tmakinen/puppet
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fixed SELinux contexts from puppet::server.

Browse source
This commit is contained in:
Timo Mkinen 2012-02-06 23:26:40 +02:00
parent 8418c2c557
commit 1093ac1cf6
1 changed files with 21 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
puppet/manifests/init.pp
View file

@ -255,11 +255,13 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel", "openbsd" => "wheel",
default => "root", default => "root",
}, },
seltype => "var_lib_t",
require => Package["puppetmaster"], require => Package["puppetmaster"],
} }
file { "/srv/puppet": file { "/srv/puppet":
ensure => link, ensure => link,
target => "${puppet_datadir}", target => "${puppet_datadir}",
seltype => "var_lib_t",
require => File["${puppet_datadir}"], require => File["${puppet_datadir}"],
} }
} else { } else {
@ -271,16 +273,31 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel", "openbsd" => "wheel",
default => "root", default => "root",
}, },
seltype => "var_lib_t",
require => Package["puppetmaster"], require => Package["puppetmaster"],
} }
} }
if "${selinux}" == "true" {
selinux::manage_fcontext { "/srv/puppet(/.*)?":
type => "var_lib_t",
before => File["/srv/puppet"]
}
if $puppet_datadir {
selinux::manage_fcontext { "${puppet_datadir}(/.*)?":
type => "var_lib_t",
before => File[$puppet_datadir],
}
}
}
if $puppet_storeconfigs != "none" { if $puppet_storeconfigs != "none" {
file { "/srv/puppet/storeconfigs": file { "/srv/puppet/storeconfigs":
ensure => directory, ensure => directory,
mode => 0750, mode => 0750,
owner => $user, owner => $user,
group => $group, group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet"], require => File["/srv/puppet"],
} }
} }
@ -291,6 +308,7 @@ class puppet::server::common inherits puppet::client {
mode => 0750, mode => 0750,
owner => $user, owner => $user,
group => $group, group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet"], require => File["/srv/puppet"],
} }
file { [ "/srv/puppet/files", file { [ "/srv/puppet/files",
@ -302,6 +320,7 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel", "openbsd" => "wheel",
default => "root", default => "root",
}, },
seltype => "var_lib_t",
require => File["/srv/puppet"], require => File["/srv/puppet"],
} }
file { "/srv/puppet/files/common": file { "/srv/puppet/files/common":
@ -312,6 +331,7 @@ class puppet::server::common inherits puppet::client {
"openbsd" => "wheel", "openbsd" => "wheel",
default => "root", default => "root",
}, },
seltype => "var_lib_t",
require => File["/srv/puppet/files"], require => File["/srv/puppet/files"],
} }
file { "/srv/puppet/files/private": file { "/srv/puppet/files/private":
@ -319,6 +339,7 @@ class puppet::server::common inherits puppet::client {
mode => 0750, mode => 0750,
owner => root, owner => root,
group => $group, group => $group,
seltype => "var_lib_t",
require => File["/srv/puppet/files"], require => File["/srv/puppet/files"],
} }