andata
/
rancher-partner-charts
mirror of https://git.rancher.io/partner-charts
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
rancher-partner-charts/charts/weka/csi-wekafsplugin/2.5.1/templates/selinux-policy-machineconfi...

40 lines
2.4 KiB
YAML
Raw Blame History

{{- if .Capabilities.APIVersions.Has "security.openshift.io/v1/SecurityContextConstraints" }}
{{- range .Values.machineConfigLabels }}
kind: MachineConfig
apiVersion: machineconfiguration.openshift.io/v1
metadata:
name: 50-csi-wekafs-selinux-policy-{{ . }}
labels:
machineconfiguration.openshift.io/role: {{ . }}
spec:
osImageURL: ''
config:
ignition:
version: 3.2.0
storage:
files:
- filesystem: root
path: "/etc/selinux/csi-wekafs-selinux.cil"
contents:
source: data:text/plain;charset=utf-8;base64,KHR5cGVhbGlhcyB3ZWthZnNfY3NpX3ZvbHVtZV90KQoodHlwZWFsaWFzYWN0dWFsIHdla2Fmc19jc2lfdm9sdW1lX3Qgd2VrYWZzX3QpCih0eXBlYWxpYXMgd2VrYWZzX2ZpbGVzeXN0ZW1fdCkKKHR5cGVhbGlhc2FjdHVhbCB3ZWthZnNfZmlsZXN5c3RlbV90IHdla2Fmc190KQoodHlwZSB3ZWthZnNfdCkKKHJvbGV0eXBlIG9iamVjdF9yIHdla2Fmc190KQoodHlwZWF0dHJpYnV0ZXNldCBjaWxfZ2VuX3JlcXVpcmUgdW5sYWJlbGVkX3QpCih0eXBlYXR0cmlidXRlc2V0IGNpbF9nZW5fcmVxdWlyZSBjb250YWluZXJfdmFyX2xpYl90KQoodHlwZWF0dHJpYnV0ZXNldCBjaWxfZ2VuX3JlcXVpcmUgY29udGFpbmVyX3QpCih0eXBlYXR0cmlidXRlc2V0IGNpbF9nZW5fcmVxdWlyZSBzcG9vbGZpbGUpCih0eXBlYXR0cmlidXRlc2V0IHNwb29sZmlsZSAod2VrYWZzX3QgKSkKKHR5cGVhdHRyaWJ1dGVzZXQgY2lsX2dlbl9yZXF1aXJlIGZpbGVfdHlwZSkKKHR5cGVhdHRyaWJ1dGVzZXQgZmlsZV90eXBlICh3ZWthZnNfdCApKQoodHlwZWF0dHJpYnV0ZXNldCBjaWxfZ2VuX3JlcXVpcmUgbm9uX3NlY3VyaXR5X2ZpbGVfdHlwZSkKKHR5cGVhdHRyaWJ1dGVzZXQgbm9uX3NlY3VyaXR5X2ZpbGVfdHlwZSAod2VrYWZzX3QgKSkKKHR5cGVhdHRyaWJ1dGVzZXQgY2lsX2dlbl9yZXF1aXJlIG5vbl9hdXRoX2ZpbGVfdHlwZSkKKHR5cGVhdHRyaWJ1dGVzZXQgbm9uX2F1dGhfZmlsZV90eXBlICh3ZWthZnNfdCApKQooYWxsb3cgY29udGFpbmVyX3Qgd2VrYWZzX3QgKGRpciAoYWRkX25hbWUgY3JlYXRlIGdldGF0dHIgaW9jdGwgbGluayBsb2NrIG9wZW4gcmVhZCByZW1vdmVfbmFtZSByZW5hbWUgcmVwYXJlbnQgcm1kaXIgc2VhcmNoIHNldGF0dHIgdW5saW5rIHdyaXRlKSkpCihhbGxvdyBjb250YWluZXJfdCB3ZWthZnNfdCAoZmlsZSAoY3JlYXRlIG9wZW4gZ2V0YXR0ciBzZXRhdHRyIHJlYWQgd3JpdGUgYXBwZW5kIHJlbmFtZSBsaW5rIHVubGluayBpb2N0bCBsb2NrKSkpCg==
verification: {}
mode: 0755
systemd:
units:
- contents: |
[Unit]
Requires=systemd-udevd.target
After=NetworkManager.service
Before=sshd.service
DefaultDependencies=no
[Service]
Type=oneshot
ExecStart=/usr/sbin/semodule -i /etc/selinux/csi-wekafs-selinux.cil
[Install]
WantedBy=multi-user.target
name: csi-wekafs-selinux-policy.service
enabled: true
---
{{- end }}
{{- end }}
Reference in New Issue View Git Blame Copy Permalink