mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 13:04:00 -07:00 
			
		
		
		
	Update how to set default selinux context for file
This removes the 'context' option and replaces it with checks for '_default' value for seuser, serole, setype, or (maybe) selevel. If '_default' is provided *and* there is a default context for the given file, this will set the file context to the available default.
This commit is contained in:
		
					parent
					
						
							
								df61a65344
							
						
					
				
			
			
				commit
				
					
						f1b7149fcf
					
				
			
		
					 1 changed files with 4 additions and 7 deletions
				
			
		
							
								
								
									
										11
									
								
								library/file
									
										
									
									
									
								
							
							
						
						
									
										11
									
								
								library/file
									
										
									
									
									
								
							|  | @ -170,17 +170,14 @@ seuser    = params.get('seuser', None) | |||
| serole    = params.get('serole', None) | ||||
| setype    = params.get('setype', None) | ||||
| selevel   = params.get('serange', 's0') | ||||
| context   = params.get('context', None) | ||||
| secontext = [seuser, serole, setype] | ||||
| if selinux_mls_enabled(): | ||||
|     secontext.append(selevel) | ||||
| 
 | ||||
| if context is not None: | ||||
|     if context != 'default': | ||||
|         fail_json(msg='invalid context: %s' % context) | ||||
|     if seuser is not None or serole is not None or setype is not None: | ||||
|         fail_json(msg='cannot define context=default and seuser, serole or setype') | ||||
|     secontext = selinux_default_context(path) | ||||
| default_secontext = selinux_default_context(path) | ||||
| for i in range(len(default_secontext)): | ||||
|     if i is not None and secontext[i] == '_default': | ||||
|         secontext[i] = default_secontext[i] | ||||
| 
 | ||||
| if state not in [ 'file', 'directory', 'link', 'absent']: | ||||
|     fail_json(msg='invalid state: %s' % state) | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue