cloud-init

Merge lp:~gholms/cloud-init/useradd-selinux into lp:~cloud-init-dev/cloud-init/trunk

  1. useradd-selinux
  2. Merge into trunk
Proposed by Garrett Holmstrom
Status: Merged
Merged at revision: 652
Proposed branch: lp:~gholms/cloud-init/useradd-selinux
Merge into: lp:~cloud-init-dev/cloud-init/trunk
Diff against target: 33 lines (+5/-0)
2 files modified
cloudinit/distros/__init__.py (+1/-0)
doc/examples/cloud-config-user-groups.txt (+4/-0)
To merge this branch: bzr merge lp:~gholms/cloud-init/useradd-selinux
Reviewer Review Type Date Requested Status
cloud-init Commiters Pending
Review via email: mp+124998@code.launchpad.net

Description of the change

Fedora and RHEL and friends' useradd program supports an "--selinux-user" option that sets what SELinux user a new user should log in with. This commit introduces an "selinux-user" directive to cloud-config "users" lists that exposes this option.

To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'cloudinit/distros/__init__.py'
2--- cloudinit/distros/__init__.py 2012-08-31 18:45:40 +0000
3+++ cloudinit/distros/__init__.py 2012-09-18 17:51:27 +0000
4@@ -239,6 +239,7 @@
5 "shell": '--shell',
6 "expiredate": '--expiredate',
7 "inactive": '--inactive',
8+ "selinux_user": '--selinux-user',
9 }
10
11 adduser_opts_flags = {
12
13=== modified file 'doc/examples/cloud-config-user-groups.txt'
14--- doc/examples/cloud-config-user-groups.txt 2012-08-31 19:36:35 +0000
15+++ doc/examples/cloud-config-user-groups.txt 2012-09-18 17:51:27 +0000
16@@ -12,6 +12,7 @@
17 gecos: Foo B. Bar
18 primary-group: foobar
19 groups: users
20+ selinux-user: staff_u
21 expiredate: 2012-09-01
22 ssh-import-id: foobar
23 lock-passwd: false
24@@ -38,6 +39,9 @@
25 # primary-group: define the primary group. Defaults to a new group created
26 # named after the user.
27 # groups: Optional. Additional groups to add the user to. Defaults to none
28+# selinux-user: Optional. The SELinux user for the user's login, such as
29+# "staff_u". When this is omitted the system will select the default
30+# SELinux user.
31 # lock-passwd: Defaults to true. Lock the password to disable password login
32 # inactive: Create the user as inactive
33 # passwd: The hash -- not the password itself -- of the password you want