Issue #18982 has been updated by Rene Cunningham.
Thanks Andrew, the patch worked for me. Cheers. ---------------------------------------- Bug #18982: Mount type doesnt handle SELinux context for NFS https://projects.puppetlabs.com/issues/18982#change-82425 Author: Rene Cunningham Status: Unreviewed Priority: Normal Assignee: Category: mount Target version: Affected Puppet version: 2.6.17 Keywords: mount nfs selinux Branch: Howdy, Running RHEL6 with puppet 2.6.17. mount resources with fstype set to 'nfs' and SELinux contexts passed as options fail to mount during a puppet run. When I have this <pre> mount { '/mnt/foo': device => 'bar:/nfs/export', fstype => 'nfs', ensure => 'mounted', options => 'rw,intr,soft,context=system_u:object_r:var_log_t:s0', atboot => true, ensure => mounted, } </pre> puppet agent errors with this <pre> err: /Stage[main]/MyModule::SubClass/Mount[/mnt/mountpoint]: Could not evaluate: Execution of '/bin/mount -o rw,intr,soft,context=system_u:object_r:var_log_t:s0 /mnt/mountpoint' returned 32: mount.nfs: an incorrect mount option was specified </pre> yet /etc/fstab is populated correctly <pre> nfsserver:/nfs/export /mnt/mountpoint nfs rw,intr,soft,context=system_u:object_r:var_log_t:s0 0 0 </pre> I can manually mount the NFS export with 'mount -a' once puppet is run though would obviously like puppet to do this for me. When manually running the 'mount' command above without context=, the mount is successful. >From my initial investigations, mount.nfs that ships with RHEL6 doesnt support >the SELinux context option. I've got around this by calling an exec after the mount and reconfiguring the mount resource with 'ensure => present' <pre> exec { 'mount-mountpoint': command => 'mount /mnt/mountpoint', require => Mount['/mnt/mountpount'], unless => "mount -t nfs | grep -q '/mnt/mountpoint'", path => ['/bin', '/usr/bin', '/usr/sbin', '/sbin'] } </pre> -- You have received this notification because you have either subscribed to it, or are involved in it. To change your notification preferences, please click here: http://projects.puppetlabs.com/my/account -- You received this message because you are subscribed to the Google Groups "Puppet Bugs" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/puppet-bugs?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
