diff options
| author | ekultails <ekultails@gmail.com> | 2016-11-29 08:54:05 -0500 |
|---|---|---|
| committer | Michael Scherer <mscherer@users.noreply.github.com> | 2016-11-29 14:54:05 +0100 |
| commit | 0cb32a7b304e97b5ee04d8d3fa32d2f09302d837 (patch) | |
| tree | 18b5b2bf53a8ddec3e2fa608dc57ad71a87f9f96 | |
| parent | c67315fc4e0c3bc5cb519ef2651cccf4bc659780 (diff) | |
| download | ansible-modules-core-0cb32a7b304e97b5ee04d8d3fa32d2f09302d837.tar.gz | |
add correct SELinux file context for crontabs (#4511) (#4595)
| -rw-r--r-- | system/cron.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/system/cron.py b/system/cron.py index 9dd5b5c9..b747a8cf 100644 --- a/system/cron.py +++ b/system/cron.py @@ -233,6 +233,12 @@ import tempfile import platform import pipes +try: + import selinux + HAS_SELINUX = True +except ImportError: + HAS_SELINUX = False + CRONCMD = "/usr/bin/crontab" class CronTabError(Exception): @@ -334,6 +340,10 @@ class CronTab(object): if rc != 0: self.module.fail_json(msg=err) + # set SELinux permissions + if HAS_SELINUX: + selinux.selinux_lsetfilecon_default(self.cron_file) + def do_comment(self, name): return "%s%s" % (self.ansible, name) |