From 4b8f7b9607e6af84ef4c64ebc3d4bf1fb572c17a Mon Sep 17 00:00:00 2001
From: Jacob Vosmaer <contact@jacobvosmaer.nl>
Date: Wed, 2 Jul 2014 13:49:49 +0200
Subject: [PATCH] Recursively set the SELinux type of ~git/.ssh

---
 CHANGELOG                                             | 1 +
 files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG b/CHANGELOG
index b24df75..a89103d 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -8,6 +8,7 @@ omnibus-gitlab repository.
 - Fix MySQL build for Ubuntu 14.04
 - Built-in UDP log shipping (Enterprise Edition only)
 - Trigger Unicorn/Sidekiq restart during version change
+- Recursively set the SELinux type of ~git/.ssh
 
 7.0.0-ee.omnibus.1
 - Fix MySQL build for Ubuntu 14.04
diff --git a/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb b/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
index 87cfa28..6bc3ec7 100644
--- a/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
+++ b/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
@@ -54,7 +54,7 @@ end
 
 # If SELinux is enabled, make sure that OpenSSH thinks the .ssh directory of the
 # git_user is valid.
-execute "chcon -t ssh_home_t #{ssh_dir}" do
+execute "chcon --recursive --type ssh_home_t #{ssh_dir}" do
   only_if "id -Z"
 end
 
--
libgit2 0.21.2