[Pkg-puppet-devel] [SCM] Puppet packaging for Debian branch, master, updated. debian/0.24.6-1-356-g5718585
James Turnbull
james at lovedthanlost.net
Fri Jan 23 14:21:26 UTC 2009
The following commit has been merged in the master branch:
commit dedf0cdce952e36bcdccfc88b1efc33d9f5eaddb
Author: Sean E. Millichamp <sean at bruenor.org>
Date: Mon Oct 13 16:48:40 2008 -0400
Setting SELinux contexts with chcon should not dereference symbolic links
diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb
index 8c1aecf..d91a694 100644
--- a/lib/puppet/util/selinux.rb
+++ b/lib/puppet/util/selinux.rb
@@ -106,8 +106,8 @@ module Puppet::Util::SELinux
flag = ""
end
- Puppet.debug "Running chcon #{flag} #{value} #{file}"
- retval = system("chcon #{flag} #{value} #{file}")
+ Puppet.debug "Running chcon -h #{flag} #{value} #{file}"
+ retval = system("chcon -h #{flag} #{value} #{file}")
unless retval
error = Puppet::Error.new("failed to chcon %s" % [@resource[:path]])
raise error
diff --git a/spec/unit/util/selinux.rb b/spec/unit/util/selinux.rb
index 1718404..2d54d0a 100644
--- a/spec/unit/util/selinux.rb
+++ b/spec/unit/util/selinux.rb
@@ -117,31 +117,31 @@ describe Puppet::Util::SELinux do
it "should use chcon to set a context" do
self.expects(:selinux_support?).returns true
- self.expects(:system).with("chcon user_u:role_r:type_t:s0 /foo").returns 0
+ self.expects(:system).with("chcon -h user_u:role_r:type_t:s0 /foo").returns 0
set_selinux_context("/foo", "user_u:role_r:type_t:s0").should be_true
end
it "should use chcon to set user_u user context" do
self.expects(:selinux_support?).returns true
- self.expects(:system).with("chcon -u user_u /foo").returns 0
+ self.expects(:system).with("chcon -h -u user_u /foo").returns 0
set_selinux_context("/foo", "user_u", :seluser).should be_true
end
it "should use chcon to set role_r role context" do
self.expects(:selinux_support?).returns true
- self.expects(:system).with("chcon -r role_r /foo").returns 0
+ self.expects(:system).with("chcon -h -r role_r /foo").returns 0
set_selinux_context("/foo", "role_r", :selrole).should be_true
end
it "should use chcon to set type_t type context" do
self.expects(:selinux_support?).returns true
- self.expects(:system).with("chcon -t type_t /foo").returns 0
+ self.expects(:system).with("chcon -h -t type_t /foo").returns 0
set_selinux_context("/foo", "type_t", :seltype).should be_true
end
it "should use chcon to set s0:c3,c5 range context" do
self.expects(:selinux_support?).returns true
- self.expects(:system).with("chcon -l s0:c3,c5 /foo").returns 0
+ self.expects(:system).with("chcon -h -l s0:c3,c5 /foo").returns 0
set_selinux_context("/foo", "s0:c3,c5", :selrange).should be_true
end
end
--
Puppet packaging for Debian
More information about the Pkg-puppet-devel
mailing list