Set the SELinux context of /var/tmp/bodhi-bz.cookie to httpd_tmp_t

author: Luke Macken <lmacken@redhat.com> 2014-03-11 18:41:12 +0000
committer: Luke Macken <lmacken@redhat.com> 2014-03-11 18:41:58 +0000
commit: d9f82bdd7f7aa95c8da1576f5446d6026493d9d2 (patch)
tree: 0d976e1489c8152805715626b632a6137ab2b923
parent: 1ca82167e0b15a5f8cefd3cdc797b0d4a3b82488 (diff)
download: ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.tar.gz
ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.tar.xz
ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.zip
1 files changed, 8 insertions, 14 deletions
diff --git a/roles/bodhi/base/tasks/main.yml b/roles/bodhi/base/tasks/main.yml
index ed47f87cf..52bd2179e 100644
--- a/roles/bodhi/base/tasks/main.yml
+++ b/roles/bodhi/base/tasks/main.yml
@@ -71,21 +71,15 @@
   tags:
   - config
 
-- name: install /var/tmp/bodhi-bz.cookie file
-  copy: >
-    dest=/var/tmp/bodhi-bz.cookie 
-    owner=bodhi 
-    group=bodhi 
-    mode=0600 
-    content="placeholder"
-    force=no
-  tags:
-  - config
+- name: check the selinux context of the bugzilla cookie
+  command: matchpathcon /var/tmp/bodhi-bz.cookie
+  register: cookiecontext
+  always_run: yes
+  changed_when: "1 != 1"
 
-- name: Make sure bodhi-bz.cookie is httpd_tmp_t for selinux.
-  file: >
-    setype=httpd_tmp_t
-    dest=/var/tmp/bodhi-bz.cookie
+- name: set the SELinux policy for the bugzilla cookie
+  command: semanage fcontext -a -t httpd_tmp_t "/var/tmp/bodhi-bz.cookie"
+  when: cookiecontext.stdout.find('httpd_tmp_t') == -1
   tags:
   - config
author	Luke Macken <lmacken@redhat.com>	2014-03-11 18:41:12 +0000
committer	Luke Macken <lmacken@redhat.com>	2014-03-11 18:41:58 +0000
commit	d9f82bdd7f7aa95c8da1576f5446d6026493d9d2 (patch)
tree	0d976e1489c8152805715626b632a6137ab2b923
parent	1ca82167e0b15a5f8cefd3cdc797b0d4a3b82488 (diff)
download	ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.tar.gz ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.tar.xz ansible-d9f82bdd7f7aa95c8da1576f5446d6026493d9d2.zip