From dea915f5ce3702ce5c53f6a438d53360b42b22ad Mon Sep 17 00:00:00 2001 From: Gordon Messmer Date: Wed, 18 Nov 2015 18:55:54 -0800 Subject: bcfg2 server sends a complete SELinux context, but we only need the type. Treat this the same as selinux.matchpathcon. --- src/lib/Bcfg2/Client/Tools/POSIX/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index 488920989..d5c1c7e14 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -563,7 +563,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): errors.append("%s has no default SELinux context" % entry.get("name")) else: - wanted_secontext = entry.get("secontext") + wanted_secontext = entry.get("secontext").split(":")[2] if (wanted_secontext and attrib['current_secontext'] != wanted_secontext): errors.append("SELinux context for path %s is incorrect. " -- cgit v1.2.3-1-g7c22 From 9137799d93dd19051713b08a36e008fdb25aab31 Mon Sep 17 00:00:00 2001 From: Gordon Messmer Date: Thu, 19 Nov 2015 11:29:27 -0800 Subject: Only set wanted_secontext if we have a value to set --- src/lib/Bcfg2/Client/Tools/POSIX/base.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/lib/Bcfg2/Client/Tools/POSIX/base.py b/src/lib/Bcfg2/Client/Tools/POSIX/base.py index d5c1c7e14..5309e9c6e 100644 --- a/src/lib/Bcfg2/Client/Tools/POSIX/base.py +++ b/src/lib/Bcfg2/Client/Tools/POSIX/base.py @@ -562,7 +562,7 @@ class POSIXTool(Bcfg2.Client.Tools.Tool): except OSError: errors.append("%s has no default SELinux context" % entry.get("name")) - else: + elif entry.get("secontext"): wanted_secontext = entry.get("secontext").split(":")[2] if (wanted_secontext and attrib['current_secontext'] != wanted_secontext): -- cgit v1.2.3-1-g7c22