Fixed selinux contexts from syslog datadirectories.

2011-08-31 13:11:10 +03:00 · 2011-08-31 13:11:10 +03:00 · ee89b2a20b
commit ee89b2a20b
parent 3ba3bc2842
1 changed files with 24 additions and 8 deletions
--- a/syslog/manifests/init.pp
+++ b/syslog/manifests/init.pp
@ -148,10 +148,11 @@ class syslog::standalone {

    if $syslog_datadir {
        file { $syslog_datadir:
-            ensure => directory,
-            mode   => 2750,
-            owner  => "root",
-            group  => $group,
+            ensure  => directory,
+            mode    => 2750,
+            owner   => "root",
+            group   => $group,
+            seltype => "var_log_t",
        }
        file { "/srv/log":
            ensure  => link,
@ -159,13 +160,15 @@ class syslog::standalone {
            owner   => "root",
            group   => $group,
            require => File[$syslog_datadir],
+            seltype => "var_log_t",
        }
    } else {
        file { "/srv/log":
-            ensure => directory,
-            mode   => 2750,
-            owner  => "root",
-            group  => $group,
+            ensure  => directory,
+            mode    => 2750,
+            owner   => "root",
+            group   => $group,
+            seltype => "var_log_t",
        }
    }

@ -206,6 +209,19 @@ class syslog::standalone {
        default: { fail("Unknown \$syslog_type '$syslog_type'") }
    }

+    if "${selinux}" == "true" {
+        selinux::manage_fcontext { "/srv/log(/all\.log)?":
+            type   => "var_log_t",
+            before => File["/srv/log"],
+        }
+        if $syslog_datadir {
+            selinux::manage_fcontext { "${syslog_datadir}(/all\.log)?":
+                type   => "var_log_t",
+                before => File[$syslog_datadir],
+            }
+        }
+    }
+
 }