def install_with_tasks(self):
"""Return the installation tasks of this module.
:returns: list of installation tasks
"""
return [
ConfigureSELinuxTask(sysroot=conf.target.system_root, selinux_mode=self.selinux)
]
def install_with_tasks(self):
"""Return the installation tasks of this module.
:returns: list of object paths of installation tasks
"""
tasks = [
ConfigureSELinuxTask(sysroot=conf.target.system_root,
selinux_mode=self.selinux)
]
paths = [self.publish_task(SECURITY.namespace, task) for task in tasks]
return paths
def install_with_tasks(self, sysroot):
"""Return the installation tasks of this module.
:param str sysroot: a path to the root of the installed system
:returns: list of object paths of installation tasks
"""
tasks = [
ConfigureSELinuxTask(sysroot=sysroot, selinux_mode=self.selinux)
]
paths = [self.publish_task(SECURITY.namespace, task) for task in tasks]
return paths
def test_configure_selinux_task_permissive(self):
"""Test SELinux configuration task - SELinux permissive."""
content = """
SELINUX=permissive
"""
with tempfile.TemporaryDirectory() as sysroot:
os.makedirs(os.path.join(sysroot, "etc/selinux/"))
os.mknod(os.path.join(sysroot, "etc/selinux/config"))
ConfigureSELinuxTask(sysroot=sysroot,
selinux_mode=SELinuxMode.PERMISSIVE).run()
with open(os.path.join(sysroot, "etc/selinux/config")) as f:
assert f.read().strip() == content.strip()
def test_configure_selinux_task_enforcing(self):
"""Test SELinux configuration task - SELinux enforcing."""
content = """
SELINUX=enforcing
"""
with tempfile.TemporaryDirectory() as sysroot:
os.makedirs(os.path.join(sysroot, "etc/selinux/"))
os.mknod(os.path.join(sysroot, "etc/selinux/config"))
ConfigureSELinuxTask(sysroot=sysroot,
selinux_mode=SELinuxMode.ENFORCING).run()
with open(os.path.join(sysroot, "etc/selinux/config")) as f:
assert f.read().strip() == content.strip()
def configure_selinux_task_disable_test(self):
"""Test SELinux configuration task - SELinux disabled."""
content = """
SELINUX=disabled
"""
with tempfile.TemporaryDirectory() as sysroot:
os.makedirs(os.path.join(sysroot, "etc/selinux/"))
os.mknod(os.path.join(sysroot, "etc/selinux/config"))
ConfigureSELinuxTask(sysroot=sysroot,
selinux_mode=SELinuxMode.DISABLED).run()
with open(os.path.join(sysroot, "etc/selinux/config")) as f:
self.assertEqual(f.read().strip(), content.strip())
def install_with_tasks(self):
"""Return the installation tasks of this module.
:returns: list of installation tasks
"""
return [
ConfigureSELinuxTask(sysroot=conf.target.system_root,
selinux_mode=self.selinux),
ConfigureFingerprintAuthTask(
sysroot=conf.target.system_root,
fingerprint_auth_enabled=self.fingerprint_auth_enabled),
ConfigureAuthselectTask(sysroot=conf.target.system_root,
authselect_options=self.authselect),
ConfigureAuthconfigTask(sysroot=conf.target.system_root,
authconfig_options=self.authconfig)
]
def test_configure_selinux_task_default(self):
"""Test SELinux configuration task - SELinux default."""
content = """
SELINUX=foo
"""
with tempfile.TemporaryDirectory() as sysroot:
os.makedirs(os.path.join(sysroot, "etc/selinux/"))
with open(os.path.join(sysroot, "etc/selinux/config"), "wt") as f:
f.write(content)
f.close()
# check the default value in the SELinux config file is not changed
ConfigureSELinuxTask(sysroot=sysroot,
selinux_mode=SELinuxMode.DEFAULT).run()
with open(os.path.join(sysroot, "etc/selinux/config")) as f:
assert f.read().strip() == content.strip()