Issue #21827 has been reported by Trevor Vaughan.
----------------------------------------
Bug #21827: SELinux selrange does not translate between human readable and
setrans.conf settings.
https://projects.puppetlabs.com/issues/21827
* Author: Trevor Vaughan
* Status: Unreviewed
* Priority: Normal
* Assignee:
* Category: SELinux
* Target version:
* Affected Puppet version: 2.7.22
* Keywords:
* Branch:
----------------------------------------
Given the following file statement:
file { '/tmp/foo':
selrange => 's0'
}
And, mcstransd is running.
Then, if /tmp/foo has the following SELinux attributes:
system_u:object_r:tmp_t:SystemLow
Then, the code should not try to replace SystemLow with s0.
Remedy:
The SELinux portion of the file provider should pre-load the file
/etc/selinux/$::selinux_mode/setrans.conf and use that to determine if s0 ==
SystemLow.
There may be an easier way of doing this if mcstransd is running, but it might
not be on the system and having file resources trigger every time is not good.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/groups/opt_out.
