diff options
| author | James Turnbull <james@lovedthanlost.net> | 2011-03-07 20:25:14 +1100 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2011-03-09 11:55:21 +1100 |
| commit | 214da73ac765dbff83831b2674d304046bbd3749 (patch) | |
| tree | 6dd8bf976c37483ddd4c856417103c38a936b4e3 | |
| parent | fd38ce08cdcd8b3357400787089c34b1b61d4551 (diff) | |
| download | facter-214da73ac765dbff83831b2674d304046bbd3749.tar.gz facter-214da73ac765dbff83831b2674d304046bbd3749.tar.xz facter-214da73ac765dbff83831b2674d304046bbd3749.zip | |
Fixed #5485 - Updated selinux_mode fact
1. Added tested
2. Refactored to use F:U:R.exec
3. Chomp trailing newline
| -rw-r--r-- | lib/facter/selinux.rb | 11 | ||||
| -rw-r--r-- | spec/unit/data/selinux_sestatus | 4 | ||||
| -rwxr-xr-x | spec/unit/selinux_spec.rb | 15 |
3 files changed, 24 insertions, 6 deletions
diff --git a/lib/facter/selinux.rb b/lib/facter/selinux.rb index 0e9637d..ee663a0 100644 --- a/lib/facter/selinux.rb +++ b/lib/facter/selinux.rb @@ -4,7 +4,7 @@ Facter.add("selinux") do confine :kernel => :linux - setcode do + setcode do result = "false" if FileTest.exists?("/selinux/enforce") if FileTest.exists?("/proc/self/attr/current") @@ -31,7 +31,7 @@ end Facter.add("selinux_policyversion") do confine :selinux => :true - setcode do + setcode do File.read("/selinux/policyvers") end end @@ -39,7 +39,10 @@ end Facter.add("selinux_mode") do confine :selinux => :true setcode do - %x{/usr/sbin/sestatus | /bin/grep "Policy from config file:" | awk '{print $5}'} + mode = Facter::Util::Resolution.exec('/usr/sbin/sestatus') + mode.each_line do |l| + mode = $1 if l =~ /^Current Mode:\s+(\w+)$/ + end + mode.chomp end end - diff --git a/spec/unit/data/selinux_sestatus b/spec/unit/data/selinux_sestatus new file mode 100644 index 0000000..b16777f --- /dev/null +++ b/spec/unit/data/selinux_sestatus @@ -0,0 +1,4 @@ +SELinux status: enabled +SELinuxfs mount: /selinux +Current Mode: permissive +Policy version: 16 diff --git a/spec/unit/selinux_spec.rb b/spec/unit/selinux_spec.rb index 43fd5bf..2af9583 100755 --- a/spec/unit/selinux_spec.rb +++ b/spec/unit/selinux_spec.rb @@ -31,11 +31,11 @@ describe "SELinux facts" do File.stubs(:read).with("/selinux/enforce").returns("0") FileTest.expects(:exists?).with("/selinux/enforce").returns true - File.expects(:read).with("/selinux/enforce").returns("1") + File.expects(:read).with("/selinux/enforce").returns("1") Facter.fact(:selinux_enforced).value.should == "true" end - + it "should return an SELinux policy version" do Facter.fact(:selinux).stubs(:value).returns("true") @@ -45,4 +45,15 @@ describe "SELinux facts" do Facter.fact(:selinux_policyversion).value.should == "1" end + + it "should return the SELinux policy mode" do + Facter.fact(:selinux).stubs(:value).returns("true") + + sample_output_file = File.dirname(__FILE__) + '/data/selinux_sestatus' + selinux_sestatus = File.read(sample_output_file) + + Facter::Util::Resolution.stubs(:exec).with('/usr/sbin/sestatus').returns(selinux_sestatus) + + Facter.fact(:selinux_mode).value.should == "permissive" + end end |