From edb30944ee62682e4ed0b0cc6e3a437a343a1a57 Mon Sep 17 00:00:00 2001
From: Bryan Jen <bryan.jen@gmail.com>
Date: Thu, 1 Dec 2016 20:43:39 +0000
Subject: [PATCH] Completes re-add of SELinux support for puppet3 on EL7

---
 manifests/linux/redhat.pp | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/manifests/linux/redhat.pp b/manifests/linux/redhat.pp
index b071727..8f38929 100644
--- a/manifests/linux/redhat.pp
+++ b/manifests/linux/redhat.pp
@@ -71,12 +71,13 @@ class firewall::linux::redhat (
     File["/etc/sysconfig/${service_name}"] -> Service[$service_name]
 
     # Redhat 7 selinux user context for /etc/sysconfig/iptables is set to unconfined_u
+    # Redhat 7 selinux type context for /etc/sysconfig/iptables is set to etc_t
     case $::selinux {
       #lint:ignore:quoted_booleans
       'true',true: {
         case $::operatingsystemrelease {
-          /^(6|7)\..*/: { File["/etc/sysconfig/${service_name}"] { seluser => 'unconfined_u' } }
-          default:      { File["/etc/sysconfig/${service_name}"] { seluser => 'system_u' } }
+          /^(6|7)\..*/: { File["/etc/sysconfig/${service_name}"] { seluser => 'unconfined_u', seltype => 'etc_t' } }
+          default:      { File["/etc/sysconfig/${service_name}"] { seluser => 'system_u', seltype => 'system_conf_t' } }
         }
       }
       default:     {}
-- 
2.45.2