[refpolicy] [PATCH 1/1] Mount output should be writeable to puppet_tmp_t

Daniel J Walsh dwalsh at redhat.com
Tue Sep 27 13:03:29 CDT 2011


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/27/2011 12:40 PM, Sven Vermeulen wrote:
> On Tue, Sep 27, 2011 at 09:29:58AM -0400, Christopher J. PeBenito
> wrote:
>>>> Well, the way puppet should manage anything selinux related
>>>> should be though packages I think.  For instance, I have
>>>> puppet set up to install selinux-nginx on gentoo.  Then if I
>>>> place a file via puppet it gets relabeled automatically via
>>>> the file context.
>> 
>> I assume either it is installed correctly with setfscreatecon()
>> or you run restorecon on it?
> 
> Puppet is SELinux-aware (at least it is build with libselinux.so
> references) so I guess it is the former.
> 
> Wkr, Sven Vermeulen
> 
> _______________________________________________ refpolicy mailing
> list refpolicy at oss.tresys.com 
> http://oss.tresys.com/mailman/listinfo/refpolicy
Yes puppet was made Somewhat SELinux aware. It can do most of the
stuff you would expect with libselinux, but not the stuff that
libsemanage does.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk6CD/EACgkQrlYvE4MpobMGWACeOoUre+aA8drmZoP4qgNA5s9H
W3AAoIxL8VMIpB/fV3jcCtQMsx/jo0Xf
=jsKB
-----END PGP SIGNATURE-----


More information about the refpolicy mailing list