Fix selinux on stg koji. Thanks Max!

author: Kevin Fenzi <kevin@scrye.com> 2015-04-29 17:43:43 +0000
committer: Kevin Fenzi <kevin@scrye.com> 2015-04-29 17:43:43 +0000
commit: db9ff499333a2012e303700c27c79b96aacfc261 (patch)
tree: 9b96552c4de93c8b7b45fd5607dea53d8795db35
parent: 11bc53e3111a6990e03c147508091008fe22f4a9 (diff)
download: ansible-db9ff499333a2012e303700c27c79b96aacfc261.tar.gz
ansible-db9ff499333a2012e303700c27c79b96aacfc261.tar.xz
ansible-db9ff499333a2012e303700c27c79b96aacfc261.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/roles/koji_hub/tasks/main.yml b/roles/koji_hub/tasks/main.yml
index 3839564c4..0b5642f6f 100644
--- a/roles/koji_hub/tasks/main.yml
+++ b/roles/koji_hub/tasks/main.yml
@@ -206,6 +206,24 @@
   tags:
   - koji_hub
 
+- name: check selinux default context for /mnt/fedora_koji in staging
+  command: matchpathcon /mnt/fedora_koji
+  register: mnt_fedora_koji_context
+  when: env == "staging"
+  always_run: yes
+  changed_when: "1 != 1"
+  tags:
+  - koji_hub
+  - selinux
+
+- name: /mnt/fedora_koji selinux file context
+  command: semanage fcontext -a -t httpd_sys_rw_content_t "/mnt/fedora_koji(/.*)?"
+  when: env == "staging" and
+        mnt_fedora_koji_context.stdout.find('httpd_sys_rw_content_t') == -1
+  tags:
+  - koji_hub
+  - selinux
+
 - name: set sebooleans so koji can talk to the db
   seboolean: name=httpd_can_network_connect_db state=true persistent=true
   tags:
author	Kevin Fenzi <kevin@scrye.com>	2015-04-29 17:43:43 +0000
committer	Kevin Fenzi <kevin@scrye.com>	2015-04-29 17:43:43 +0000
commit	db9ff499333a2012e303700c27c79b96aacfc261 (patch)
tree	9b96552c4de93c8b7b45fd5607dea53d8795db35
parent	11bc53e3111a6990e03c147508091008fe22f4a9 (diff)
download	ansible-db9ff499333a2012e303700c27c79b96aacfc261.tar.gz ansible-db9ff499333a2012e303700c27c79b96aacfc261.tar.xz ansible-db9ff499333a2012e303700c27c79b96aacfc261.zip