For kanidm_unixd_tasks, check the current SELinux mode in addition to
kernel support. If SELinux is disabled at runtime, any attempts to query
the policy will fail, so also disable SELinux features if this is the
case.
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
* selinux is an optional feature
* unix_integration: add selinux config option
On SELinux systems, this setting controls whether SELinux relabeling of
newly created home directories should be performed. The default value of
this is on (even on non-SELinux systems), but the tasks daemon will
perform an additional runtime check for SELinux support and will disable
this feature automatically if this check fails.
* unix_integration: wire up home dir selinux labeling
* unix_integration: create equivalence rules in SELinux policy for aliases
* book: document selinux setting
* Add myself to CONTRIBUTORS.md
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
