From 25824d2007e062f32a7bf3c502eaf9b8f2bf4c15 Mon Sep 17 00:00:00 2001
From: Scott Moser <smoser@ubuntu.com>
Date: Sun, 30 Oct 2011 17:17:03 -0400
Subject: Restore created files' selinux contexts

This adds a restorecon_if_possible method which uses selinux
python module, and uses that for files modified in /etc.

taken from
git://pkgs.fedoraproject.org/cloud-init.git
commit 87f33190f43d2b26cced4597e7298835024466c2
Author: Garrett Holmstrom <gholms@fedoraproject.org>
Patch3: cloud-init-0.6.2-filecontext.patch
---
 cloudinit/CloudConfig/cc_puppet.py | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'cloudinit/CloudConfig/cc_puppet.py')

diff --git a/cloudinit/CloudConfig/cc_puppet.py b/cloudinit/CloudConfig/cc_puppet.py
index 64b7c237..1dcd6a75 100644
--- a/cloudinit/CloudConfig/cc_puppet.py
+++ b/cloudinit/CloudConfig/cc_puppet.py
@@ -22,6 +22,7 @@ import subprocess
 import StringIO
 import ConfigParser
 import cloudinit.CloudConfig as cc
+import cloudinit.util as util
 
 def handle(name,cfg,cloud,log,args):
     # If there isn't a puppet key in the configuration don't do anything
@@ -58,6 +59,7 @@ def handle(name,cfg,cloud,log,args):
                 ca_fh.close()
                 os.chown('/var/lib/puppet/ssl/certs/ca.pem',
                          pwd.getpwnam('puppet').pw_uid, 0)
+                util.restorecon_if_possible('/var/lib/puppet', recursive=True)
             else:
                 #puppet_conf_fh.write("\n[%s]\n" % (cfg_name))
                 # If puppet.conf already has this section we don't want to write it again
@@ -81,6 +83,7 @@ def handle(name,cfg,cloud,log,args):
             os.rename('/etc/puppet/puppet.conf','/etc/puppet/puppet.conf.old')
             with open('/etc/puppet/puppet.conf', 'wb') as configfile:
                 puppet_config.write(configfile)
+            util.restorecon_if_possible('/etc/puppet/puppet.conf')
     # Set puppet default file to automatically start
     subprocess.check_call(['sed', '-i',
                            '-e', 's/^START=.*/START=yes/',
-- 
cgit v1.2.3