[gnome-boxes] util: add check_selinux_context_default

From: Marc-Andre Lureau <malureau src gnome org>
To: commits-list gnome org
Cc:
Subject: [gnome-boxes] util: add check_selinux_context_default
Date: Tue, 7 Aug 2012 17:19:54 +0000 (UTC)
commit 50e4efad7ec7b9a22eed4ea68e70a15d457fecc5
Author: Marc-AndrÃ Lureau <marcandre lureau gmail com>
Date:   Fri Aug 3 14:40:15 2012 +0200

    util: add check_selinux_context_default
    
    Add a check for SELinux context
    
    https://bugzilla.gnome.org/show_bug.cgi?id=681132

 src/main.vala |    6 ++++++
 src/util.vala |   47 +++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 53 insertions(+), 0 deletions(-)
---
diff --git a/src/main.vala b/src/main.vala
index 67b2df4..910a59c 100644
--- a/src/main.vala
+++ b/src/main.vala
@@ -57,9 +57,15 @@ private async void run_checks () {
     var cpu = yield Boxes.check_cpu_vt_capability ();
     var kvm = yield Boxes.check_module_kvm_loaded ();
 
+    string selinux_context_diagnosis = "";
+    var selinux_context_default = yield Boxes.check_selinux_context_default (out selinux_context_diagnosis);
+
     // FIXME: add proper UI & docs
     GLib.stdout.printf (N_("The CPU is capable of virtualization: %s\n").printf (Boxes.yes_no (cpu)));
     GLib.stdout.printf (N_("The KVM module is loaded: %s\n").printf (Boxes.yes_no (kvm)));
+    GLib.stdout.printf (N_("The SELinux context is default: %s\n").printf (Boxes.yes_no (selinux_context_default)));
+    if (selinux_context_diagnosis.length != 0)
+        GLib.stdout.printf (Boxes.indent ("    ", selinux_context_diagnosis) + "\n");
 }
 
 public int main (string[] args) {
diff --git a/src/util.vala b/src/util.vala
index a59c8ed..9a85f5a 100644
--- a/src/util.vala
+++ b/src/util.vala
@@ -398,6 +398,53 @@ namespace Boxes {
         return value ? N_("yes") : N_("no");
     }
 
+    public string indent (string space, string text) {
+        var indented = "";
+
+        foreach (var l in text.split ("\n")) {
+            if (indented.length != 0)
+                indented += "\n";
+
+            if (l.length != 0)
+                indented += space + l;
+        }
+
+        return indented;
+    }
+
+    public async bool check_selinux_context_default (out string diagnosis) {
+        diagnosis = "";
+
+        try {
+            string standard_output;
+
+            string[] argv = {"restorecon",
+                             "-nrv",
+                             get_user_pkgconfig (),
+                             get_user_pkgdata (),
+                             get_user_pkgcache ()};
+
+            yield exec (argv, null, out standard_output);
+
+            if (standard_output.length == 0)
+                return true;
+
+            argv[1] = "-r";
+
+            diagnosis = _("Your SELinux context looks incorrect, you can try to fix it by running:\n%s").printf (string.joinv (" ", argv));
+            return false;
+
+        } catch (GLib.SpawnError.NOEXEC error) {
+            diagnosis = _("SELinux not installed?");
+            return true;
+
+        } catch (GLib.Error error) {
+            warning (error.message);
+        }
+
+        return false;
+    }
+
     public async bool check_cpu_vt_capability () {
         var result = false;
         var file = File.new_for_path ("/proc/cpuinfo");
[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]