1327 Add facts for SELinux state As part of the work I'm doing to add SELinux support to Puppet (http://spook.wpi.edu) it would be very useful if Facter were to have some SELinux facts. At this point, I have identified two facts indicating the overall global state of SELinux of a machine which should be widely useful, both for what configuration settings should be pushed out and for auditing the SELinux state of a machine: * selinux - whether the machine supports SELinux, and if so, what mode it is in (enforcing, permissive, disabled) * selinuxpolicy - which policy is loaded (strict, targeted, mls) I'm attaching a first pass at code for these facts that works for me. 0 Thu Jan 10 22:35:22 +0000 2008 Mon May 11 07:23:38 +0000 2009 Fixed #1327 - Added SELinux facts Sun May 10 11:51:40 +0000 2009 Fixed #1327 - Added SELinux facts Tue Sep 22 09:17:06 +0000 2009 Can you describe what changes you'd like to see before accepting?

Reverted this commit in [2b0679994e73518c767c559fd1541767c2d5bad9] in branch master. Still don't like this fact and needs some more work.

Fixed in commit [b3962ef307678d1be70ece96a284fdd2d63b064d] in master.

beside that's not yet clear what might be the better way I add our facts which are slightly different but propose more options. I'm willing to merge them together if the needed work is defined to push them to master. Our facts: :selinux => true/false (is selinux a topic?) :selinux_enabled => true/false (is selinux enabled) :selinux_policyversion => $version of the policy :selinux_mode => targeted/strict (mode of selinux)

What's the state of this code?

I just tested the selinux.rb file on my system; it worked fine for me. This issue seems fairly idle. Is there any chance it could be merged? Or is there extra work that needs to be done?

I found a small bug in selinux.rb; it didn't work properly if the selinux kernel module was loaded, but selinux was disabled. I mirrored the code that sestatus uses to detect when selinux is enabled (it checks the current context, and makes sure it is not "kernel"). I've attached a new version of selinux.rb with the changes.

I'll get this merged into the next release.

Pushed in commit:"e95620215e9f645423d14bd54f16fcba75d90b29" in branch master.