diff --git a/agents/plugins/selinux b/agents/plugins/selinux new file mode 100644 index 0000000..f94e08c --- /dev/null +++ b/agents/plugins/selinux @@ -0,0 +1,44 @@ +#!/bin/bash +# +------------------------------------------------------------------+ +# | ____ _ _ __ __ _ __ | +# | / ___| |__ ___ ___| | __ | \/ | |/ / | +# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / | +# | | |___| | | | __/ (__| < | | | | . \ | +# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ | +# | | +# | Copyright Mathias Kettner 2014 mk@mathias-kettner.de | +# +------------------------------------------------------------------+ +# +# This file is part of Check_MK. +# The official homepage is at http://mathias-kettner.de/check_mk. +# +# check_mk is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation in version 2. check_mk is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with- +# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. See the GNU General Public License for more de- +# tails. You should have received a copy of the GNU General Public +# License along with GNU Make; see the file COPYING. If not, write +# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, +# Boston, MA 02110-1301 USA. + +# Check SELinux status + +# SELinux has three modes: +# - permissive +# - enforcing +# - disabled + +# we are not looking at SELINUXPOLICY - although it may be of interest +# in the future + +if command sestatus > /dev/null ; then + # Selinux status + echo '<<>>' + sestatus | grep "SELinux status:" | awk '{print $3}' + # the current mode + sestatus | grep "Current mode:" | awk '{print $3}' + # the mode from file + sestatus | grep "Mode from config file:" | awk '{print $5}' +fi