This chapter set out to demystify some of the repetitiveness of configuring SELinux and auditd on Linux hosts. While it's not possible to explain all of the intricacies of them in a book on Puppet, we hope that there was enough information to get you started and perhaps, reverse the trend of just setting it to disabled or permissive.

First, we looked at what SELinux and auditd were, and gave a brief example of how they can be used. We looked at what they can do, and how they can be used to secure your systems.

After this, we looked at the specific support for SELinux in Puppet. We looked at the two built-in types to support it, as well as the parameters on the file type.

Then, we took a look at one of the several community modules for managing ...