||
# Disable non-openstack services that are enabled by default
|
||||
|
|
|
@ -91,6 +91,7 @@ resource_registry:
|
|||
OS::TripleO::Services::MistralExecutor: OS::Heat::None
|
||||
OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml
|
||||
OS::TripleO::Services::PankoApi: OS::Heat::None
|
||||
OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml
|
||||
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
||||
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
||||
OS::TripleO::Services::Tacker: OS::Heat::None
|
||||
|
|
|
@ -99,6 +99,7 @@ resource_registry:
|
|||
OS::TripleO::Services::MistralExecutor: OS::Heat::None
|
||||
OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml
|
||||
OS::TripleO::Services::PankoApi: OS::Heat::None
|
||||
OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml
|
||||
OS::TripleO::Services::SaharaApi: OS::Heat::None
|
||||
OS::TripleO::Services::SaharaEngine: OS::Heat::None
|
||||
OS::TripleO::Services::Tacker: OS::Heat::None
|
||||
|
|
|
@ -0,0 +1,4 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
SELinux can be configured on the Standalone deployment by setting SELinuxMode.
|
|
@ -159,6 +159,7 @@
|
|||
- OS::TripleO::Services::SaharaApi
|
||||
- OS::TripleO::Services::SaharaEngine
|
||||
- OS::TripleO::Services::Securetty
|
||||
- OS::TripleO::Services::SELinux
|
||||
- OS::TripleO::Services::SensuClient
|
||||
- OS::TripleO::Services::SkydiveAgent
|
||||
- OS::TripleO::Services::SkydiveAnalyzer
|
||||
|
|
|
@ -51,6 +51,9 @@ environments:
|
|||
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-standalone.yaml
|
||||
OS::TripleO::NodeExtraConfigPost: ../../extraconfig/post_deploy/standalone_post.yaml
|
||||
|
||||
# Manage SELinux
|
||||
OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml
|
||||
|
||||
OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml
|
||||
|
||||
# Disable non-openstack services that are enabled by default
|
||||
|
@ -163,6 +166,9 @@ environments:
|
|||
resource_registry:
|
||||
OS::TripleO::Standalone::Net::SoftwareConfig: ../../net-config-bridge.yaml
|
||||
|
||||
# Manage SELinux
|
||||
OS::TripleO::Services::SELinux: ../../puppet/services/selinux.yaml
|
||||
|
||||
OS::TripleO::Services::OpenStackClients: ../../puppet/services/openstack-clients.yaml
|
||||
|
||||
# Disable non-openstack services that are enabled by default
|
||||
|
|
Loading…
Reference in New Issue