From 7c2dc0cadc03bc5dd2da3155e5773ad4471563df Mon Sep 17 00:00:00 2001
From: James Shubin <james@shubin.ca>
Date: Sat, 7 Sep 2013 16:48:50 -0400
Subject: Set proper selinux context and perms. Keep Dan Walsh from crying.

This avoids the constant flip flops you'll see during puppet runs.
I think glusterd might be setting them correctly, but puppet kept
changing them back to the default. All fixed now :)
---
 manifests/host.pp | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

(limited to 'manifests')

diff --git a/manifests/host.pp b/manifests/host.pp
index 8a05292..9a31f97 100644
--- a/manifests/host.pp
+++ b/manifests/host.pp
@@ -29,7 +29,9 @@ define gluster::host(
 			content => template('gluster/glusterd.info.erb'),
 			owner => root,
 			group => root,
-			mode => 644,					# u=rw,go=r
+			mode => 600,				# u=rw,go=r
+			seltype => 'glusterd_var_lib_t',
+			seluser => 'unconfined_u',
 			ensure => present,
 			require => File['/var/lib/glusterd/'],
 		}
@@ -78,7 +80,9 @@ define gluster::host(
 			owner => root,
 			group => root,
 			# NOTE: this mode was found by inspecting the process
-			mode => 600,					# u=rw,go=
+			mode => 600,				# u=rw,go=r
+			seltype => 'glusterd_var_lib_t',
+			seluser => 'unconfined_u',
 		}
 	}
 }
-- 
cgit