#!/usr/bin/env python
#
# Author: Marius Pana <mp@spearhead.systems>

factory_settings["selinux_default_levels"] = {
    "modedisabled" : 0,
    "curmodepermissive" : 1,
    "filemodepermissive" : 2,
}

def inventory_selinux(info):
    inventory = []
    for line in info:
        # inventory.append( (line[0], "selinux_default_levels") )
        yield line[0], selinux_default_levels
    # return inventory

def check_selinux(item, params, info):
    for line in info:
        state = 0
        if line[0] == 'disabled':
            state = params["modedisabled"]
            return (state, "SELinux is disabled")
        elif line[0] == 'enabled' and line[1] == "permissive" and line[2] == "enforcing":
            state = params["curmodepermissive"]
            return (state, "SELinux is in permissive mode but config file is enfocring.")
        elif line[2] == "permissive":
            state = params["filemodepermissive"]
            return (state, "SELinux is in permissive mode.")
        else:
            return(3, "SELinux not found in agent output")

check_info["selinux"] = {
    "inventory_function"        : inventory_selinux,
    "check_function"            : check_selinux,
    "has_perfdata"              : False,
    "service_description"       : "SELinux status",
    "default_levels_variable"   : "selinux_default_levels",
    'group':                    'selinux',
}