MCPcopy Index your code
hub / github.com/PatchMon/PatchMon / getSELinuxStatus

Method getSELinuxStatus

agent-source-code/internal/system/system.go:332–373  ·  view source on GitHub ↗

getSELinuxStatus gets SELinux status using file reading

()

Source from the content-addressed store, hash-verified

330
331// getSELinuxStatus gets SELinux status using file reading
332func (d *Detector) getSELinuxStatus() string {
333 // Windows and FreeBSD don't use SELinux
334 if runtime.GOOS == "windows" || d.isFreeBSD() {
335 return constants.SELinuxDisabled
336 }
337
338 // Try getenforce command first
339 if cmd := exec.Command("getenforce"); cmd != nil {
340 if output, err := cmd.Output(); err == nil {
341 status := strings.ToLower(strings.TrimSpace(string(output)))
342 // Map "enforcing" to "enabled" for server validation
343 if status == constants.SELinuxEnforcing {
344 return constants.SELinuxEnabled
345 }
346 if status == constants.SELinuxPermissive {
347 return constants.SELinuxPermissive
348 }
349 return status
350 }
351 }
352
353 // Fallback to reading config file
354 if data, err := os.ReadFile("/etc/selinux/config"); err == nil {
355 scanner := bufio.NewScanner(strings.NewReader(string(data)))
356 for scanner.Scan() {
357 line := strings.TrimSpace(scanner.Text())
358 if value, found := strings.CutPrefix(line, "SELINUX="); found {
359 status := strings.ToLower(strings.Trim(value, "\"'"))
360 // Map "enforcing" to "enabled" for server validation
361 if status == constants.SELinuxEnforcing {
362 return constants.SELinuxEnabled
363 }
364 if status == constants.SELinuxPermissive {
365 return constants.SELinuxPermissive
366 }
367 return status
368 }
369 }
370 }
371
372 return constants.SELinuxDisabled
373}
374
375// getSystemUptime gets system uptime
376func (d *Detector) getSystemUptime(ctx context.Context) string {

Callers 1

GetSystemInfoMethod · 0.95

Calls 2

isFreeBSDMethod · 0.95
ScanMethod · 0.45

Tested by

no test coverage detected