From 70b13e3c27944292cfe658284878de5cb3a4918c Mon Sep 17 00:00:00 2001

From: Gabriele Cerami <gcerami@redhat.com>

Date: Wed, 2 Nov 2016 00:44:37 +0100

Subject: [PATCH] Redis: restore rundir security context

When selinux rules packages are installed, rundir does not yet exist,

and security context for it cannot be applied. Calling restorecon after

dir creation ensures that the proper context is applied to the rundir.

If the context is not applied, selinux denies write permission, the unix

socket cannot be created, and redis does not start

---

 heartbeat/redis | 4 ++++

 1 file changed, 4 insertions(+)

diff --git a/heartbeat/redis b/heartbeat/redis

index f85b2f7..1fe8906 100755

--- a/heartbeat/redis

+++ b/heartbeat/redis

@@ -324,6 +324,10 @@ function start() {

 	[[ ! -d "$REDIS_RUNDIR" ]] && mkdir -p "$REDIS_RUNDIR"

 	chown -R "$REDIS_USER" "$REDIS_RUNDIR"

+	if have_binary "restorecon"; then

+		restorecon -Rv "$REDIS_RUNDIR"

+	fi

+

 	# check for 0 byte database dump file. This is an unrecoverable start

 	# condition that we can avoid by deleting the 0 byte database file.