Browse Source

Allow barbican to access /opt/nfast when selinux is enforcing

Change-Id: I29deabd99efecadadfd1c91d3419c04226045f9c
changes/19/680419/1
Douglas Mendizábal 2 weeks ago
parent
commit
1b2df10ebf
1 changed files with 7 additions and 0 deletions
  1. 7
    0
      tasks/client.yaml

+ 7
- 0
tasks/client.yaml View File

@@ -18,6 +18,13 @@
18 18
       create_home: true
19 19
       home: /opt/nfast
20 20
 
21
+- name: set selinux bool to allow barbican containers to access /opt/nfast
22
+  seboolean:
23
+      name: os_barbican_write_pki
24
+      state: yes
25
+      persistent: yes
26
+  when: ansible_os_family | lower = 'redhat'
27
+
21 28
 - name: Download Thales client tarball
22 29
   get_url:
23 30
       url: "{{ thales_client_tarball_location }}"

Loading…
Cancel
Save