From: dwalsh@redhat.com (Daniel J Walsh) Date: Tue, 27 Sep 2011 14:03:29 -0400 Subject: [refpolicy] [PATCH 1/1] Mount output should be writeable to puppet_tmp_t In-Reply-To: <20110927164054.GC17946@siphos.be> References: <1316877756.9488.19.camel@x220.mydomain.internal> <4E807A5B.3050602@redhat.com> <20110926142242.GA14599@siphos.be> <4E8093E6.8060605@redhat.com> <1317049868.18323.4.camel@x220.mydomain.internal> <4E809D16.4040109@redhat.com> <4E80C4F7.2030903@tresys.com> <4E81C8AC.60308@redhat.com> <4E81CFD6.80203@tresys.com> <20110927164054.GC17946@siphos.be> Message-ID: <4E820FF1.1070803@redhat.com> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/27/2011 12:40 PM, Sven Vermeulen wrote: > On Tue, Sep 27, 2011 at 09:29:58AM -0400, Christopher J. PeBenito > wrote: >>>> Well, the way puppet should manage anything selinux related >>>> should be though packages I think. For instance, I have >>>> puppet set up to install selinux-nginx on gentoo. Then if I >>>> place a file via puppet it gets relabeled automatically via >>>> the file context. >> >> I assume either it is installed correctly with setfscreatecon() >> or you run restorecon on it? > > Puppet is SELinux-aware (at least it is build with libselinux.so > references) so I guess it is the former. > > Wkr, Sven Vermeulen > > _______________________________________________ refpolicy mailing > list refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy Yes puppet was made Somewhat SELinux aware. It can do most of the stuff you would expect with libselinux, but not the stuff that libsemanage does. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk6CD/EACgkQrlYvE4MpobMGWACeOoUre+aA8drmZoP4qgNA5s9H W3AAoIxL8VMIpB/fV3jcCtQMsx/jo0Xf =jsKB -----END PGP SIGNATURE-----