Just to provide the list archives with some closure, this was tracked
down to be a bug in the puppet-selinux module, which the developer has
now fixed. This is no longer an issue :)
Cheers,
Jonathan
On 09/01/12 11:37, Jonathan Gazeley wrote:> Hi all,
>
> I''m having some problems working with puppet-selinux[1]
>
> I''ve successfully deployed the module in nodes.pp and got it to
set
> various SELinux modes, by using
>
> class { selinux: mode => ''permissive'' }
> or
> class { selinux: mode => ''enforcing'' }
>
> Now I want to load a custom SELinux policy file. According to the docs,
> the correct calling syntax is this
>
> selinux::module{ ''resnet-nrpe'':
> ensure => ''present'',
> source =>
''puppet:///modules/nagios/nrpe/resnet-nrpe.te'',
> }
>
> However running with that throws this error:
>
> err: Could not retrieve catalog from remote server: Error 400 on SERVER:
> Duplicate definition: Class[Selinux] is already defined in file
> /etc/puppet/manifests/nodes.pp at line 14; cannot redefine at
> /etc/puppet/modules/selinux/manifests/module.pp:40 on node
>
> So it looks like you can''t specify a class twice. selinux::module
seems
> to instantiate selinux automatically. I tried commenting this
> declaration but it threw this error instead:
>
> err: Could not retrieve catalog from remote server: Error 400 on SERVER:
> undefined method `<<'' for {}:Hash on node
>
> So, I don''t really know what the best solution is. The module code
is
> quite simple so I''d be grateful if someone could suggest the best
way.
> Ultimately, I want the SELinux module deployed on all my boxes,
> regardless of whether the box is running in permissive or enforcing mode.
>
> Thanks,
> Jonathan
>
> [1] https://github.com/jfryman/puppet-selinux
>
--
You received this message because you are subscribed to the Google Groups
"Puppet Users" group.
To post to this group, send email to puppet-users@googlegroups.com.
To unsubscribe from this group, send email to
puppet-users+unsubscribe@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/puppet-users?hl=en.