added statuscgi_pol

manifests/params.pp

@@ -339,6 +339,7 @@ $ng_htpasswd_file = "${ng_main_dir}/passwd"
 $ng_htpasswd_head = 'cd_nagios/nagios/htpasswd_head.erb'
 $ng_htpasswd_rule = 'cd_nagios/nagios/htpasswd_rule.erb'
 $ng_taccgi_erb    = 'cd_nagios/selinux/taccgi.erb'
+$ng_statcgi_erb   = 'cd_nagios/selinux/statuscgi.erb'
 
 # includes must be last
 

manifests/selinux/config.pp

@@ -27,7 +27,7 @@ class cd_nagios::selinux::config (
 
   if $ng_use_selinux_tools == true {
 
-    # sealert 093d6a07-03f5-4457-abaa-e6592fb01e05
+    # sealert tac-cgi
     exec { 'create_policy_taccgi':
       command     =>  template($ng_taccgi_erb),
       path        =>  ['/usr/bin','/usr/sbin'],
@@ -43,5 +43,23 @@ class cd_nagios::selinux::config (
       require     =>  Exec['create_policy_taccgi'],
       refreshonly => true,
     }
+
+    # sealert status.cgi
+
+    exec { 'create_policy_statuscgi':
+      command     =>  template($ng_statcgi_erb),
+      path        =>  ['/usr/bin','/usr/sbin'],
+      cwd         =>  '/tmp',
+      creates     =>  '/tmp/my-statuscgi.pp',
+      notify      =>  Exec['semodule_taccgi'],
+    }
+
+    exec { 'semodule_statuscgi':
+      command     =>  'semodule -i my-statuscgi.pp',
+      path        =>  ['/usr/bin','/usr/sbin'],
+      cwd         =>  '/tmp',
+      require     =>  Exec['create_policy_statuscgi'],
+      refreshonly => true,
+    }
   }
 }