Added option to disable recursion on selinux::manage_fcontext.
This commit is contained in:
parent
235fc9e45e
commit
57dd46b169
1 changed files with 17 additions and 2 deletions
|
|
@ -98,6 +98,8 @@ define selinux::boolean($value) {
|
|||
# Regexp of path to configure
|
||||
# $type:
|
||||
# SELinux type for file
|
||||
# $recurse:
|
||||
# Recursively run restorecon on given path. Defaults to true.
|
||||
#
|
||||
# === Sample usage
|
||||
#
|
||||
|
|
@ -105,11 +107,24 @@ define selinux::boolean($value) {
|
|||
# type => "httpd_sys_content_t",
|
||||
# }
|
||||
#
|
||||
define selinux::manage_fcontext($type) {
|
||||
define selinux::manage_fcontext($type, $recurse = true) {
|
||||
|
||||
exec { "semanage fcontext -a -t '${type}' '${name}' && restorecon -iR `echo '${name}' | sed -e 's/(.*$//'`":
|
||||
exec { "semanage fcontext -a -t '${type}' '${name}'":
|
||||
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
||||
unless => "matchpathcon `echo '${name}' | sed -e 's/(.*$//'` | egrep -q ':${type}(:s[0-9]*)?$'",
|
||||
notify => Exec["restorecon ${name}"],
|
||||
}
|
||||
|
||||
if $recurse {
|
||||
$restorecon_opts = "-R"
|
||||
} else {
|
||||
$restorecon_opts = ""
|
||||
}
|
||||
|
||||
exec { "restorecon ${name}":
|
||||
command => "restorecon -i ${restorecon_opts} `echo '${name}' | sed -e 's/(.*$//'`",
|
||||
path => "/bin:/usr/bin:/sbin:/usr/sbin",
|
||||
refreshonly => true,
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue