Fixed SELinux contexts from Apache log directories.
This commit is contained in:
parent
458854708c
commit
c69fb5afb0
2 changed files with 26 additions and 7 deletions
|
|
@ -32,6 +32,11 @@ class apache::common {
|
||||||
type => "httpd_sys_content_t",
|
type => "httpd_sys_content_t",
|
||||||
before => File[$apache_datadir],
|
before => File[$apache_datadir],
|
||||||
}
|
}
|
||||||
|
selinux::manage_fcontext { "${apache_datadir}/log(/.*)?":
|
||||||
|
type => "httpd_log_t",
|
||||||
|
before => File["/srv/www/log"],
|
||||||
|
require => Selinux::Manage_fcontext["${apache_datadir}(/.*)?"],
|
||||||
|
}
|
||||||
file { "/srv/www":
|
file { "/srv/www":
|
||||||
ensure => link,
|
ensure => link,
|
||||||
target => $apache_datadir,
|
target => $apache_datadir,
|
||||||
|
|
@ -44,13 +49,18 @@ class apache::common {
|
||||||
owner => root,
|
owner => root,
|
||||||
group => root,
|
group => root,
|
||||||
}
|
}
|
||||||
|
selinux::manage_fcontext { "/srv/www/log(/.*)?":
|
||||||
|
type => "httpd_log_t",
|
||||||
|
before => File["/srv/www/log"],
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
file { "/srv/www/log":
|
file { "/srv/www/log":
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
mode => "0755",
|
mode => "0755",
|
||||||
owner => root,
|
owner => "root",
|
||||||
group => root,
|
group => "root",
|
||||||
|
seltype => "httpd_log_t",
|
||||||
require => File["/srv/www"],
|
require => File["/srv/www"],
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -21,6 +21,10 @@ class apache::redhat::server {
|
||||||
source => "puppet:///modules/custom/empty",
|
source => "puppet:///modules/custom/empty",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
File["/srv/www/log/http", "/srv/www/log/http/${homename}"] {
|
||||||
|
seltype => "httpd_log_t",
|
||||||
|
}
|
||||||
|
|
||||||
file { "/etc/httpd/conf/httpd.conf":
|
file { "/etc/httpd/conf/httpd.conf":
|
||||||
ensure => present,
|
ensure => present,
|
||||||
content => template("apache/httpd.conf.erb"),
|
content => template("apache/httpd.conf.erb"),
|
||||||
|
|
@ -140,6 +144,10 @@ class apache::redhat::sslserver {
|
||||||
source => "puppet:///modules/custom/empty",
|
source => "puppet:///modules/custom/empty",
|
||||||
}
|
}
|
||||||
|
|
||||||
|
File["/srv/www/log/https", "/srv/www/log/https/${homename}"] {
|
||||||
|
seltype => "httpd_log_t",
|
||||||
|
}
|
||||||
|
|
||||||
file { "/etc/httpd/conf/httpsd.conf":
|
file { "/etc/httpd/conf/httpsd.conf":
|
||||||
ensure => present,
|
ensure => present,
|
||||||
mode => "0644",
|
mode => "0644",
|
||||||
|
|
@ -228,11 +236,12 @@ define apache::redhat::sslsite($ipaddr, $root, $ssl_cert, $ssl_key, $ssl_chain)
|
||||||
}
|
}
|
||||||
|
|
||||||
file { "/srv/www/log/https/${site_fqdn}":
|
file { "/srv/www/log/https/${site_fqdn}":
|
||||||
ensure => directory,
|
ensure => directory,
|
||||||
mode => "0755",
|
mode => "0755",
|
||||||
owner => root,
|
owner => "root",
|
||||||
group => root,
|
group => "root",
|
||||||
before => Service["httpsd"],
|
seltype => "httpd_log_t",
|
||||||
|
before => Service["httpsd"],
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue