lib/specinfra/command/linux/base/selinux.rb in specinfra-2.66.2 vs lib/specinfra/command/linux/base/selinux.rb in specinfra-2.66.3
- old
+ new
@@ -1,13 +1,13 @@
class Specinfra::Command::Linux::Base::Selinux < Specinfra::Command::Base::Selinux
class << self
def check_has_mode(mode, policy = nil)
cmd = ""
- cmd += "test ! -f /etc/selinux/config || (" if mode == "disabled"
- cmd += "getenforce | grep -i -- #{escape(mode)}"
+ cmd += "test ! -f /etc/selinux/config || ( " if mode == "disabled"
+ cmd += "(getenforce | grep -i -- #{escape(mode)})"
+ cmd += " || (getenforce | grep -i -- #{escape('permissive')}) )" if mode == "disabled"
cmd += %Q{ && grep -iE -- '^\\s*SELINUX=#{escape(mode)}\\>' /etc/selinux/config}
cmd += %Q{ && grep -iE -- '^\\s*SELINUXTYPE=#{escape(policy)}\\>' /etc/selinux/config} if policy != nil
- cmd += ")" if mode == "disabled"
cmd
end
end
end