1. Added tested 2. Refactored to use F:U:R.exec 3. Chomp trailing newline
Signed-off-by: James Turnbull <[email protected]> --- Local-branch: tickets/master/5485 lib/facter/selinux.rb | 11 +++++++---- spec/unit/data/selinux_sestatus | 4 ++++ spec/unit/selinux_spec.rb | 15 +++++++++++++-- 3 files changed, 24 insertions(+), 6 deletions(-) create mode 100644 spec/unit/data/selinux_sestatus diff --git a/lib/facter/selinux.rb b/lib/facter/selinux.rb index 0e9637d..ee663a0 100644 --- a/lib/facter/selinux.rb +++ b/lib/facter/selinux.rb @@ -4,7 +4,7 @@ Facter.add("selinux") do confine :kernel => :linux - setcode do + setcode do result = "false" if FileTest.exists?("/selinux/enforce") if FileTest.exists?("/proc/self/attr/current") @@ -31,7 +31,7 @@ end Facter.add("selinux_policyversion") do confine :selinux => :true - setcode do + setcode do File.read("/selinux/policyvers") end end @@ -39,7 +39,10 @@ end Facter.add("selinux_mode") do confine :selinux => :true setcode do - %x{/usr/sbin/sestatus | /bin/grep "Policy from config file:" | awk '{print $5}'} + mode = Facter::Util::Resolution.exec('/usr/sbin/sestatus') + mode.each_line do |l| + mode = $1 if l =~ /^Current Mode:\s+(\w+)$/ + end + mode.chomp end end - diff --git a/spec/unit/data/selinux_sestatus b/spec/unit/data/selinux_sestatus new file mode 100644 index 0000000..b16777f --- /dev/null +++ b/spec/unit/data/selinux_sestatus @@ -0,0 +1,4 @@ +SELinux status: enabled +SELinuxfs mount: /selinux +Current Mode: permissive +Policy version: 16 diff --git a/spec/unit/selinux_spec.rb b/spec/unit/selinux_spec.rb index 43fd5bf..2af9583 100755 --- a/spec/unit/selinux_spec.rb +++ b/spec/unit/selinux_spec.rb @@ -31,11 +31,11 @@ describe "SELinux facts" do File.stubs(:read).with("/selinux/enforce").returns("0") FileTest.expects(:exists?).with("/selinux/enforce").returns true - File.expects(:read).with("/selinux/enforce").returns("1") + File.expects(:read).with("/selinux/enforce").returns("1") Facter.fact(:selinux_enforced).value.should == "true" end - + it "should return an SELinux policy version" do Facter.fact(:selinux).stubs(:value).returns("true") @@ -45,4 +45,15 @@ describe "SELinux facts" do Facter.fact(:selinux_policyversion).value.should == "1" end + + it "should return the SELinux policy mode" do + Facter.fact(:selinux).stubs(:value).returns("true") + + sample_output_file = File.dirname(__FILE__) + '/data/selinux_sestatus' + selinux_sestatus = File.read(sample_output_file) + + Facter::Util::Resolution.stubs(:exec).with('/usr/sbin/sestatus').returns(selinux_sestatus) + + Facter.fact(:selinux_mode).value.should == "permissive" + end end -- 1.7.1 -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
