diff options
| author | Jesse Wolfe <jes5199@gmail.com> | 2011-02-25 13:47:22 -0800 |
|---|---|---|
| committer | Jesse Wolfe <jes5199@gmail.com> | 2011-02-25 13:47:22 -0800 |
| commit | 96e9f8f4feab5d768fff304fdb129405596ba128 (patch) | |
| tree | fdda1e3329fad8aaa7eae7adc6e0334128245260 | |
| parent | 1172a4ee50040843e0e4b5eef73183aaf50be855 (diff) | |
| parent | ac2262d071cc2c9841843354585980696c689ca3 (diff) | |
| download | puppet-96e9f8f4feab5d768fff304fdb129405596ba128.tar.gz puppet-96e9f8f4feab5d768fff304fdb129405596ba128.tar.xz puppet-96e9f8f4feab5d768fff304fdb129405596ba128.zip | |
Merge branch 'ticket/2.6.next/3999' into 2.6.next
| -rw-r--r-- | lib/puppet/type/file/selcontext.rb | 16 | ||||
| -rw-r--r-- | spec/unit/type/file/selinux_spec.rb | 5 |
2 files changed, 21 insertions, 0 deletions
diff --git a/lib/puppet/type/file/selcontext.rb b/lib/puppet/type/file/selcontext.rb index a33c6a000..ea385eec0 100644 --- a/lib/puppet/type/file/selcontext.rb +++ b/lib/puppet/type/file/selcontext.rb @@ -32,9 +32,14 @@ module Puppet end def retrieve_default_context(property) + if @resource[:selinux_ignore_defaults] == :true + return nil + end + unless context = self.get_selinux_default_context(@resource[:path]) return nil end + property_default = self.parse_selinux_context(property, context) self.debug "Found #{property} default '#{property_default}' for #{@resource[:path]}" if not property_default.nil? property_default @@ -54,6 +59,17 @@ module Puppet end end + Puppet::Type.type(:file).newparam(:selinux_ignore_defaults) do + desc "If this is set then Puppet will not ask SELinux (via matchpathcon) to + supply defaults for the SELinux attributes (seluser, selrole, + seltype, and selrange). In general, you should leave this set at its + default and only set it to true when you need Puppet to not try to fix + SELinux labels automatically." + newvalues(:true, :false) + + defaultto :false + end + Puppet::Type.type(:file).newproperty(:seluser, :parent => Puppet::SELFileContext) do desc "What the SELinux user component of the context of the file should be. Any valid SELinux user component is accepted. For example `user_u`. diff --git a/spec/unit/type/file/selinux_spec.rb b/spec/unit/type/file/selinux_spec.rb index 043471dec..a2444acd9 100644 --- a/spec/unit/type/file/selinux_spec.rb +++ b/spec/unit/type/file/selinux_spec.rb @@ -66,6 +66,11 @@ Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f @sel.default.must == expectedresult end + it "should return nil for defaults if selinux_ignore_defaults is true" do + @resource[:selinux_ignore_defaults] = :true + @sel.default.must be_nil + end + it "should be able to set a new context" do stat = stub 'stat', :ftype => "foo" @sel.should = %w{newone} |