From fb7bfa61a9e472ecf80da350001400373e7e75e4 Mon Sep 17 00:00:00 2001 From: Michael DeHaan Date: Fri, 3 May 2013 10:18:55 -0400 Subject: [PATCH] Fix SELinux context on atomic_move --- lib/ansible/module_common.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/lib/ansible/module_common.py b/lib/ansible/module_common.py index 2f88cb6328c..c7358363501 100644 --- a/lib/ansible/module_common.py +++ b/lib/ansible/module_common.py @@ -298,7 +298,7 @@ class AnsibleModule(object): context = ret[1].split(':') return context - def selinux_context(self, path): + def selinux_context(self, path) context = self.selinux_initial_context() if not HAVE_SELINUX or not self.selinux_enabled(): return context @@ -810,6 +810,7 @@ class AnsibleModule(object): def atomic_move(self, src, dest): '''atomically move src to dest, copying attributes from dest, returns true on success''' rc = False + context = None if os.path.exists(dest): st = os.stat(dest) os.chmod(src, st.st_mode & 07777) @@ -840,6 +841,9 @@ class AnsibleModule(object): if self.selinux_enabled(): self.set_context_if_different(tmp_dest, context, False) os.rename(tmp_dest, dest) + if self.selinux_enabled(): + # rename might not preserve context + self.set_context_if_different(tmp_dest, context, False) rc = True except (shutil.Error, OSError, IOError), e: cleanup()