geo-rep: Fix ssh issue in geo-rep

In geo-rep mountbroker setup, workers fails with
'Permission Denied' even though the public keys
are shared to all the slave nodes. The issue
is with selinux context not being set for .ssh
and .ssh/authorizedkeys. Doing restorecon on
these entries to set default selinux security
context fixes the issue.

Change-Id: I75e16d22f7a168de6c13b0c7571a7ab75761ae0d
BUG: 1235359
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-on: http://review.gluster.org/11383
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Aravinda VK <avishwan@redhat.com>
Reviewed-by: darshan n <dnarayan@redhat.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>

diff --git a/extras/peer_add_secret_pub.in b/extras/peer_add_secret_pub.in
index e3a9aa2a48b8fd4209110aeef1394fa192f6caca..c9674af353d68498ed8e4d83331cfbc9d54341fc 100644 (file)
--- a/extras/peer_add_secret_pub.in
+++ b/extras/peer_add_secret_pub.in
@@ -53,6 +53,13 @@ if [ ! -d $authorized_keys_file ]; then
     chown $user: $authorized_keys_file;
 fi
 
+# Restore SELinux security contexts. This is required
+# for passwdless SSH to work.
+
+if type restorecon >/dev/null 2>&1; then
+    restorecon -F $ssh_dir $authorized_keys_file;
+fi
+
 # Add to authorized_keys file only if not exists already
 while read line
 do