check_mk-check-selinux/checks/selinux

29 lines
994 B
Plaintext
Raw Normal View History

2018-06-11 18:05:21 +03:00
#!/bin/bash
2024-01-12 15:32:52 +02:00
# -*- encoding: utf-8; py-indent-offset: 4 -*-
# 2024 Marius Pana <mp@spearhead.systems>
2018-06-11 18:05:21 +03:00
2024-01-12 15:32:52 +02:00
# Reason for this no-op: shellcheck disable=... before the first command disables the error for the
# entire script.
:
# SELinux status: enabled
# SELinuxfs mount: /sys/fs/selinux
# SELinux root directory: /etc/selinux
# Loaded policy name: targeted
# Current mode: permissive
# Mode from config file: permissive
# Policy MLS status: enabled
# Policy deny_unknown status: allowed
# Max kernel policy version: 31
2018-06-11 18:05:21 +03:00
if command sestatus > /dev/null ; then
# Selinux status
2018-06-12 09:35:31 +03:00
status=`sestatus | grep "SELinux status:" | awk '{print $3}'`
2018-06-11 18:05:21 +03:00
# the current mode
2018-06-12 09:35:31 +03:00
curmode=`sestatus | grep "Current mode:" | awk '{print $3}'`
2018-06-11 18:05:21 +03:00
# the mode from file
2018-06-12 09:35:31 +03:00
filemode=`sestatus | grep "Mode from config file:" | awk '{print $5}'`
echo '<<<selinux>>>'
echo $status $curmode $filemode
2018-06-11 18:05:21 +03:00
fi