From 910c1148691f4c16c2b4ef8d600561ec7054784d Mon Sep 17 00:00:00 2001
From: "Chris St. Pierre" <chris.a.st.pierre@gmail.com>
Date: Wed, 10 Apr 2013 13:52:24 -0400
Subject: SELinux: when the policy is upgraded, local changes can be lost
 (although the fact that there are local changes may be retained).  cope with
 this bug.

---
 src/lib/Bcfg2/Client/Tools/SELinux.py | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/lib/Bcfg2/Client/Tools/SELinux.py b/src/lib/Bcfg2/Client/Tools/SELinux.py
index 0041ce61a..19d3fa6fc 100644
--- a/src/lib/Bcfg2/Client/Tools/SELinux.py
+++ b/src/lib/Bcfg2/Client/Tools/SELinux.py
@@ -204,7 +204,16 @@ class SELinuxEntryHandler(object):
         type, if the records object supports the customized() method
         """
         if hasattr(self.records, "customized") and self.custom_re:
-            return dict([(k, self.all_records[k]) for k in self.custom_keys])
+            rv = dict()
+            for key in self.custom_keys:
+                if key in self.all_records:
+                    rv[key] = self.all_records[key]
+                else:
+                    self.logger.warning("SELinux %s %s customized, but no "
+                                        "record found. This may indicate an "
+                                        "error in your SELinux policy." %
+                                        (self.etype, key))
+            return rv
         else:
             # ValueError is really a pretty dumb exception to raise,
             # but that's what the seobject customized() method raises
-- 
cgit v1.2.3-1-g7c22