From 0261e875679f1bf63c8d689da7fc7e014597885d Mon Sep 17 00:00:00 2001
From: Stonewall Jackson <stonewall@sacredheartsc.com>
Date: Sat, 4 Feb 2023 01:23:43 -0500
Subject: initial commit

---
 roles/archive_server/vars/main.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 roles/archive_server/vars/main.yml

(limited to 'roles/archive_server/vars')

diff --git a/roles/archive_server/vars/main.yml b/roles/archive_server/vars/main.yml
new file mode 100644
index 0000000..c59fbce
--- /dev/null
+++ b/roles/archive_server/vars/main.yml
@@ -0,0 +1,22 @@
+archive_home: /var/spool/archive
+archive_source_path: /var/spool/archive
+
+archive_keytab: /var/lib/gssproxy/clients/{{ archive_user }}.keytab
+archive_clients_hbac_hostgroup: archive_clients
+archive_script_path: /usr/local/bin/archiver.sh
+archive_config_path: /etc/archiver.conf
+
+archive_plugin_dir: /usr/local/libexec/archiver
+
+archive_selinux_policy_te: |
+  require {
+    type gssd_t;
+    type ssh_exec_t;
+    type gssproxy_t;
+    class file getattr;
+    class key read;
+  }
+
+  #============= gssproxy_t ==============
+  allow gssproxy_t gssd_t:key read;
+  allow gssproxy_t ssh_exec_t:file getattr;
-- 
cgit