40 lines
1.4 KiB
Python
40 lines
1.4 KiB
Python
#!/usr/bin/env python
|
|
#
|
|
# Author: Marius Pana <mp@spearhead.systems>
|
|
|
|
factory_settings["selinux_default_levels"] = {
|
|
"modedisabled" : 0,
|
|
"curmodepermissive" : 1,
|
|
"filemodepermissive" : 2,
|
|
}
|
|
|
|
def inventory_selinux(info):
|
|
inventory = []
|
|
for line in info:
|
|
# inventory.append( (line[0], "selinux_default_levels") )
|
|
yield line[0], selinux_default_levels
|
|
# return inventory
|
|
|
|
def check_selinux(item, params, info):
|
|
for line in info:
|
|
state = 0
|
|
if line[0] == 'disabled':
|
|
state = params["modedisabled"]
|
|
return (state, "SELinux is disabled")
|
|
elif line[0] == 'enabled' and line[1] == "permissive" and line[2] == "enforcing":
|
|
state = params["curmodepermissive"]
|
|
return (state, "SELinux is in permissive mode but config file is enfocring.")
|
|
elif line[2] == "permissive":
|
|
state = params["filemodepermissive"]
|
|
return (state, "SELinux is in permissive mode.")
|
|
else:
|
|
return(3, "SELinux not found in agent output")
|
|
|
|
check_info["selinux"] = {
|
|
"inventory_function" : inventory_selinux,
|
|
"check_function" : check_selinux,
|
|
"has_perfdata" : False,
|
|
"service_description" : "SELinux status",
|
|
"default_levels_variable" : "selinux_default_levels",
|
|
'group': 'selinux',
|
|
} |