2009-11-09 22:54:00 +00:00
|
|
|
## <summary>Puppet client daemon</summary>
|
|
|
|
|
## <desc>
|
2009-11-11 16:28:50 +00:00
|
|
|
## <p>
|
2009-11-09 22:54:00 +00:00
|
|
|
## Puppet is a configuration management system written in Ruby.
|
2009-11-11 16:28:50 +00:00
|
|
|
## The client daemon is responsible for periodically requesting the
|
|
|
|
|
## desired system state from the server and ensuring the state of
|
|
|
|
|
## the client system matches.
|
|
|
|
|
## </p>
|
|
|
|
|
## </desc>
|
|
|
|
|
|
2009-11-09 22:54:00 +00:00
|
|
|
################################################
|
|
|
|
|
## <summary>
|
2009-11-11 16:28:50 +00:00
|
|
|
## Read / Write to Puppet temp files. Puppet uses
|
|
|
|
|
## some system binaries (groupadd, etc) that run in
|
|
|
|
|
## a non-puppet domain and redirects output into temp
|
|
|
|
|
## files.
|
2009-11-09 22:54:00 +00:00
|
|
|
## </summary>
|
|
|
|
|
## <param name="domain">
|
2009-11-11 16:28:50 +00:00
|
|
|
## <summary>
|
2010-08-05 13:03:19 +00:00
|
|
|
## Domain allowed access.
|
2009-11-11 16:28:50 +00:00
|
|
|
## </summary>
|
|
|
|
|
## </param>
|
|
|
|
|
#
|
2009-11-09 22:54:00 +00:00
|
|
|
interface(`puppet_rw_tmp', `
|
|
|
|
|
gen_require(`
|
|
|
|
|
type puppet_tmp_t;
|
|
|
|
|
')
|
|
|
|
|
|
|
|
|
|
allow $1 puppet_tmp_t:file rw_file_perms;
|
|
|
|
|
files_search_tmp($1)
|
|
|
|
|
')
|
