Sha256: fd7edfbdb278544fe6177d0da76e516f3bb53fcfdaff9974d589844b76ab4b49
Contents?: true
Size: 1.93 KB
Versions: 3
Compression:
Stored size: 1.93 KB
Contents
# frozen_string_literal: true
module Facter
module Resolvers
class SELinux < BaseResolver
init_resolver
class << self
private
def post_resolve(fact_name, _options)
@fact_list.fetch(fact_name) { retrieve_facts(fact_name) }
end
def retrieve_facts(fact_name)
mountpoint = read_mounts_file if @fact_list[:enabled].nil?
read_other_selinux_facts(mountpoint) if @fact_list[:enabled]
@fact_list[fact_name]
end
def read_mounts_file
output = Facter::Core::Execution.execute('cat /proc/self/mounts', logger: log)
@fact_list[:enabled] = false
mountpoint = ''
output.each_line do |line|
next unless line =~ /selinuxfs/
@fact_list[:enabled] = true
mountpoint = line.split("\s")[1]
break
end
mountpoint
end
def read_other_selinux_facts(mountpoint)
return unless read_selinux_config
enforce_file = "#{mountpoint}/enforce"
policy_file = "#{mountpoint}/policyvers"
@fact_list[:policy_version] = Facter::Util::FileHelper.safe_read(policy_file, nil)
enforce = Facter::Util::FileHelper.safe_read(enforce_file)
if enforce.eql?('1')
@fact_list[:enforced] = true
@fact_list[:current_mode] = 'enforcing'
else
@fact_list[:enforced] = false
@fact_list[:current_mode] = 'permissive'
end
end
def read_selinux_config
file_lines = Facter::Util::FileHelper.safe_readlines('/etc/selinux/config')
file_lines.map do |line|
@fact_list[:config_mode] = line.split('=').last.strip if line =~ /^SELINUX=/
@fact_list[:config_policy] = line.split('=').last.strip if line =~ /^SELINUXTYPE=/
end
true unless file_lines.empty?
end
end
end
end
end
Version data entries
3 entries across 3 versions & 1 rubygems
| Version | Path |
|---|---|
| facter-4.0.52 | lib/facter/resolvers/selinux.rb |
| facter-4.0.51 | lib/facter/resolvers/selinux.rb |
| facter-4.0.50 | lib/facter/resolvers/selinux.rb |