diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2008-05-12 17:20:22 -0400 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2008-05-12 17:20:22 -0400 |
commit | 6cc83a05f80d7f3c703aa8743ccacab2aa2ac86d (patch) | |
tree | 8f7762ceaa5d73e5be9eb5d4899c68156780b85d | |
parent | 044efca218e1a05206fa659bb6a15597cb074bd9 (diff) | |
download | third_party-cobbler-6cc83a05f80d7f3c703aa8743ccacab2aa2ac86d.tar.gz third_party-cobbler-6cc83a05f80d7f3c703aa8743ccacab2aa2ac86d.tar.xz third_party-cobbler-6cc83a05f80d7f3c703aa8743ccacab2aa2ac86d.zip |
Added code to cobbler check to look for httpd_can_network_connect boolean if SELinux is enabled.
-rw-r--r-- | CHANGELOG | 1 | ||||
-rw-r--r-- | cobbler/action_check.py | 14 |
2 files changed, 15 insertions, 0 deletions
@@ -6,6 +6,7 @@ Cobbler CHANGELOG - doc upgrades and error handling for "cobbler replicate" - improved error message that occurs when copying from nfs w/ rootsquash - mac duplication checking improvements for CLI +- add warning to cobbler check if selinux is on and Apache boolean not set - Fri May 09 2008 - 0.9.1 - patch to allow yumopts to override gpgcheck diff --git a/cobbler/action_check.py b/cobbler/action_check.py index 9fe0543..29b39be 100644 --- a/cobbler/action_check.py +++ b/cobbler/action_check.py @@ -36,6 +36,7 @@ class BootCheck: """ status = [] self.check_name(status) + self.check_selinux(status) if self.settings.manage_dhcp: mode = self.config.api.get_sync().dhcp.what() if mode == "isc": @@ -106,6 +107,19 @@ class BootCheck: if self.settings.next_server == "127.0.0.1": status.append(_("For PXE to be functional, the 'next_server' field in /var/lib/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.")) + def check_selinux(self,status): + prc = sub_process.Popen("/usr/sbin/getenforce",shell=True,stdout=sub_process.PIPE) + data = prc.communicate()[0] + if data.lower().find("disabled") == -1: + # permissive or enforcing or something else + prc2 = sub_process.Popen("/usr/sbin/getsebool -a",shell=True,stdout=sub_process.PIPE) + data2 = prc2.communicate()[0] + for line in data2.split("\n"): + if line.find("httpd_can_network_connect ") != -1: + if line.find("off") != -1: + status.append(_("Must enable selinux boolean to enable Apache and web services components, run: setsebool -P httpd_can_network_connect true")) + + def check_httpd(self,status): """ Check if Apache is installed. |