From: sven.vermeulen@siphos.be (Sven Vermeulen)
Date: Tue, 27 Sep 2011 18:40:55 +0200
Subject: [refpolicy] [PATCH 1/1] Mount output should be writeable to
 puppet_tmp_t
In-Reply-To: <4E81CFD6.80203@tresys.com>
References: <1316877756.9488.19.camel@x220.mydomain.internal>
	<4E807A5B.3050602@redhat.com> <20110926142242.GA14599@siphos.be>
	<4E8093E6.8060605@redhat.com>
	<1317049868.18323.4.camel@x220.mydomain.internal>
	<4E809D16.4040109@redhat.com> <4E80C4F7.2030903@tresys.com>
	<C9BCBFCE-6B87-4AE4-B84A-CD512E633824@mthode.org>
	<4E81C8AC.60308@redhat.com> <4E81CFD6.80203@tresys.com>
Message-ID: <20110927164054.GC17946@siphos.be>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue, Sep 27, 2011 at 09:29:58AM -0400, Christopher J. PeBenito wrote:
> >> Well, the way puppet should manage anything selinux related should
> >> be though packages I think.  For instance, I have puppet set up to
> >> install selinux-nginx on gentoo.  Then if I place a file via puppet
> >> it gets relabeled automatically via the file context.
> 
> I assume either it is installed correctly with setfscreatecon() or you run restorecon on it?

Puppet is SELinux-aware (at least it is build with libselinux.so references)
so I guess it is the former.

Wkr,
	Sven Vermeulen