From 705c02c3a1ffaab8e3cd82d180a89ee38afc7519 Mon Sep 17 00:00:00 2001
From: Ben Vincent <ben@unkin.net>
Date: Mon, 27 Nov 2023 23:19:01 +1100
Subject: [PATCH] feat: fix selinux permissions each sync

- restorecon on each sync, to update selinux for new files/directories
---
 site/profiles/manifests/reposync/autosyncer.pp  | 4 +++-
 site/profiles/templates/reposync/autosyncer.erb | 3 +++
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/site/profiles/manifests/reposync/autosyncer.pp b/site/profiles/manifests/reposync/autosyncer.pp
index e2e8683..04393cd 100644
--- a/site/profiles/manifests/reposync/autosyncer.pp
+++ b/site/profiles/manifests/reposync/autosyncer.pp
@@ -1,5 +1,7 @@
 # setup the autosyncer
-class profiles::reposync::autosyncer {
+class profiles::reposync::autosyncer (
+  Stdlib::Absolutepath $basepath = '/data/repos',
+) {
 
   # Ensure the autosyncer script is present and executable
   file { '/usr/local/bin/autosyncer':
diff --git a/site/profiles/templates/reposync/autosyncer.erb b/site/profiles/templates/reposync/autosyncer.erb
index 9c3caed..cd6c963 100644
--- a/site/profiles/templates/reposync/autosyncer.erb
+++ b/site/profiles/templates/reposync/autosyncer.erb
@@ -88,4 +88,7 @@ for conf in /etc/reposync/conf.d/*.conf; do
   # After syncing each repo, fix the repository metadata
   create_repo_metadata "${snap_path}"
 
+  # Update selinux
+  restorecon <%= @basepath %>
+
 done