Class: Puppet::SELFileContext

Inherits:
Property show all
Includes:
Util::SELinux
Defined in:
lib/puppet/type/file/selcontext.rb

Constant Summary

Constants included from Util::Docs

Util::Docs::HEADER_LEVELS

Constants included from Util

Util::AbsolutePathPosix, Util::AbsolutePathWindows, Util::DEFAULT_POSIX_MODE, Util::DEFAULT_WINDOWS_MODE

Constants included from Util::POSIX

Util::POSIX::LOCALE_ENV_VARS, Util::POSIX::USER_ENV_VARS

Constants included from Util::SymbolicFileMode

Util::SymbolicFileMode::SetGIDBit, Util::SymbolicFileMode::SetUIDBit, Util::SymbolicFileMode::StickyBit, Util::SymbolicFileMode::SymbolicMode, Util::SymbolicFileMode::SymbolicSpecialToBit

Constants included from Util::Logging

Util::Logging::FILE_AND_LINE, Util::Logging::FILE_NO_LINE, Util::Logging::MM, Util::Logging::NO_FILE_LINE, Util::Logging::SUPPRESS_FILE_LINE

Instance Attribute Summary

Attributes inherited from Property

#noop, #shouldorig

Attributes inherited from Parameter

#name, #parent, #resource, #sensitive

Attributes included from Util::Docs

#doc, #nodoc

Instance Method Summary collapse

Methods included from Util::SELinux

#get_selinux_current_context, #get_selinux_default_context, #parse_selinux_context, #selinux_category_to_label, #selinux_support?, #set_selinux_context, #set_selinux_default_context

Methods inherited from Property

#call_provider, #change_to_s, #event, #event_name, idempotent, idempotent=, #idempotent?, #insync_values?, #is_to_s, #log, #match_all?, method_added, #name, newvalue, #property_matches?, #safe_insync?, #set, #should, #should=, #should_to_s, #unsafe_validate, #validate_features_per_value, #value, #value=, value_name, value_option

Methods inherited from Parameter

aliasvalue, defaultto, desc, doc, #file, #format, format_value_for_display, #initialize, initvars, isnamevar, isnamevar?, #isnamevar?, isrequired, #line, #log, #metaparam?, munge, #munge, newvalues, nodefault, #noop, #path, #pathbuilder, #provider, proxymethods, #remove, #required?, required?, #tags, #to_s, unmunge, #unmunge, #unsafe_validate, validate, #validate, #value, #value=, #version

Methods included from Util::Docs

#desc, #dochook, #doctable, #markdown_definitionlist, #markdown_header, #nodoc?, #pad, scrub

Methods included from Util

absolute_path?, benchmark, chuser, clear_environment, default_env, deterministic_rand, deterministic_rand_int, exit_on_fail, get_env, get_environment, logmethods, merge_environment, path_to_uri, pretty_backtrace, replace_file, safe_posix_fork, set_env, symbolizehash, thinmark, uri_encode, uri_query_encode, uri_to_path, which, withenv, withumask

Methods included from Util::POSIX

#get_posix_field, #gid, #idfield, #methodbyid, #methodbyname, #search_posix_field, #uid

Methods included from Util::SymbolicFileMode

#normalize_symbolic_mode, #symbolic_mode_to_int, #valid_symbolic_mode?

Methods included from Util::MethodHelper

#requiredopts, #set_options, #symbolize_options

Methods included from Util::Logging

#clear_deprecation_warnings, #debug, #deprecation_warning, #format_exception, #get_deprecation_offender, #log_and_raise, #log_deprecations_to_file, #log_exception, #puppet_deprecation_warning, #send_log, setup_facter_logging!, #warn_once

Methods included from Util::Errors

#adderrorcontext, #devfail, #error_context, #exceptwrap, #fail

Constructor Details

This class inherits a constructor from Puppet::Parameter

Instance Method Details

#insync?(value) ⇒ Boolean

Returns:



54
55
56
57
58
59
60
61
62
63
64
# File 'lib/puppet/type/file/selcontext.rb', line 54

def insync?(value)
  if not selinux_support?
    debug("SELinux bindings not found. Ignoring parameter.")
    true
  elsif not selinux_label_support?(@resource[:path])
    debug("SELinux not available for this filesystem. Ignoring parameter.")
    true
  else
    super
  end
end

#retrieveObject



29
30
31
32
33
34
35
36
37
38
# File 'lib/puppet/type/file/selcontext.rb', line 29

def retrieve
  return :absent unless @resource.stat
  context = self.get_selinux_current_context(@resource[:path])
  is = parse_selinux_context(name, context)
  if name == :selrange and selinux_support?
    self.selinux_category_to_label(is)
  else
    is
  end
end

#retrieve_default_context(property) ⇒ Object



40
41
42
43
44
45
46
47
48
49
50
51
52
# File 'lib/puppet/type/file/selcontext.rb', line 40

def retrieve_default_context(property)
  if @resource[:selinux_ignore_defaults] == :true
    return nil
  end

  unless context = self.get_selinux_default_context(@resource[:path])
    return nil
  end

  property_default = self.parse_selinux_context(property, context)
  self.debug "Found #{property} default '#{property_default}' for #{@resource[:path]}" if not property_default.nil?
  property_default
end

#syncObject



78
79
80
81
# File 'lib/puppet/type/file/selcontext.rb', line 78

def sync
  self.set_selinux_context(@resource[:path], @should, name)
  :file_changed
end

#unsafe_munge(should) ⇒ Object



66
67
68
69
70
71
72
73
74
75
76
# File 'lib/puppet/type/file/selcontext.rb', line 66

def unsafe_munge(should)
  if not selinux_support?
    return should
  end

  if name == :selrange
    self.selinux_category_to_label(should)
  else
    should
  end
end