diff --git a/checks/selinux b/checks/selinux index 592db3c..05a73e9 100644 --- a/checks/selinux +++ b/checks/selinux @@ -19,9 +19,13 @@ def check_selinux(item, params, info): if line[0] == 'disabled': state = params["modedisabled"] return (state, "SELinux is disabled") - elif line[0] == 'enabled' and line[1] == "permissive" and line[2] == "enforcing": + elif line[1] == "enforcing" and line[2] == "enforcing": + return(state, "SELinux is enabled and enforcing.") + elif line[1] == "enforcing" and line[2] == "permissive": + return(state, "SELinux is enforcing but config file is in permissive mode.") + elif line[1] == "permissive" and line[2] == "enforcing": state = params["curmodepermissive"] - return (state, "SELinux is in permissive mode but config file is enfocring.") + return (state, "SELinux is in permissive mode but config file is enforcing.") elif line[2] == "permissive": state = params["filemodepermissive"] return (state, "SELinux is in permissive mode.")