Merge pull request #302 from sfromm/selinux
Set default selinux context with '_default'
This commit is contained in:
commit
5fe677645d
1 changed files with 4 additions and 7 deletions
11
library/file
11
library/file
|
@ -170,17 +170,14 @@ seuser = params.get('seuser', None)
|
||||||
serole = params.get('serole', None)
|
serole = params.get('serole', None)
|
||||||
setype = params.get('setype', None)
|
setype = params.get('setype', None)
|
||||||
selevel = params.get('serange', 's0')
|
selevel = params.get('serange', 's0')
|
||||||
context = params.get('context', None)
|
|
||||||
secontext = [seuser, serole, setype]
|
secontext = [seuser, serole, setype]
|
||||||
if selinux_mls_enabled():
|
if selinux_mls_enabled():
|
||||||
secontext.append(selevel)
|
secontext.append(selevel)
|
||||||
|
|
||||||
if context is not None:
|
default_secontext = selinux_default_context(path)
|
||||||
if context != 'default':
|
for i in range(len(default_secontext)):
|
||||||
fail_json(msg='invalid context: %s' % context)
|
if i is not None and secontext[i] == '_default':
|
||||||
if seuser is not None or serole is not None or setype is not None:
|
secontext[i] = default_secontext[i]
|
||||||
fail_json(msg='cannot define context=default and seuser, serole or setype')
|
|
||||||
secontext = selinux_default_context(path)
|
|
||||||
|
|
||||||
if state not in [ 'file', 'directory', 'link', 'absent']:
|
if state not in [ 'file', 'directory', 'link', 'absent']:
|
||||||
fail_json(msg='invalid state: %s' % state)
|
fail_json(msg='invalid state: %s' % state)
|
||||||
|
|
Loading…
Reference in a new issue