+1 On Mon, Nov 23, 2009 at 5:46 PM, Jesse Wolfe <[email protected]> wrote:
> Check that a specific file supports selinux properties before trying to > set them. > This patch is functionally identical to the one Darrell Fuhriman > submitted with the bug report. > > Signed-off-by: Jesse Wolfe <[email protected]> > --- > lib/puppet/util/selinux.rb | 2 +- > spec/unit/util/selinux.rb | 6 ++++++ > 2 files changed, 7 insertions(+), 1 deletions(-) > > diff --git a/lib/puppet/util/selinux.rb b/lib/puppet/util/selinux.rb > index bdf4415..25d86f7 100644 > --- a/lib/puppet/util/selinux.rb > +++ b/lib/puppet/util/selinux.rb > @@ -91,7 +91,7 @@ module Puppet::Util::SELinux > # I believe that the OS should always provide at least a fall-through > context > # though on any well-running system. > def set_selinux_context(file, value, component = false) > - unless selinux_support? > + unless selinux_support? && selinux_label_support?(file) > return nil > end > > diff --git a/spec/unit/util/selinux.rb b/spec/unit/util/selinux.rb > index da4686e..2a9a418 100755 > --- a/spec/unit/util/selinux.rb > +++ b/spec/unit/util/selinux.rb > @@ -158,6 +158,12 @@ describe Puppet::Util::SELinux do > set_selinux_context("/foo", "user_u:role_r:type_t:s0").should > be_nil > end > > + it "should return nil if selinux_label_support returns false" do > + self.expects(:selinux_support?).returns true > + self.expects(:selinux_label_support?).with("/foo").returns > false > + set_selinux_context("/foo", "user_u:role_r:type_t:s0").should > be_nil > + end > + > it "should use lsetfilecon to set a context" do > self.expects(:selinux_support?).returns true > Selinux.expects(:lsetfilecon).with("/foo", > "user_u:role_r:type_t:s0").returns 0 > -- > 1.6.3.3 > > -- > > You received this message because you are subscribed to the Google Groups > "Puppet Developers" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<puppet-dev%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/puppet-dev?hl=en. > > > -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
