TJM
commented
8 years ago Simple workaround is to run restorecon -Rv /etc/puppet/environments/(env)
Closed TJM closed 3 years ago
TJM
commented
8 years ago Simple workaround is to run restorecon -Rv /etc/puppet/environments/(env)
lvlie
commented
7 years ago Code should do "mv -Z" or similar.
TJM
commented
7 years ago @lvlie - I would recommend using cp instead of mv, as older versions may not support mv (EL6). Alternatively, we could set the "temporary" directory to some place under /etc/puppet (/etc/puppetlabs), which would have the "correct" context, and would even work better to ensure that its a semi-atomic operation. The /tmp directory is likely on another filesystem (outside of a lab), so mv is just going to copy, then unlink anyhow.
github-actions[bot]
commented
3 years ago This issue has been marked stale because it has had no activity for 60 days. The Puppet Team is actively prioritizing existing bugs and new features, if this issue is still important to you please comment and we will add this to our backlog to complete. Otherwise, it will be closed in 7 days.
While using SELinux in "enforcing" mode, pulling down modules from Forge, the SELINUX context is
user_temp_tinstead ofpuppet_etc_twhich makes the files unreadable to the puppet master.