diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:23:43 -0500 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-02-04 01:52:13 -0500 |
commit | 0261e875679f1bf63c8d689da7fc7e014597885d (patch) | |
tree | 3f19cd74a0c1070944f75437f30b098d6ef2ffcb /roles/archive_server/vars | |
download | selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.tar.gz selfhosted-0261e875679f1bf63c8d689da7fc7e014597885d.zip |
initial commit
Diffstat (limited to 'roles/archive_server/vars')
-rw-r--r-- | roles/archive_server/vars/main.yml | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/roles/archive_server/vars/main.yml b/roles/archive_server/vars/main.yml new file mode 100644 index 0000000..c59fbce --- /dev/null +++ b/roles/archive_server/vars/main.yml @@ -0,0 +1,22 @@ +archive_home: /var/spool/archive +archive_source_path: /var/spool/archive + +archive_keytab: /var/lib/gssproxy/clients/{{ archive_user }}.keytab +archive_clients_hbac_hostgroup: archive_clients +archive_script_path: /usr/local/bin/archiver.sh +archive_config_path: /etc/archiver.conf + +archive_plugin_dir: /usr/local/libexec/archiver + +archive_selinux_policy_te: | + require { + type gssd_t; + type ssh_exec_t; + type gssproxy_t; + class file getattr; + class key read; + } + + #============= gssproxy_t ============== + allow gssproxy_t gssd_t:key read; + allow gssproxy_t ssh_exec_t:file getattr; |