Use selinux python module to get enforcing mode

No need to call getenforce via subprocess.
2012-06-01 08:42:13 +02:00 · 2012-06-01 08:42:13 +02:00 · bad0b469a5
parent dd7536a711
commit bad0b469a5
2 changed files with 21 additions and 23 deletions
--- a/lorax.spec
+++ b/lorax.spec
@ -11,24 +11,26 @@ URL:            http://git.fedorahosted.org/git/?p=lorax.git
 Source0:        https://fedorahosted.org/releases/l/o/%{name}/%{name}-%{version}.tar.gz

 BuildRequires:  python2-devel
-Requires:       python-mako
-Requires:       gawk
-Requires:       glibc-common
-Requires:       cpio
-Requires:       module-init-tools
-Requires:       device-mapper
-Requires:       findutils
+
 Requires:       GConf2
-Requires:       isomd5sum
-Requires:       glibc
-Requires:       util-linux
+Requires:       cpio
+Requires:       device-mapper
 Requires:       dosfstools
-Requires:       genisoimage
-Requires:       parted
-Requires:       gzip
-Requires:       xz
-Requires:       squashfs-tools >= 4.2
 Requires:       e2fsprogs
+Requires:       findutils
+Requires:       gawk
+Requires:       genisoimage
+Requires:       glibc
+Requires:       glibc-common
+Requires:       gzip
+Requires:       isomd5sum
+Requires:       libselinux-python
+Requires:       module-init-tools
+Requires:       parted
+Requires:       python-mako
+Requires:       squashfs-tools >= 4.2
+Requires:       util-linux
+Requires:       xz
 Requires:       yum

 %ifarch %{ix86} x86_64
--- a/src/pylorax/init.py
+++ b/src/pylorax/init.py
@ -36,6 +36,7 @@ import ConfigParser
 import tempfile
 import locale
 import subprocess
+import selinux

 from base import BaseLoraxClass, DataHolder
 import output
@ -170,14 +171,9 @@ class Lorax(BaseLoraxClass):

        # is selinux disabled?
        logger.info("checking the selinux mode")
-        try:
-            seoutput = subprocess.check_output("/sbin/getenforce").strip()
-        except subprocess.CalledProcessError:
-            logger.error("could not get the selinux mode")
-        else:
-            if seoutput == "Enforcing":
-                logger.critical("selinux must be disabled or in Permissive mode")
-                sys.exit(1)
+        if selinux.security_getenforce():
+            logger.critical("selinux must be disabled or in Permissive mode")
+            sys.exit(1)

        # do we have a proper yum base object?
        logger.info("checking yum base object")