From 80422d9aa723c75ff9db3b5d596148a89954b246 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Timo=20M=E4kinen?= <tmakinen@foo.sh>
Date: Wed, 6 Oct 2010 12:12:32 +0300
Subject: [PATCH] Added define to manage SELinux file contexts.

---
 selinux/manifests/init.pp | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/selinux/manifests/init.pp b/selinux/manifests/init.pp
index 7d34a88..cecaab2 100644
--- a/selinux/manifests/init.pp
+++ b/selinux/manifests/init.pp
@@ -60,7 +60,7 @@ class selinux {
         },
         path    => "/bin:/usr/bin:/sbin:/usr/sbin",
         unless  => "getenforce | egrep -i '${selinux_type}'",
-        require => file["/etc/selinux/config"],
+        require => File["/etc/selinux/config"],
     }
     
 }
@@ -90,6 +90,31 @@ define selinux::boolean($value) {
 }
 
 
+# Configure SELinux file contexts
+#
+# === Parameters
+#
+#   $name:
+#       Regexp of path to configure
+#   $type:
+#       SELinux type for file
+#
+# === Sample usage
+#
+# selinux::manage_fcontext { "/srv/www/http(/.*)?":
+#     type => "httpd_sys_content_t",
+# }
+#
+define selinux::manage_fcontext($type) {
+
+    exec { "semanage fcontext -a -t '${type}' '${name}' && restorecon -R `echo '${name}' | sed -e 's/(.*$//'`":
+        path   => "/bin:/usr/bin:/sbin:/usr/sbin",
+        unless => "matchpathcon `echo '${name}' | sed -e 's/(.*$//'` | egrep -q ':${type}:'",
+    }
+
+}
+
+
 # Configure SELinux port authorizations
 #
 # === Parameters