Puppet Class: mrepo::selinux

Defined in:
manifests/selinux.pp

Overview

This class configures selinux contexts for serving mrepo mirror data with apache. It corrects the SELinux context of mrepo mirror data to ensure that the web server can access mirror files.

Parameters

Optional parameters can be found in the mrepo::params class

Examples

This class does not need to be directly included

Author

Adrien Thebo <adrien@puppetlabs.com>

Copyright 2011 Puppet Labs, unless otherwise noted



21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
 
# File 'manifests/selinux.pp', line 21

class mrepo::selinux {
  $src_root = $mrepo::src_root
  $www_root = $mrepo::www_root
  $context  = $mrepo::selinux_context

  if $mrepo::use_selinux {
    exec { "Apply httpd context to mrepo ${src_root}":
      command   => "chcon -hR ${context} ${src_root}",
      path      => ['/usr/bin', '/bin'],
      user      => 'root',
      group     => 'root',
      unless    => "test `ls -dZ ${src_root} | awk '{print \$4}'` = '${context}'",
      require   => File[$src_root],
      logoutput => on_failure,
    }

    exec { "Apply httpd context to mrepo ${www_root}":
      command   => "chcon -hR ${context} ${www_root}",
      path      => ['/usr/bin', '/bin'],
      user      => 'root',
      group     => 'root',
      unless    => "test `ls -dZ ${www_root} | awk '{print \$4}'` = '${context}'",
      require   => File[$www_root],
      logoutput => on_failure,
    }
  }
}