diff options
-rw-r--r-- | installclass.py | 3 | ||||
-rw-r--r-- | kickstart.py | 18 | ||||
-rw-r--r-- | security.py | 7 |
3 files changed, 26 insertions, 2 deletions
diff --git a/installclass.py b/installclass.py index 06233b8ee..4c00ea836 100644 --- a/installclass.py +++ b/installclass.py @@ -339,6 +339,9 @@ class BaseInstallClass: def setDesktop(self, id, desktop): id.desktop.setDefaultDesktop (desktop) + def setSELinux(self, id, sel): + id.security.setSELinux(sel) + def setFirewall(self, id, enable = 1, trusts = [], ports = "", ssh = 0, telnet = 0, smtp = 0, http = 0, ftp = 0): id.firewall.enabled = enable diff --git a/kickstart.py b/kickstart.py index 7533dd13d..4050aa0b1 100644 --- a/kickstart.py +++ b/kickstart.py @@ -138,6 +138,24 @@ class KickstartBase(BaseInstallClass): self.setFirewall(id, enable, trusts, ports, ssh, telnet, smtp, http, ftp) + + def doSELinux(self, id, args): + (args, extra) = isys.getopt(args, '', + [ 'disabled', 'enforcing', + 'permissive' ] ) + + sel = 2 + + for n in args: + (str, arg) = n + if str == "--disabled": + sel = 0 + elif str == "--permissive": + sel = 1 + elif str == "--enforcing": + sel = 2 + + self.setSELinux(id, sel) def doAuthconfig(self, id, args): (args, extra) = isys.getopt(args, '', diff --git a/security.py b/security.py index d6b6e8760..7771dc70c 100644 --- a/security.py +++ b/security.py @@ -41,8 +41,11 @@ class Security: return self.selinux def writeKS(self, f): - # FIXME: we don't support setting this up via kickstart yet - pass + if not selinux_states.has_key(self.selinux): + log("ERROR: unknown selinux state: %s" %(self.selinux,)) + return + + f.write("selinux --%s\n" %(selinux_states[self.selinux],)) def write(self, instPath): args = [ "/usr/sbin/lokkit", "--quiet", "--nostart" ] |