New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix SELinux check item #136

Merged
merged 3 commits into from Jun 6, 2013

Conversation

Projects
None yet
2 participants
@youyo
Copy link

youyo commented Jun 6, 2013

  • Add check the /etc/selinux/config
@@ -19,7 +19,7 @@ def check_iptables_rule rule, table=nil, chain=nil
end

def check_selinux mode
"getenforce | grep -i -- #{escape(mode)}"
"getenforce | grep -i -- #{escape(mode)} && cat /etc/selinux/config |grep -i -- #{escape(mode)}"

This comment has been minimized.

@mizzy

mizzy Jun 6, 2013

Owner

If /etc/selinux/config content is like below, grep -i -- enforcing will return 0.

# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
#       enforcing - SELinux security policy is enforced.
#       permissive - SELinux prints warnings instead of enforcing.
#       disabled - SELinux is fully disabled.
SELINUX=disabled
# SELINUXTYPE= type of policy in use. Possible values are:
#       targeted - Only targeted network daemons are protected.
#       strict - Full SELinux protection.
SELINUXTYPE=targeted

So grep -i -- SELINUX=#{escape(mode)} would be better.

@mizzy

This comment has been minimized.

Copy link
Owner

mizzy commented Jun 6, 2013

Tests are failing. So please fix test code, too.

@youyo

This comment has been minimized.

Copy link

youyo commented Jun 6, 2013

grep -i -- SELINUX=#{escape(mode)} is good more!
Should I re-pull request would you like?
I do not understand well the github...

@mizzy

This comment has been minimized.

Copy link
Owner

mizzy commented Jun 6, 2013

Only you have to do is fixing code and push it again.

You don't need to send a pull request again.

Thanks.

@youyo

This comment has been minimized.

Copy link

youyo commented Jun 6, 2013

I understand!
Thank you!

youyo
@youyo

This comment has been minimized.

Copy link

youyo commented Jun 6, 2013

That's right.
Fixed.

@mizzy

This comment has been minimized.

Copy link
Owner

mizzy commented Jun 6, 2013

LGTM.Thanks!

mizzy added a commit that referenced this pull request Jun 6, 2013

Merge pull request #136 from youyo/master
Fix SELinux check item

@mizzy mizzy merged commit 910dcc8 into mizzy:master Jun 6, 2013

1 check passed

default The Travis CI build passed
Details
@mizzy

This comment has been minimized.

Copy link
Owner

mizzy commented Jun 6, 2013

Merged and released as v0.5.1.Thanks a lot!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment