Merge 46472e2 into e53bcfb

lib/puppet/provider/selinux_fcontext/semanage.rb

@@ -71,12 +71,19 @@ def self.instances
     # should never conflict with system policy
     # Old semanage fails with --locallist, use -C
     local_fcs = Selinux.selinux_file_context_local_path
+    fcs = Selinux.selinux_file_context_path
+
+    fcontext_lines = []
+
+    if File.exist? fcs
+      fcontext_lines = parse_fcontext_lines(File.readlines(fcs))
+    end
+
     if File.exist? local_fcs
-      parse_fcontext_lines(File.readlines(local_fcs))
-    else
-      # no file, no local contexts
-      []
+      fcontext_lines += parse_fcontext_lines(File.readlines(local_fcs))
     end
+
+    fcontext_lines
   end
 
   def self.prefetch(resources)

spec/unit/puppet/provider/selinux_fcontext/semanage_spec.rb

@@ -5,6 +5,10 @@ module Selinux
   def selinux_file_context_local_path
     'spec_dummy'
   end
+
+  def selinux_file_context_path
+    'spec_context_dummy'
+  end
 end
 
 semanage_provider = Puppet::Type.type(:selinux_fcontext).provider(:semanage)
@@ -19,6 +23,15 @@ def selinux_file_context_local_path
 /something/else -s <<none>>
 EOS
 
+fcontexts_system = <<-EOS
+# This file is auto-generated by libsemanage
+# Do not edit directly.
+
+/foobar    system_u:object_r:bin_t:s0
+/tmp/foobar -d system_u:object_r:boot_t:s0
+/something/else -s <<none>>
+EOS
+
 describe semanage_provider do
   on_supported_os.each do |os, facts|
     context "on #{os}" do
@@ -29,11 +42,14 @@ def selinux_file_context_local_path
       context "with a single #{name} fcontext" do
         before do
           Selinux.expects(:selinux_file_context_local_path).returns('spec_dummy')
+          Selinux.expects(:selinux_file_context_path).returns('spec_context_dummy')
           File.expects(:exist?).with('spec_dummy').returns(true)
+          File.expects(:exist?).with('spec_context_dummy').returns(true)
           File.expects(:readlines).with('spec_dummy').returns(fcontexts_local.split("\n"))
+          File.expects(:readlines).with('spec_context_dummy').returns(fcontexts_system.split("\n"))
         end
         it 'returns three resources' do
-          expect(described_class.instances.size).to eq(3)
+          expect(described_class.instances.size).to eq(6)
         end
         it 'regular contexts get parsed properly' do
           expect(described_class.instances[0].instance_variable_get('@property_hash')).to eq(
@@ -63,7 +79,9 @@ def selinux_file_context_local_path
       context 'with no fcontexts defined, and no fcontexts.local file' do
         before do
           Selinux.expects(:selinux_file_context_local_path).returns('spec_dummy')
+          Selinux.expects(:selinux_file_context_path).returns('spec_context_dummy')
           File.expects(:exist?).with('spec_dummy').returns(false)
+          File.expects(:exist?).with('spec_context_dummy').returns(false)
         end
         it 'returns no resources' do
           expect(described_class.instances.size).to eq(0)
@@ -111,8 +129,11 @@ def selinux_file_context_local_path
         before do
           # prefetch should find the provider parsed from this:
           Selinux.expects(:selinux_file_context_local_path).returns('spec_dummy')
+          Selinux.expects(:selinux_file_context_path).returns('spec_context_dummy')
           File.expects(:exist?).with('spec_dummy').returns(true)
+          File.expects(:exist?).with('spec_context_dummy').returns(true)
           File.expects(:readlines).with('spec_dummy').returns(fcontexts_local.split("\n"))
+          File.expects(:readlines).with('spec_context_dummy').returns(fcontexts_system.split("\n"))
           semanage_provider.prefetch(resources)
         end
         it 'finds provider for /foobar' do