module Chef::Util::Selinux

IMPORTANT: We assume that selinux utilities are installed on an selinux enabled server. Provisioning an selinux enabled server without selinux utilities is not supported.

Public Instance Methods

restore_security_context(file_path, recursive = false) click to toggle source
# File lib/chef/util/selinux.rb, line 49
def restore_security_context(file_path, recursive = false)
  if restorecon_path
    restorecon_flags = [ "-R" ]
    restorecon_flags << "-r" if recursive
    restorecon_flags << file_path
    Chef::Log.trace("Restoring selinux security content with #{restorecon_path}")
    shell_out_compact!(restorecon_path, restorecon_flags)
  else
    Chef::Log.warn "Can not find 'restorecon' on the system. Skipping selinux security context restore."
  end
end
selinux_enabled?() click to toggle source
# File lib/chef/util/selinux.rb, line 44
def selinux_enabled?
  @@selinux_enabled = check_selinux_enabled? if @@selinux_enabled.nil?
  @@selinux_enabled
end

Private Instance Methods

check_selinux_enabled?() click to toggle source
# File lib/chef/util/selinux.rb, line 73
def check_selinux_enabled?
  if selinuxenabled_path
    cmd = shell_out!(selinuxenabled_path, :returns => [0, 1])
    case cmd.exitstatus
    when 1
      return false
    when 0
      return true
    else
      raise "Unknown exit code from command #{selinuxenabled_path}: #{cmd.exitstatus}"
    end
  else
    # We assume selinux is not enabled if selinux utils are not
    # installed.
    false
  end
end
restorecon_path() click to toggle source
# File lib/chef/util/selinux.rb, line 63
def restorecon_path
  @@restorecon_path = which("restorecon") if @@restorecon_path.nil?
  @@restorecon_path
end
selinuxenabled_path() click to toggle source
# File lib/chef/util/selinux.rb, line 68
def selinuxenabled_path
  @@selinuxenabled_path = which("selinuxenabled") if @@selinuxenabled_path.nil?
  @@selinuxenabled_path
end