Fix SELinux context on atomic_move

This commit is contained in:
Michael DeHaan 2013-05-03 10:18:55 -04:00
parent 4ecc7ea2e0
commit fb7bfa61a9

View file

@ -298,7 +298,7 @@ class AnsibleModule(object):
context = ret[1].split(':') context = ret[1].split(':')
return context return context
def selinux_context(self, path): def selinux_context(self, path)
context = self.selinux_initial_context() context = self.selinux_initial_context()
if not HAVE_SELINUX or not self.selinux_enabled(): if not HAVE_SELINUX or not self.selinux_enabled():
return context return context
@ -810,6 +810,7 @@ class AnsibleModule(object):
def atomic_move(self, src, dest): def atomic_move(self, src, dest):
'''atomically move src to dest, copying attributes from dest, returns true on success''' '''atomically move src to dest, copying attributes from dest, returns true on success'''
rc = False rc = False
context = None
if os.path.exists(dest): if os.path.exists(dest):
st = os.stat(dest) st = os.stat(dest)
os.chmod(src, st.st_mode & 07777) os.chmod(src, st.st_mode & 07777)
@ -840,6 +841,9 @@ class AnsibleModule(object):
if self.selinux_enabled(): if self.selinux_enabled():
self.set_context_if_different(tmp_dest, context, False) self.set_context_if_different(tmp_dest, context, False)
os.rename(tmp_dest, dest) os.rename(tmp_dest, dest)
if self.selinux_enabled():
# rename might not preserve context
self.set_context_if_different(tmp_dest, context, False)
rc = True rc = True
except (shutil.Error, OSError, IOError), e: except (shutil.Error, OSError, IOError), e:
cleanup() cleanup()