Use selinux python module to get enforcing mode
No need to call getenforce via subprocess.
This commit is contained in:
parent
dd7536a711
commit
bad0b469a5
32
lorax.spec
32
lorax.spec
@ -11,24 +11,26 @@ URL: http://git.fedorahosted.org/git/?p=lorax.git
|
||||
Source0: https://fedorahosted.org/releases/l/o/%{name}/%{name}-%{version}.tar.gz
|
||||
|
||||
BuildRequires: python2-devel
|
||||
Requires: python-mako
|
||||
Requires: gawk
|
||||
Requires: glibc-common
|
||||
Requires: cpio
|
||||
Requires: module-init-tools
|
||||
Requires: device-mapper
|
||||
Requires: findutils
|
||||
|
||||
Requires: GConf2
|
||||
Requires: isomd5sum
|
||||
Requires: glibc
|
||||
Requires: util-linux
|
||||
Requires: cpio
|
||||
Requires: device-mapper
|
||||
Requires: dosfstools
|
||||
Requires: genisoimage
|
||||
Requires: parted
|
||||
Requires: gzip
|
||||
Requires: xz
|
||||
Requires: squashfs-tools >= 4.2
|
||||
Requires: e2fsprogs
|
||||
Requires: findutils
|
||||
Requires: gawk
|
||||
Requires: genisoimage
|
||||
Requires: glibc
|
||||
Requires: glibc-common
|
||||
Requires: gzip
|
||||
Requires: isomd5sum
|
||||
Requires: libselinux-python
|
||||
Requires: module-init-tools
|
||||
Requires: parted
|
||||
Requires: python-mako
|
||||
Requires: squashfs-tools >= 4.2
|
||||
Requires: util-linux
|
||||
Requires: xz
|
||||
Requires: yum
|
||||
|
||||
%ifarch %{ix86} x86_64
|
||||
|
@ -36,6 +36,7 @@ import ConfigParser
|
||||
import tempfile
|
||||
import locale
|
||||
import subprocess
|
||||
import selinux
|
||||
|
||||
from base import BaseLoraxClass, DataHolder
|
||||
import output
|
||||
@ -170,14 +171,9 @@ class Lorax(BaseLoraxClass):
|
||||
|
||||
# is selinux disabled?
|
||||
logger.info("checking the selinux mode")
|
||||
try:
|
||||
seoutput = subprocess.check_output("/sbin/getenforce").strip()
|
||||
except subprocess.CalledProcessError:
|
||||
logger.error("could not get the selinux mode")
|
||||
else:
|
||||
if seoutput == "Enforcing":
|
||||
logger.critical("selinux must be disabled or in Permissive mode")
|
||||
sys.exit(1)
|
||||
if selinux.security_getenforce():
|
||||
logger.critical("selinux must be disabled or in Permissive mode")
|
||||
sys.exit(1)
|
||||
|
||||
# do we have a proper yum base object?
|
||||
logger.info("checking yum base object")
|
||||
|
Loading…
Reference in New Issue
Block a user