SELinux context fixes for wiki module.

2012-06-28 16:17:56 +03:00 · 2012-06-28 16:17:56 +03:00 · 80fdca2f9b
commit 80fdca2f9b
parent f17e3f055e
1 changed files with 17 additions and 1 deletions
--- a/wiki/manifests/init.pp
+++ b/wiki/manifests/init.pp
@ -176,11 +176,16 @@ class wiki::collab::base {
            mode    => "0755",
            owner   => "root",
            group   => "root",
+            seltype => "httpd_sys_rw_content_t",
+        }
+        selinux::manage_fcontext { "${wiki_datadir}(/.*)?":
+            type   => "httpd_sys_rw_content_t",
+            before => File[$wiki_datadir],
        }
-
        file { "/srv/wikis":
            ensure  => link,
            target  => $wiki_datadir,
+            seltype => "httpd_sys_rw_content_t",
            require => File[$wiki_datadir],
        }
    } else {
@ -189,8 +194,13 @@ class wiki::collab::base {
            mode    => "0755",
            owner   => "root",
            group   => "root",
+            seltype => "httpd_sys_rw_content_t",
        }
    }
+    selinux::manage_fcontext { "/srv/wikis(/.*)?":
+        type   => "httpd_sys_rw_content_t",
+        before => File[$wiki_datadir],
+    }

    file { [ "/srv/wikis/collab",
             "/srv/wikis/collab/archive",
@ -207,6 +217,7 @@ class wiki::collab::base {
        mode    => "2660",
        owner   => "collab",
        group   => "collab",
+        seltype => "httpd_sys_rw_content_t",
        require => [ File["/srv/wikis"], User["collab"], Group["collab"],
                     Class["wiki::moin", "wiki::collab"], ],
        before  => Exec["collab-create collab collab"],
@ -231,6 +242,7 @@ class wiki::collab::base {
                     "puppet:///files/wiki/collabfarm.py",
                     "/usr/local/src/graphingwiki/collab/config/collabfarm.py", ],
        replace => false,
+        seltype => "httpd_sys_rw_content_t",
        require => File["/srv/wikis/collab/config"],
        before  => Exec["collab-create collab collab"],
    }
@ -242,6 +254,7 @@ class wiki::collab::base {
        group   => "collab",
        source  => "/usr/local/src/graphingwiki/collab/config/intermap.txt",
        replace => false,
+        seltype => "httpd_sys_rw_content_t",
        require => File["/srv/wikis/collab/config"],
        before  => Exec["collab-create collab collab"],
    }
@ -253,6 +266,7 @@ class wiki::collab::base {
        group   => "collab",
        source  => "/usr/local/src/graphingwiki/collab/config/logging.conf",
        replace => false,
+        seltype => "httpd_sys_rw_content_t",
        require => File["/srv/wikis/collab/config"],
        before  => Exec["collab-create collab collab"],
    }
@ -262,6 +276,7 @@ class wiki::collab::base {
        mode    => "0660",
        owner   => "collab",
        group   => "collab",
+        seltype => "httpd_sys_rw_content_t",
        require => File["/srv/wikis/collab/log"],
    }

@ -272,6 +287,7 @@ class wiki::collab::base {
        group   => "collab",
        source  => "puppet:///modules/wiki/htaccess",
        replace => false,
+        seltype => "httpd_sys_rw_content_t",
        require => File["/srv/wikis/collab/htdocs"],
        before  => Exec["collab-create collab collab"],
    }