mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 20:47:01 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
kanidm/unix_integration/src/constants.rs
Kenton Groombridge e3d5f3c8ae
SELinux support for kanidm-unixd-tasks daemon (#1661) 
* selinux is an optional feature
* unix_integration: add selinux config option

On SELinux systems, this setting controls whether SELinux relabeling of
newly created home directories should be performed. The default value of
this is on (even on non-SELinux systems), but the tasks daemon will
perform an additional runtime check for SELinux support and will disable
this feature automatically if this check fails.

* unix_integration: wire up home dir selinux labeling
* unix_integration: create equivalence rules in SELinux policy for aliases
* book: document selinux setting
* Add myself to CONTRIBUTORS.md

Signed-off-by: Kenton Groombridge <concord@gentoo.org>
2023-05-30 19:51:12 +10:00

17 lines
823 B
Rust
Raw Blame History

use crate::unix_config::{HomeAttr, UidAttr};
pub const DEFAULT_CONFIG_PATH: &str = "/etc/kanidm/unixd";
pub const DEFAULT_SOCK_PATH: &str = "/var/run/kanidm-unixd/sock";
pub const DEFAULT_TASK_SOCK_PATH: &str = "/var/run/kanidm-unixd/task_sock";
pub const DEFAULT_DB_PATH: &str = "/var/cache/kanidm-unixd/kanidm.cache.db";
pub const DEFAULT_CONN_TIMEOUT: u64 = 2;
pub const DEFAULT_CACHE_TIMEOUT: u64 = 15;
pub const DEFAULT_SHELL: &str = "/bin/sh";
pub const DEFAULT_HOME_PREFIX: &str = "/home/";
pub const DEFAULT_HOME_ATTR: HomeAttr = HomeAttr::Uuid;
pub const DEFAULT_HOME_ALIAS: Option<HomeAttr> = Some(HomeAttr::Spn);
pub const DEFAULT_USE_ETC_SKEL: bool = false;
pub const DEFAULT_UID_ATTR_MAP: UidAttr = UidAttr::Spn;
pub const DEFAULT_GID_ATTR_MAP: UidAttr = UidAttr::Spn;
pub const DEFAULT_SELINUX: bool = true;
Reference in a new issue View git blame Copy permalink