Added SELinux policy to Allow DUO Api

2020-11-26 12:09:17 +13:00
parent 07f2b3cd4e
commit 70b82629ee
2 changed files with 17 additions and 1 deletions
--- a/files/selinux/duo.pp
+++ b/files/selinux/duo.pp
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -43,4 +43,20 @@
  notify: restart sshd

 - name: Flush Handlers
-  meta: flush_handlers
+  meta: flush_handlers
+
+- name: Duo SELinux Enablement
+  block:
+    - name: Copy SELinux Module
+      copy:
+        src: files/duo.pp
+        dest: /tmp/duo.pp
+
+    - name: Install Policy (Ensure we can access DUO Api)
+      command: /usr/sbin/semodule -i /tmp/duo.pp
+
+    - name: Remove Policy file
+      file:
+        path: /tmp/duo.pp
+        state: absent
+