2 files changed, 15 insertions, 9 deletions

diff --git a/src/lib/Bcfg2/Client/Tools/SELinux.py b/src/lib/Bcfg2/Client/Tools/SELinux.py
index 018a7eae4..f060a1374 100644
--- a/src/lib/Bcfg2/Client/Tools/SELinux.py
+++ b/src/lib/Bcfg2/Client/Tools/SELinux.py
@@ -703,8 +703,14 @@ class SELinuxModuleHandler(SELinuxEntryHandler):
         return rv
 
     def _filepath(self, entry):
-        return os.path.join("/usr/share/selinux", self.setype,
-                            "%s.pp" % entry.get("name"))
+        path = os.path.join("/usr/share/selinux", self.setype,
+                            entry.get("name").lstrip("/"))
+        if not path.endswith(".pp"):
+            # the entry name we get from the SEModules plugin should
+            # always have .pp on the end, but we double check just to
+            # make absolutely certain
+            path = path + ".pp"
+        return path
 
     def _pathentry(self, entry):
         pathentry = copy.deepcopy(entry)
@@ -744,7 +750,7 @@ class SELinuxModuleHandler(SELinuxEntryHandler):
     def _install_seobject(self, entry):
         try:
             if not SELinuxEntryHandler.Install(self, entry):
-                return false
+                return False
         except NameError:
             # some versions of selinux have a bug in seobject that
             # makes modify() calls fail.  add() seems to have the same
@@ -765,7 +771,7 @@ class SELinuxModuleHandler(SELinuxEntryHandler):
         try:
             proc = Popen(['semodule', '-i', self._filepath(entry)],
                          stdout=PIPE, stderr=PIPE)
-            out, err = proc.communicate()
+            err = proc.communicate()[1]
             rv = proc.wait()
         except OSError:
             err = sys.exc_info()[1]
diff --git a/src/lib/Bcfg2/Server/Plugins/SEModules.py b/src/lib/Bcfg2/Server/Plugins/SEModules.py
index 8e1dd15f6..8093d34ca 100644
--- a/src/lib/Bcfg2/Server/Plugins/SEModules.py
+++ b/src/lib/Bcfg2/Server/Plugins/SEModules.py
@@ -5,6 +5,7 @@ from Bcfg2.Compat import b64encode
 
 logger = logging.getLogger(__name__)
 
+
 class SEModuleData(Bcfg2.Server.Plugin.SpecificData):
     def bind_entry(self, entry, _):
         entry.set('encoding', 'base64')
@@ -24,20 +25,19 @@ class SEModules(Bcfg2.Server.Plugin.GroupSpool):
         to be able to specify module entries as name='foo' or
         name='foo.pp', so we put this abstraction in between """
         if entry.get("name").endswith(".pp"):
-            name = entry.get("name")
+            return entry.get("name")
         else:
-            name = entry.get("name") + ".pp"
-        return "/" + name
+            return entry.get("name") + ".pp"
 
     def HandlesEntry(self, entry, metadata):
         if entry.tag in self.Entries and entry.get('type') == 'module':
-            return self._get_module_name(entry) in self.Entries[entry.tag]
+            return "/" + self._get_module_name(entry) in self.Entries[entry.tag]
         return Bcfg2.Server.Plugin.GroupSpool.HandlesEntry(self, entry,
                                                            metadata)
 
     def HandleEntry(self, entry, metadata):
         entry.set("name", self._get_module_name(entry))
-        return self.Entries[entry.tag][entry.get("name")](entry, metadata)
+        return self.Entries[entry.tag]["/" + entry.get("name")](entry, metadata)
 
     def add_entry(self, event):
         self.filename_pattern = \