From 8fcca674bc3f1f21940bd9dea74578f0e1f6f5e8 Mon Sep 17 00:00:00 2001
From: Seth House <seth@eseth.com>
Date: Fri, 15 Nov 2013 12:40:20 -0700
Subject: [PATCH] Add prereq & wait to disable/reenable SELinux during package
 install

---
 mysql/server.sls | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/mysql/server.sls b/mysql/server.sls
index 839bf31..50995ab 100644
--- a/mysql/server.sls
+++ b/mysql/server.sls
@@ -23,3 +23,20 @@ my.cnf:
     - watch_in:
       - service: mysqld
 {% endif %}
+
+# Set SELinux to permissive mode while installing mysqld otherwise the
+# mysql user will not be created; restore enforcing when done.
+{% if (grains['os_family'] == 'RedHat'
+    and salt['cmd.run']("sestatus | awk '/Current mode/ { print $3 }'") == 'enforcing') %}
+selinux_permissive:
+  cmd.run:
+    - name: setenforce permissive
+    - prereq:
+      - pkg: mysqld
+
+selinux_enforcing:
+  cmd.wait:
+    - name: setenforce enforcing
+    - watch_in:
+      - pkg: mysqld
+{% endif %}