diff options
-rw-r--r-- | ipaplatform/fedora/tasks.py | 62 | ||||
-rw-r--r-- | ipapython/platform/redhat/__init__.py | 44 |
2 files changed, 59 insertions, 47 deletions
diff --git a/ipaplatform/fedora/tasks.py b/ipaplatform/fedora/tasks.py index 48a4ca70e..841b3d4e0 100644 --- a/ipaplatform/fedora/tasks.py +++ b/ipaplatform/fedora/tasks.py @@ -1,7 +1,8 @@ -# Authors: -# Tomas Babej <tbabej@redhat.com> +# Authors: Simo Sorce <ssorce@redhat.com> +# Alexander Bokovoy <abokovoy@redhat.com> +# Tomas Babej <tbabej@redhat.com> # -# Copyright (C) 2014 Red Hat +# Copyright (C) 2007-2014 Red Hat # see file 'COPYING' for use and warranty information # # This program is free software; you can redistribute it and/or modify @@ -20,3 +21,58 @@ ''' This module contains default Fedora-specific implementations of system tasks. ''' + +import os +import ipautil + +from ipaplatform.base.tasks import * + + +def restore_context(filepath, restorecon='/sbin/restorecon'): + """ + restore security context on the file path + SELinux equivalent is /path/to/restorecon <filepath> + + restorecon's return values are not reliable so we have to + ignore them (BZ #739604). + + ipautil.run() will do the logging. + """ + try: + if os.path.exists('/usr/sbin/selinuxenabled'): + ipautil.run(["/usr/sbin/selinuxenabled"]) + else: + # No selinuxenabled, no SELinux + return + except ipautil.CalledProcessError: + # selinuxenabled returns 1 if not enabled + return + + if (os.path.exists(restorecon)): + ipautil.run([restorecon, filepath], raiseonerr=False) + + +def check_selinux_status(restorecon='/sbin/restorecon'): + """ + We don't have a specific package requirement for policycoreutils + which provides restorecon. This is because we don't require + SELinux on client installs. However if SELinux is enabled then + this package is required. + + This function returns nothing but may raise a Runtime exception + if SELinux is enabled but restorecon is not available. + """ + try: + if os.path.exists('/usr/sbin/selinuxenabled'): + ipautil.run(["/usr/sbin/selinuxenabled"]) + else: + # No selinuxenabled, no SELinux + return + except ipautil.CalledProcessError: + # selinuxenabled returns 1 if not enabled + return + + if not os.path.exists(restorecon): + raise RuntimeError('SELinux is enabled but %s does not exist.\n' + 'Install the policycoreutils package and start the ' + 'installation again.' % restorecon) diff --git a/ipapython/platform/redhat/__init__.py b/ipapython/platform/redhat/__init__.py index cd7b105bb..fda7ade9c 100644 --- a/ipapython/platform/redhat/__init__.py +++ b/ipapython/platform/redhat/__init__.py @@ -58,28 +58,6 @@ authconfig = RedHatAuthConfig service = redhat_service knownservices = RedHatServices() -def restore_context(filepath, restorecon='/sbin/restorecon'): - """ - restore security context on the file path - SELinux equivalent is /path/to/restorecon <filepath> - - restorecon's return values are not reliable so we have to - ignore them (BZ #739604). - - ipautil.run() will do the logging. - """ - try: - if (os.path.exists('/usr/sbin/selinuxenabled')): - ipautil.run(["/usr/sbin/selinuxenabled"]) - else: - # No selinuxenabled, no SELinux - return - except ipautil.CalledProcessError: - # selinuxenabled returns 1 if not enabled - return - - if (os.path.exists(restorecon)): - ipautil.run([restorecon, filepath], raiseonerr=False) def backup_and_replace_hostname(fstore, statestore, hostname): old_hostname = socket.gethostname() @@ -105,28 +83,6 @@ def backup_and_replace_hostname(fstore, statestore, hostname): else: statestore.backup_state('network', 'hostname', old_hostname) -def check_selinux_status(restorecon='/sbin/restorecon'): - """ - We don't have a specific package requirement for policycoreutils - which provides restorecon. This is because we don't require - SELinux on client installs. However if SELinux is enabled then - this package is required. - - This function returns nothing but may raise a Runtime exception - if SELinux is enabled but restorecon is not available. - """ - try: - if (os.path.exists('/usr/sbin/selinuxenabled')): - ipautil.run(["/usr/sbin/selinuxenabled"]) - else: - # No selinuxenabled, no SELinux - return - except ipautil.CalledProcessError: - # selinuxenabled returns 1 if not enabled - return - - if not os.path.exists(restorecon): - raise RuntimeError('SELinux is enabled but %s does not exist.\nInstall the policycoreutils package and start the installation again.' % restorecon) def restore_network_configuration(fstore, statestore): filepath = '/etc/sysconfig/network' |