Fixed SELinux file contexts from ldap::server.
This commit is contained in:
parent
e8788f51bf
commit
87e8d757ad
1 changed files with 18 additions and 0 deletions
|
|
@ -447,11 +447,13 @@ class ldap::server {
|
||||||
mode => "0700",
|
mode => "0700",
|
||||||
owner => $user,
|
owner => $user,
|
||||||
group => $group,
|
group => $group,
|
||||||
|
seltype => "slapd_db_t",
|
||||||
require => Package["openldap-server"],
|
require => Package["openldap-server"],
|
||||||
}
|
}
|
||||||
file { "/srv/ldap":
|
file { "/srv/ldap":
|
||||||
ensure => link,
|
ensure => link,
|
||||||
target => $ldap_datadir,
|
target => $ldap_datadir,
|
||||||
|
seltype => "slapd_db_t",
|
||||||
require => File[$ldap_datadir],
|
require => File[$ldap_datadir],
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -460,10 +462,24 @@ class ldap::server {
|
||||||
mode => "0700",
|
mode => "0700",
|
||||||
owner => $user,
|
owner => $user,
|
||||||
group => $group,
|
group => $group,
|
||||||
|
seltype => "slapd_db_t",
|
||||||
require => Package["openldap-server"],
|
require => Package["openldap-server"],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if "${selinux}" == "true" {
|
||||||
|
selinux::manage_fcontext { "/srv/ldap(/.*)?":
|
||||||
|
type => "slapd_db_t",
|
||||||
|
before => File["/srv/ldap"],
|
||||||
|
}
|
||||||
|
if $ldap_datadir {
|
||||||
|
selinux::manage_fcontext { "${ldap_datadir}(/.*)?":
|
||||||
|
type => "slapd_db_t",
|
||||||
|
before => File[$ldap_datadir],
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
file { "${config}/schema":
|
file { "${config}/schema":
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
source => "puppet:///modules/custom/empty",
|
source => "puppet:///modules/custom/empty",
|
||||||
|
|
@ -579,6 +595,7 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "") {
|
||||||
mode => "0700",
|
mode => "0700",
|
||||||
owner => $ldap::server::user,
|
owner => $ldap::server::user,
|
||||||
group => $ldap::server::group,
|
group => $ldap::server::group,
|
||||||
|
seltype => "slapd_db_t",
|
||||||
require => File["/srv/ldap"],
|
require => File["/srv/ldap"],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -593,6 +610,7 @@ define ldap::server::database($aclsource = "", $master = "", $syncpw = "") {
|
||||||
"openbsd" => "wheel",
|
"openbsd" => "wheel",
|
||||||
default => "root",
|
default => "root",
|
||||||
},
|
},
|
||||||
|
seltype => "slapd_db_t",
|
||||||
require => File["/srv/ldap/${name}"],
|
require => File["/srv/ldap/${name}"],
|
||||||
before => Service["slapd"],
|
before => Service["slapd"],
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue