From 677ccf515ad27618bf370b65c4021003e04732de Mon Sep 17 00:00:00 2001
From: Macartur Sousa <macartur.sc@gmail.com>
Date: Thu, 16 Apr 2015 15:12:36 -0300
Subject: [PATCH] Added permission to access static files noosfero

---
 cookbooks/noosfero/files/noosfero.te  | 11 +++++++++++
 cookbooks/noosfero/recipes/default.rb | 13 +++++++++++++
 2 files changed, 24 insertions(+), 0 deletions(-)
 create mode 100644 cookbooks/noosfero/files/noosfero.te

diff --git a/cookbooks/noosfero/files/noosfero.te b/cookbooks/noosfero/files/noosfero.te
new file mode 100644
index 0000000..35bb1a1
--- /dev/null
+++ b/cookbooks/noosfero/files/noosfero.te
@@ -0,0 +1,11 @@
+
+module noosfero 1.0;
+
+require {
+	type initrc_tmp_t;
+	type httpd_t;
+	class file open;
+}
+
+#============= httpd_t ==============
+allow httpd_t initrc_tmp_t:file open;
diff --git a/cookbooks/noosfero/recipes/default.rb b/cookbooks/noosfero/recipes/default.rb
index a9e2a0e..875f156 100644
--- a/cookbooks/noosfero/recipes/default.rb
+++ b/cookbooks/noosfero/recipes/default.rb
@@ -66,3 +66,16 @@ template '/etc/nginx/conf.d/noosfero.conf' do
   source 'nginx.conf.erb'
   notifies :restart, 'service[nginx]'
 end
+
+###############################################
+#  SELinux: permission to access static files noosfero
+################################################
+
+cookbook_file '/etc/selinux/local/noosfero.te' do
+  notifies :run, 'execute[selinux-noosfero]'
+end
+
+execute 'selinux-noosfero' do
+  command 'selinux-install-module /etc/selinux/local/noosfero.te'
+  action :nothing
+end
--
libgit2 0.21.2