From 8ed0e55d777c3fd019aade94a68e4aaf33aab7f6 Mon Sep 17 00:00:00 2001
From: Stonewall Jackson <stonewall@sacredheartsc.com>
Date: Mon, 20 Feb 2023 12:00:23 -0500
Subject: selinux: add readme

---
 roles/selinux/README.md | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)
 create mode 100644 roles/selinux/README.md

(limited to 'roles/selinux/README.md')

diff --git a/roles/selinux/README.md b/roles/selinux/README.md
new file mode 100644
index 0000000..97c0489
--- /dev/null
+++ b/roles/selinux/README.md
@@ -0,0 +1,32 @@
+SELinux
+=======
+
+Description
+-----------
+
+The `selinux` role sets the SELinux enforcement policy, enables `auditd`, and
+reboots the host (if necessary).
+
+Variables
+---------
+
+This role **accepts** the following variables:
+
+Variable          | Default | Description
+------------------|---------|------------
+`selinux_enabled` | yes     | `enforcing` if true, `disabled` if false
+
+
+Usage
+-----
+
+Example playbook:
+
+````yaml
+- name: set selinux policy
+  hosts: all
+  roles:
+    - role: selinux
+      vars:
+        selinux_enabled: yes
+````
-- 
cgit