diff options
author | Ville Skyttä <ville.skytta@iki.fi> | 2010-04-25 21:59:13 +0300 |
---|---|---|
committer | Ville Skyttä <ville.skytta@iki.fi> | 2010-04-26 18:56:33 +0300 |
commit | c1d13d46cb396bc0b1ae2dd20d0b076a0ff95e30 (patch) | |
tree | 1375c97bfc120ec0685e8b538842124b77fc0866 | |
parent | f069790bf1c182e72f29fdc63d0efc62e6ec9d68 (diff) | |
download | mock-c1d13d46cb396bc0b1ae2dd20d0b076a0ff95e30.tar.gz mock-c1d13d46cb396bc0b1ae2dd20d0b076a0ff95e30.tar.xz mock-c1d13d46cb396bc0b1ae2dd20d0b076a0ff95e30.zip |
Check SELinux state from /selinux/enforce instead of /usr/sbin/getenforce.
Cleans up an error message when getenforce is not installed, and fixes wrong
outcome from selinuxEnabled() when SELinux is additionally disabled.
-rw-r--r-- | py/mock/util.py | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/py/mock/util.py b/py/mock/util.py index 3322cd5..764ed04 100644 --- a/py/mock/util.py +++ b/py/mock/util.py @@ -263,14 +263,13 @@ def logOutput(fds, logger, returnOutput=1, start=0, timeout=0): decorate(traceLog()) def selinuxEnabled(): - p = subprocess.Popen(["/usr/sbin/getenforce"], - shell=True, - stdout=subprocess.PIPE, - close_fds=True) - p.wait() - if p.stdout.read().strip() == "Disabled": - return False - return True + """Check if SELinux is enabled (enforcing or permissive).""" + try: + if open("/selinux/enforce").read().strip() in ("1", "0"): + return True + except: + pass + return False # logger = # output = [1|0] |