Do not execute selinux commands if policy disabled
If the system running cgit has disabled selinux, cgit should not attempt to run any selinux commands to prevent puppet apply from failing. Change-Id: I21add092d9d09077f2b23760a384f5a5cb91d86a
This commit is contained in:
parent
dc7e58943d
commit
5e368973fe
|
@ -31,7 +31,8 @@ class cgit(
|
|||
$manage_cgitrc = false,
|
||||
$prefork_settings = {}, # override the prefork worker settings
|
||||
$mpm_settings = {}, # override the mpm worker settings
|
||||
$cgitrc_settings = {}
|
||||
$cgitrc_settings = {},
|
||||
$selinux_mode = 'enforcing'
|
||||
) {
|
||||
validate_hash($prefork_settings)
|
||||
validate_hash($mpm_settings)
|
||||
|
@ -228,7 +229,14 @@ class cgit(
|
|||
}
|
||||
|
||||
if ($::osfamily == 'RedHat') {
|
||||
include ::cgit::selinux
|
||||
case $selinux_mode {
|
||||
'disabled': {
|
||||
warning('Running with selinux "disabled" is not recommended')
|
||||
}
|
||||
default: {
|
||||
include ::cgit::selinux
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if $ssl_cert_file_contents != undef {
|
||||
|
|
Loading…
Reference in New Issue