diff options
author | Jan Cholasta <jcholast@redhat.com> | 2016-11-23 16:13:31 +0100 |
---|---|---|
committer | Martin Basti <mbasti@redhat.com> | 2016-11-29 14:50:51 +0100 |
commit | 75b70e3f0d52a9c98f443d3fc2f7cef92bdc7b1a (patch) | |
tree | b96ee0dcba2c031f1ac685e468e1d97183ffdade /ipaplatform/redhat/tasks.py | |
parent | d911f493482d29829199cce2f91f88a9b53369e1 (diff) | |
download | freeipa-75b70e3f0d52a9c98f443d3fc2f7cef92bdc7b1a.tar.gz freeipa-75b70e3f0d52a9c98f443d3fc2f7cef92bdc7b1a.tar.xz freeipa-75b70e3f0d52a9c98f443d3fc2f7cef92bdc7b1a.zip |
ipautil: move is_fips_enabled() to ipaplatform.tasks
The FIPS setting is platform-specific.
https://fedorahosted.org/freeipa/ticket/6474
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
Diffstat (limited to 'ipaplatform/redhat/tasks.py')
-rw-r--r-- | ipaplatform/redhat/tasks.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ipaplatform/redhat/tasks.py b/ipaplatform/redhat/tasks.py index 57e05e26f..9dd71b453 100644 --- a/ipaplatform/redhat/tasks.py +++ b/ipaplatform/redhat/tasks.py @@ -478,4 +478,23 @@ class RedHatTaskNamespace(BaseTaskNamespace): def set_hostname(self, hostname): ipautil.run([paths.BIN_HOSTNAMECTL, 'set-hostname', hostname]) + def is_fips_enabled(self): + """ + Checks whether this host is FIPS-enabled. + + Returns a boolean indicating if the host is FIPS-enabled, i.e. if the + file /proc/sys/crypto/fips_enabled contains a non-0 value. Otherwise, + or if the file /proc/sys/crypto/fips_enabled does not exist, + the function returns False. + """ + try: + with open(paths.PROC_FIPS_ENABLED, 'r') as f: + if f.read().strip() != '0': + return True + except IOError: + # Consider that the host is not fips-enabled if the file does not + # exist + pass + return False + tasks = RedHatTaskNamespace() |