From 0df8c3564bb95bede2419f27dde17835d7cecb9f Mon Sep 17 00:00:00 2001
From: Pavel Raiskup <praiskup@redhat.com>
Date: Tue, 10 Aug 2021 10:34:33 +0200
Subject: [PATCH] copr-be: copr-ping: selinux issue #1

---
 roles/copr/backend/tasks/copr-ping.yml | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/roles/copr/backend/tasks/copr-ping.yml b/roles/copr/backend/tasks/copr-ping.yml
index c8e25bc1b0..df08fbe38e 100644
--- a/roles/copr/backend/tasks/copr-ping.yml
+++ b/roles/copr/backend/tasks/copr-ping.yml
@@ -2,7 +2,7 @@
 - set_fact:
     ping_user: copr-ping
     ping_scriptdir: /home/copr-ping
-    ping_log: /var/log/copr-ping.log
+    ping_log: /var/tmp/copr-ping.log
     ping_script: copr-ping-script.sh
   tags: copr_ping
 
@@ -46,6 +46,13 @@
     mode: 0750
   tags: copr_ping
 
+- name: selinux - allow nrpe_t to read ping_log
+  sefcontext:
+    target: "{{ ping_log }}"
+    setype: nrpe_var_run_t
+    state: present
+  tags: copr_ping
+
 - name: rebuild the copr-ping package periodically
   ansible.builtin.cron:
     name: build the ping package