Merge pull request #802 from sfromm/issue800

Protect all selinux calls with try/except
2024-09-14 20:13:21 +02:00 · 2012-08-08 04:43:37 -07:00 · 2012-08-08 04:43:37 -07:00 · 7dd7755f4c
commit 7dd7755f4c
parent fc330cafce 3fb3eae7b6
1 changed files with 28 additions and 10 deletions
--- a/library/setup
+++ b/library/setup
@ -124,16 +124,34 @@ class Facts(object):
            self.facts['selinux']['status'] = 'disabled'
        else:
            self.facts['selinux']['status'] = 'enabled'
-            self.facts['selinux']['policyvers'] = selinux.security_policyvers()
-            (rc, configmode) = selinux.selinux_getenforcemode()
-            if rc == 0 and Facts.SELINUX_MODE_DICT.has_key(configmode):
-                self.facts['selinux']['config_mode'] = Facts.SELINUX_MODE_DICT[configmode]
-            mode = selinux.security_getenforce()
-            if Facts.SELINUX_MODE_DICT.has_key(mode):
-                self.facts['selinux']['mode'] = Facts.SELINUX_MODE_DICT[mode]
-            (rc, policytype) = selinux.selinux_getpolicytype()
-            if rc == 0:
-                self.facts['selinux']['type'] = policytype
+            try:
+                self.facts['selinux']['policyvers'] = selinux.security_policyvers()
+            except:
+                self.facts['selinux']['policyvers'] = 'unknown'
+            try:
+                (rc, configmode) = selinux.selinux_getenforcemode()
+                if rc == 0 and Facts.SELINUX_MODE_DICT.has_key(configmode):
+                    self.facts['selinux']['config_mode'] = Facts.SELINUX_MODE_DICT[configmode]
+                else:
+                    self.facts['selinux']['config_mode'] = 'unknown'
+            except OSError, e:
+                self.facts['selinux']['config_mode'] = 'unknown'
+            try:
+                mode = selinux.security_getenforce()
+                if Facts.SELINUX_MODE_DICT.has_key(mode):
+                    self.facts['selinux']['mode'] = Facts.SELINUX_MODE_DICT[mode]
+                else:
+                    self.facts['selinux']['mode'] = 'unknown'
+            except OSError, e:
+                self.facts['selinux']['mode'] = 'unknown'
+            try:
+                (rc, policytype) = selinux.selinux_getpolicytype()
+                if rc == 0:
+                    self.facts['selinux']['type'] = policytype
+                else:
+                    self.facts['selinux']['type'] = 'unknown'
+            except OSError, e:
+                self.facts['selinux']['type'] = 'unknown'

 class Hardware(Facts):
    """