From 500c0261311f2580c473d5176d5c7c049b45d5ac Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Wed, 1 Aug 2012 12:18:12 +0300
Subject: [PATCH] SELinux fixes for apache module.

---
 apache/manifests/init.pp | 24 ++++++++++--------------
 1 file changed, 10 insertions(+), 14 deletions(-)

diff --git a/apache/manifests/init.pp b/apache/manifests/init.pp
index b7daa39..4e7376b 100644
--- a/apache/manifests/init.pp
+++ b/apache/manifests/init.pp
@@ -28,7 +28,10 @@ class apache::common {
             group   => "root",
             seltype => "httpd_sys_content_t",
         }
-
+        selinux::manage_fcontext { "${apache_datadir}(/.*)?":
+            type   => "httpd_sys_content_t",
+            before => File[$apache_datadir],
+        }
         file { "/srv/www":
             ensure  => link,
             target  => $apache_datadir,
@@ -51,15 +54,6 @@ class apache::common {
         require => File["/srv/www"],
     }
 
-    if "${selinux}" == "true" {
-        if $apache_datadir {
-            selinux::manage_fcontext { "${apache_datadir}(/.*)?":
-                type   => "httpd_sys_content_t",
-                before => File[$apache_datadir],
-            }
-        }
-    }
-
     package { "httpd":
         name   => $operatingsystem ? {
             debian  => "apache2",
@@ -73,12 +67,14 @@ class apache::common {
         ensure  => present,
         source  => "puppet:///modules/apache/www-logrotate.sh",
         mode    => "0755",
-        owner   => root,
-        group   => root,
-        seluser => "system_u",
-        selrole => "object_r",
+        owner   => "root",
+        group   => "root",
         seltype => "httpd_rotatelogs_exec_t",
     }
+    selinux::manage_fcontext { "/usr/local/sbin/www-logrotate.sh":
+        type   => "httpd_rotatelogs_exec_t",
+        before => File["/usr/local/sbin/www-logrotate.sh"],
+    }
 
     cron { "www-logrotate":
         ensure  => present,