Commit a6700444 authored by Marc Remy's avatar Marc Remy
Browse files

Use RHEL SELinux type for /etc/aliases

parent ca91225b
......@@ -32,7 +32,7 @@ class postfix::files {
content => "# file managed by puppet\n",
notify => Exec['newaliases'],
replace => false,
seltype => $postfix::params::seltype,
seltype => $postfix::params::aliasesseltype,
}
# Aliases
......
class postfix::params {
case $::osfamily {
'RedHat': {
$aliasesseltype = $::operatingsystemmajrelease ? {
'4' => 'etc_t',
/5/ => 'postfix_etc_t',
/6|7/ => 'etc_aliases_t',
default => undef,
}
$seltype = $::operatingsystemmajrelease ? {
'4' => 'etc_t',
'4' => 'etc_t',
/5|6|7/ => 'postfix_etc_t',
default => undef,
}
......
......@@ -35,7 +35,6 @@ describe 'postfix' do
) }
else
it { is_expected.to contain_file('/etc/mailname').with_seltype('postfix_etc_t').with_content("foo.example.com\n") }
it { is_expected.to contain_file('/etc/aliases').with_seltype('postfix_etc_t').with_content("# file managed by puppet\n") }
it { is_expected.to contain_file('/etc/postfix/master.cf').with_seltype('postfix_etc_t') }
it { is_expected.to contain_file('/etc/postfix/main.cf').with_seltype('postfix_etc_t') }
......@@ -45,6 +44,7 @@ describe 'postfix' do
case facts[:operatingsystemmajrelease]
when '7'
it { is_expected.to contain_file('/etc/aliases').with_seltype('etc_aliases_t').with_content("# file managed by puppet\n") }
it {
is_expected.to contain_service('postfix').with(
:ensure => 'running',
......@@ -52,7 +52,17 @@ describe 'postfix' do
:hasstatus => 'true',
:restart => '/bin/systemctl reload postfix'
) }
when '6'
it { is_expected.to contain_file('/etc/aliases').with_seltype('etc_aliases_t').with_content("# file managed by puppet\n") }
it {
is_expected.to contain_service('postfix').with(
:ensure => 'running',
:enable => 'true',
:hasstatus => 'true',
:restart => '/etc/init.d/postfix reload'
) }
else
it { is_expected.to contain_file('/etc/aliases').with_seltype('postfix_etc_t').with_content("# file managed by puppet\n") }
it {
is_expected.to contain_service('postfix').with(
:ensure => 'running',
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment