Check that a specific file supports selinux properties before trying to set them. This patch is functionally identical to the one Darrell Fuhriman submitted with the bug report.
Signed-off-by: Jesse Wolfe <[email protected]> --- lib/puppet/util/selinux.rb | 2 +- spec/unit/util/selinux.rb | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletions(-) diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb index bdf4415..25d86f7 100644 --- a/lib/puppet/util/selinux.rb +++ b/lib/puppet/util/selinux.rb @@ -91,7 +91,7 @@ module Puppet::Util::SELinux # I believe that the OS should always provide at least a fall-through context # though on any well-running system. def set_selinux_context(file, value, component = false) - unless selinux_support? + unless selinux_support? && selinux_label_support?(file) return nil end diff --git a/spec/unit/util/selinux.rb b/spec/unit/util/selinux.rb index da4686e..2a9a418 100755 --- a/spec/unit/util/selinux.rb +++ b/spec/unit/util/selinux.rb @@ -158,6 +158,12 @@ describe Puppet::Util::SELinux do set_selinux_context("/foo", "user_u:role_r:type_t:s0").should be_nil end + it "should return nil if selinux_label_support returns false" do + self.expects(:selinux_support?).returns true + self.expects(:selinux_label_support?).with("/foo").returns false + set_selinux_context("/foo", "user_u:role_r:type_t:s0").should be_nil + end + it "should use lsetfilecon to set a context" do self.expects(:selinux_support?).returns true Selinux.expects(:lsetfilecon).with("/foo", "user_u:role_r:type_t:s0").returns 0 -- 1.6.3.3 -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
