From dc348fac25c68d1a0c2d6157dca8c13d4ce02627 Mon Sep 17 00:00:00 2001 From: "Brian C. Lane" Date: Thu, 26 Apr 2018 11:12:24 -0700 Subject: [PATCH] Check selinux state before creating output directory This closes issue #163 --- src/sbin/lorax | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/sbin/lorax b/src/sbin/lorax index 3c58be97..f3d0b8e9 100755 --- a/src/sbin/lorax +++ b/src/sbin/lorax @@ -34,6 +34,7 @@ import dnf.logging import librepo import pylorax from pylorax.cmdline import lorax_parser +import selinux def setup_logging(opts): pylorax.setup_logging(opts.logfile, log) @@ -71,6 +72,11 @@ def main(): setup_logging(opts) + log.info("checking the selinux mode") + if selinux.is_selinux_enabled() and selinux.security_getenforce(): + log.critical("selinux must be disabled or in Permissive mode") + sys.exit(1) + if not opts.workdir: tempfile.tempdir = opts.tmp