def process(self): self.produce(systemfacts.get_sysctls_status()) self.produce(systemfacts.get_active_kernel_modules_status(self.log)) self.produce(systemfacts.get_system_users_status()) self.produce(systemfacts.get_system_groups_status()) self.produce(systemfacts.get_repositories_status()) self.produce(systemfacts.get_selinux_status()) self.produce(systemfacts.get_firewalls_status())
def process(self): self.produce( SystemFacts(sysctl_variables=systemfacts.get_sysctls(), kernel_modules=systemfacts.get_active_kernel_modules( self.log), users=systemfacts.get_system_users(), groups=systemfacts.get_system_groups(), repositories=systemfacts.get_repositories(), selinux=systemfacts.get_selinux_status(), firewalls=systemfacts.get_firewalls_status()))
def test_selinux_disabled(monkeypatch): """ Test case SELinux is disabled """ monkeypatch.setattr(selinux, 'is_selinux_mls_enabled', lambda: 0) monkeypatch.setattr(selinux, 'security_getenforce', lambda: 0) monkeypatch.setattr(selinux, 'selinux_getenforcemode', lambda: [0, 0]) monkeypatch.setattr(selinux, 'is_selinux_enabled', lambda: 0) monkeypatch.setattr(selinux, 'selinux_getpolicytype', lambda: [0, 'targeted']) expected_data = { 'policy': 'targeted', 'mls_enabled': False, 'enabled': False, 'runtime_mode': 'permissive', 'static_mode': 'permissive' } assert SELinuxFacts(**expected_data) == get_selinux_status()
def test_selinux_enabled_enforcing(monkeypatch): """ Test case SELinux is enabled in enforcing mode """ monkeypatch.setattr(selinux, 'is_selinux_mls_enabled', lambda: 1) monkeypatch.setattr(selinux, 'security_getenforce', lambda: 1) monkeypatch.setattr(selinux, 'selinux_getenforcemode', lambda: [0, 1]) monkeypatch.setattr(selinux, 'is_selinux_enabled', lambda: 1) monkeypatch.setattr(selinux, 'selinux_getpolicytype', lambda: [0, 'targeted']) expected_data = { 'policy': 'targeted', 'mls_enabled': True, 'enabled': True, 'runtime_mode': 'enforcing', 'static_mode': 'enforcing' } assert SELinuxFacts(**expected_data) == get_selinux_status()
def test_selinux_disabled_no_config_file(monkeypatch): """ Test case SELinux is disabled """ monkeypatch.setattr(selinux, 'is_selinux_mls_enabled', lambda: 0) monkeypatch.setattr(selinux, 'security_getenforce', lambda: 0) monkeypatch.setattr(selinux, 'selinux_getenforcemode', MockNoConfigFileOSError) monkeypatch.setattr(selinux, 'is_selinux_enabled', lambda: 0) monkeypatch.setattr(selinux, 'selinux_getpolicytype', lambda: ('', 'targeted')) expected_data = { 'policy': 'targeted', 'mls_enabled': False, 'enabled': False, 'runtime_mode': 'permissive', 'static_mode': 'disabled' } assert SELinuxFacts(**expected_data) == get_selinux_status()