Class: Inspec::Resources::Selinux

Inherits:
Object
  • Object
show all
Defined in:
lib/inspec/resources/selinux.rb

Instance Method Summary collapse

Constructor Details

#initialize(selinux_path = "/etc/selinux/config") ⇒ Selinux

Returns a new instance of Selinux.



85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/inspec/resources/selinux.rb', line 85

def initialize(selinux_path = "/etc/selinux/config")
  @path = selinux_path
  cmd = inspec.command("sestatus")

  if cmd.exit_status != 0
    # `sestatus` command not found error message comes in stdout so handling both here
    out = cmd.stdout + "\n" + cmd.stderr
    return skip_resource "Skipping resource: #{out}"
  end

  result = cmd.stdout.delete(" ").gsub(/\n/, ",").gsub(/\r/, "").downcase
  @data = Hash[result.scan(/([^:]+):([^,]+)[,$]/)]
end

Instance Method Details

#booleansObject 



123
124
125
 
# File 'lib/inspec/resources/selinux.rb', line 123

def booleans
  SelinuxBooleanFilter.new(parse_booleans)
end

#disabled?Boolean

Returns:

  • (Boolean) 


103
104
105
 
# File 'lib/inspec/resources/selinux.rb', line 103

def disabled?
  @data["selinuxstatus"] == "disabled"
end

#enforcing?Boolean

Returns:

  • (Boolean) 


107
108
109
 
# File 'lib/inspec/resources/selinux.rb', line 107

def enforcing?
  @data["currentmode"] == "enforcing"
end

#installed?Boolean

Returns:

  • (Boolean) 


99
100
101
 
# File 'lib/inspec/resources/selinux.rb', line 99

def installed?
  inspec.file(@path).exist?
end

#modulesObject 



119
120
121
 
# File 'lib/inspec/resources/selinux.rb', line 119

def modules
  SelinuxModuleFilter.new(parse_modules)
end

#permissive?Boolean

Returns:

  • (Boolean) 


111
112
113
 
# File 'lib/inspec/resources/selinux.rb', line 111

def permissive?
  @data["currentmode"] == "permissive"
end

#policyObject 



115
116
117
 
# File 'lib/inspec/resources/selinux.rb', line 115

def policy
  @data["loadedpolicyname"]
end

#to_sObject 



127
128
129
 
# File 'lib/inspec/resources/selinux.rb', line 127

def to_s
  "SELinux"
end