diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-04-12 09:00:58 -0400 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-04-12 09:00:58 -0400 |
commit | 7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6 (patch) | |
tree | 77ea323657f8f42c127e8b893aae8710520ecee7 /roles/apache | |
parent | 680203a22ae30916b964ebaf2b3053716c5f6869 (diff) | |
download | selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.tar.gz selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.zip |
ttrss: move selinux hack from apache to ttrss role
Diffstat (limited to 'roles/apache')
-rw-r--r-- | roles/apache/tasks/main.yml | 10 | ||||
-rw-r--r-- | roles/apache/vars/main.yml | 10 |
2 files changed, 0 insertions, 20 deletions
diff --git a/roles/apache/tasks/main.yml b/roles/apache/tasks/main.yml index c1b42ee..4892782 100644 --- a/roles/apache/tasks/main.yml +++ b/roles/apache/tasks/main.yml @@ -41,16 +41,6 @@ - { sebool: httpd_can_sendmail, value: '{{ apache_can_sendmail }}' } tags: selinux -- name: create SELinux policy for apache to allow kerberos with php fpm (why?) - include_role: - name: selinux_policy - apply: - tags: selinux - vars: - selinux_policy_name: apache_php_gss - selinux_policy_te: '{{ apache_selinux_policy_te }}' - tags: selinux - - name: configure mod_gssapi import_tasks: gssapi.yml when: apache_gssapi or apache_use_nfs diff --git a/roles/apache/vars/main.yml b/roles/apache/vars/main.yml index 84f31c2..fa0a293 100644 --- a/roles/apache/vars/main.yml +++ b/roles/apache/vars/main.yml @@ -35,13 +35,3 @@ apache_gzip_types: - text/javascript - text/plain - text/xml - -apache_selinux_policy_te: | - require { - type unconfined_service_t; - type httpd_t; - class key { read view write }; - } - - #============= httpd_t ============== - allow httpd_t unconfined_service_t:key { read view write }; |