#!/usr/bin/env python # # Author: Marius Pana factory_settings["selinux_default_levels"] = { "modedisabled" : 2, "curmodepermissive" : 1, "filemodepermissive" : 2, } def inventory_selinux(info): inventory = [] for line in info: yield None, {} def check_selinux(item, params, info): for line in info: state = 0 if line[0] == 'disabled': state = params["modedisabled"] return (state, "SELinux is disabled") elif line[1] == "enforcing" and line[2] == "enforcing": return(state, "SELinux is enabled and enforcing.") elif line[1] == "enforcing" and line[2] == "permissive": return(state, "SELinux is enforcing but config file is in permissive mode.") elif line[1] == "permissive" and line[2] == "enforcing": state = params["curmodepermissive"] return (state, "SELinux is in permissive mode but config file is enforcing.") elif line[2] == "permissive": state = params["filemodepermissive"] return (state, "SELinux is in permissive mode.") else: return(3, "SELinux not found in agent output") check_info["selinux"] = { "inventory_function" : inventory_selinux, "check_function" : check_selinux, "has_perfdata" : False, "service_description" : "SELinux state", "default_levels_variable" : "selinux_default_levels", 'group': 'selinux', }