Open ubellavance opened 7 years ago
Here is my config:
selinux::fcontext { '/var/www(/.*)(/.*)logs': ensure => present, recursive => true, setype => "httpd_log_t", }
Puppet runs selinux fcontext all the time because the regex used to check if it is already on the system is inaccurate. Debug output (second run with this config):
debug: Exec[semanage fcontext httpd_log_t /var/www(/.*)(/.*)logs(/.*)?](provider=posix): Executing check 'semanage fcontext --list | ( egrep '^/var/www(/.*)(/.*)logs\(/\.\*\)\?\s+.*\s+\w+:\w+:httpd_log_t:s0 $' >/dev/null)' debug: Executing 'semanage fcontext --list | ( egrep '^/var/www(/.*)(/.*)logs\(/\.\*\)\?\s+.*\s+\w+:\w+:httpd_log_t:s0 $' >/dev/null)' debug: Exec[semanage fcontext httpd_log_t /var/www(/.*)(/.*)logs(/.*)?](provider=posix): Executing 'semanage fcontext -a -t httpd_log_t "/var/www(/.*)(/.*)logs(/.*)?"' debug: Executing 'semanage fcontext -a -t httpd_log_t "/var/www(/.*)(/.*)logs(/.*)?"'
Contents of: /etc/selinux/targeted/contexts/files/file_contexts.local
/etc/selinux/targeted/contexts/files/file_contexts.local
/var/www(/.*)(/.*)logs(/.*)? system_u:object_r:httpd_log_t:s0
I can't figure out where the module's regex fails, though. I'm not good enough with regex.
Here is my config:
Puppet runs selinux fcontext all the time because the regex used to check if it is already on the system is inaccurate. Debug output (second run with this config):
Contents of:
/etc/selinux/targeted/contexts/files/file_contexts.local/var/www(/.*)(/.*)logs(/.*)? system_u:object_r:httpd_log_t:s0I can't figure out where the module's regex fails, though. I'm not good enough with regex.