From 71a9e60396b1a4964c21308ce3a8bdddc97a721e Mon Sep 17 00:00:00 2001
From: "Sean E. Millichamp" <sean@bruenor.org>
Date: Thu, 6 Nov 2008 10:43:19 -0500
Subject: Fixes relating to transition to native SELinux bindings

---
 lib/puppet/type/file/selcontext.rb |  7 +++++++
 lib/puppet/util/selinux.rb         | 11 +++++++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/puppet/type/file/selcontext.rb b/lib/puppet/type/file/selcontext.rb
index d5111caf8..982910c04 100644
--- a/lib/puppet/type/file/selcontext.rb
+++ b/lib/puppet/type/file/selcontext.rb
@@ -50,6 +50,13 @@ module Puppet
                 end
             end
 
+            selcontext = self.should
+
+            if selcontext == :absent
+                # This is only valid for create states...
+                return nil
+            end
+
             self.set_selinux_context(@resource[:path], @should, name)
             return :file_changed
         end
diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb
index b181b3556..0df137370 100644
--- a/lib/puppet/util/selinux.rb
+++ b/lib/puppet/util/selinux.rb
@@ -44,8 +44,15 @@ module Puppet::Util::SELinux
         unless selinux_support?
             return nil
         end
-        filestat = File.lstat(file)
-        retval = Selinux.matchpathcon(file, filestat.mode)
+        # If the file exists we should pass the mode to matchpathcon for the most specific
+        # matching.  If not, we can pass a mode of 0.
+        begin
+            filestat = File.lstat(file)
+            mode = filestat.mode
+        rescue Errno::ENOENT
+            mode = 0
+        end
+        retval = Selinux.matchpathcon(file, mode)
         if retval == -1
             return nil
         end
-- 
cgit