Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add SELinux checks to debug script #1735

Merged
merged 6 commits into from Oct 30, 2017

Conversation

Projects
None yet
3 participants
@bcambl
Copy link
Member

bcambl commented Oct 13, 2017

By submitting this pull request, I confirm the following:

  • I have read and understood the contributors guide.
  • I have checked that another pull request for this purpose does not exist.
  • I have considered, and confirmed that this submission will be valuable to others.
  • I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
  • I give this submission freely, and claim no ownership to its content.

How familiar are you with the codebase?:
8


Add debug checks for both runtime and default SELinux states.

@bcambl bcambl force-pushed the bcambl:debug_selinux branch from 2fe3d80 to 1e6cc63 Oct 13, 2017

@pi-hole pi-hole deleted a comment from codacy-bot Oct 13, 2017

# Check if a SELinux configuration file exists
if [[ -f /etc/selinux/config ]]; then
# If a SELinux configuration file was found, check the default SELinux mode.
DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}')

This comment has been minimized.

@WaLLy3K

WaLLy3K Oct 13, 2017

Collaborator

As a personal preference, I'd suggest: awk -F= '/^SELINUX=/ {print tolower($2)}' /etc/selinux/config

This comment has been minimized.

@bcambl

bcambl Oct 13, 2017

Author Member

agreed.

DEFAULT_SELINUX=$(egrep -i '^SELINUX=' /etc/selinux/config | cut -d'=' -f2 | awk '{print tolower($0)}')
case $DEFAULT_SELINUX in
enforcing)
log_write "${CROSS} ${COL_LIGHT_RED}Default SELinux: $DEFAULT_SELINUX${COL_NC}"

This comment has been minimized.

@WaLLy3K

WaLLy3K Oct 13, 2017

Collaborator

${COL_LIGHT_RED} and ${COL_LIGHT_GREEN} are deprecated, so I'd recommend using ${COL_RED} and ${COL_GREEN} instead 😄

;;
esac
# Check the current state of SELinux
CURRENT_SELINUX=$(getenforce | awk '{print tolower($0)}')

This comment has been minimized.

@WaLLy3K

WaLLy3K Oct 13, 2017

Collaborator

You can use the ,, bashism to convert to lower case:

CURRENT_SELINUX=$(getenforce)
case "${CURRENT_SELINUX,,}"

bcambl added some commits Oct 13, 2017

replace deprecated colors in debug script
 - COL_LIGHT_GREEN  -> COL_GREEN
 - COL_LIGHT_RED    -> COL_RED
 - COL_LIGHT_PURPLE -> COL_PURPLE
;;
esac
else
log_write "${TICK} ${COL_GREEN}SELinux not Supported${COL_NC}";

This comment has been minimized.

@WaLLy3K

WaLLy3K Oct 13, 2017

Collaborator

This is the default message that everyone will see, and I think it could be worded a little better. Perhaps "SELinux not detected"?

@WaLLy3K
Copy link
Collaborator

WaLLy3K left a comment

LGTM.

remove un-used DONE variable
(still available via sourced COL_TABLE on line 29)

@pi-hole pi-hole deleted a comment from codacy-bot Oct 20, 2017

@WaLLy3K
Copy link
Collaborator

WaLLy3K left a comment

Re-approving.

@PromoFaux PromoFaux added this to the v3.2 milestone Oct 25, 2017

@PromoFaux

This comment has been minimized.

Copy link
Member

PromoFaux commented Oct 27, 2017

LGTM

@PromoFaux PromoFaux merged commit 5221767 into pi-hole:development Oct 30, 2017

4 checks passed

codacy/pr Good work! A positive pull request.
Details
code-review/pullapprove Approved by PromoFaux, WaLLy3K
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
license/cla Contributor License Agreement is signed.
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.