configpolicy

dustin

History

Dustin f9e8c78e5a roles/websites: Set authorized_keys file perms Because the various "webapp.*" users' home directories are under `/srv/www`, the default SELinux context type is `httpd_sys_content_t`. The SSH daemon is not allowed to read files with this label, so it cannot load the contents of these users' `authorized_keys` files. To address this, we have to explicitly set the SELinux type to `ssh_home_t`.	2020-12-30 20:59:27 -06:00
..
main.yml	roles/websites: Set authorized_keys file perms	2020-12-30 20:59:27 -06:00

Dustin f9e8c78e5a roles/websites: Set authorized_keys file perms

Because the various "webapp.*" users' home directories are under
`/srv/www`, the default SELinux context type is `httpd_sys_content_t`.
The SSH daemon is not allowed to read files with this label, so it
cannot load the contents of these users' `authorized_keys` files.  To
address this, we have to explicitly set the SELinux type to
`ssh_home_t`.

2020-12-30 20:59:27 -06:00

main.yml

roles/websites: Set authorized_keys file perms

2020-12-30 20:59:27 -06:00