From 6b813e7b36b77bd45abdf1371019e2d59bc2d210 Mon Sep 17 00:00:00 2001
From: Patrick Uiterwijk <puiterwijk@redhat.com>
Date: Wed, 8 Jul 2015 23:02:15 +0000
Subject: [PATCH] Set context on /srv/web

Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 roles/people/tasks/main.yml | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/roles/people/tasks/main.yml b/roles/people/tasks/main.yml
index 89d8de2115..bbc72cab29 100644
--- a/roles/people/tasks/main.yml
+++ b/roles/people/tasks/main.yml
@@ -96,6 +96,21 @@
   - config
   - selinux
 
+- name: check the selinux context of the web dir
+  command: matchpathcon "/srv/web(/.*)?"
+  register: gitcontext
+  always_run: yes
+  changed_when: false
+  tags:
+  - config
+  - selinux
+
+- name: set the SELinux policy for the web dir
+  command: semanage fcontext -a -t httpd_sys_content_t "/srv/web(/.*)?"
+  when: gitcontext.stdout.find('httpd_sys_content_t') == -1
+  tags:
+  - config
+  - selinux
 #
 # This sets the default, it's safe to always run. 
 # Default quota for users is 2gb