Page MenuHomekolab.org

Check the current status of SELinux, and the configuration for the next system cycle
ClosedPublic

Authored by vanmeeuwen on Feb 19 2016, 9:33 AM.

Details

Summary

Resolves T992

Test Plan
  1. Install Kolab on CentOS 7
  2. Configure SELinux to enforce the targeted policy
  3. Run setup-kolab
  4. Expect an error

Diff Detail

Repository
rP pykolab
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

vanmeeuwen updated this revision to Diff 163.Feb 19 2016, 9:33 AM
vanmeeuwen retitled this revision from to Check the current status of SELinux, and the configuration for the next system cycle.
vanmeeuwen updated this object.
vanmeeuwen edited the test plan for this revision. (Show Details)
vanmeeuwen added a reviewer: PyKolab Developers.
vanmeeuwen planned changes to this revision.Feb 23 2016, 10:51 AM
[root@kolab pykolab.git]# ./setup-kolab.py 
Traceback (most recent call last):
  File "./setup-kolab.py", line 42, in <module>
    setup.run()
  File "./pykolab/setup/__init__.py", line 60, in run
    log.error(_("SELinux configured to enforce a policy on startup. Read https://docs.kolab.org/installation-guide/preparing-the-system.html#selinux"))
NameError: global name '_' is not defined
vanmeeuwen updated this revision to Diff 173.Feb 23 2016, 10:53 AM
  • Ensure function _ is available for translation
  • Here too, btw, make sure function _ is available for translation
vanmeeuwen planned changes to this revision.Feb 23 2016, 11:00 AM

Function doesn't bail, use log.fatal()

vanmeeuwen updated this revision to Diff 174.Feb 23 2016, 11:01 AM
  • Ensure function _ is available for translation
  • Here too, btw, make sure function _ is available for translation
  • Use log.fatal(), and sys.exit(1)
[root@kolab pykolab.git]# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   permissive
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28
[root@kolab pykolab.git]# ./setup-kolab.py ; echo $?
2016-02-23 12:21:40,583 pykolab.setup CRITICAL SELinux configured to enforce a policy on startup. Read https://git.kolab.org/u/1
1
[root@kolab pykolab.git]# setenforce 1
[root@kolab pykolab.git]# ./setup-kolab.py ; echo $?
2016-02-23 12:21:45,218 pykolab.setup CRITICAL SELinux currently enforcing. Read https://git.kolab.org/u/1
1
[root@kolab pykolab.git]#
vanmeeuwen accepted this revision.Feb 23 2016, 12:23 PM
vanmeeuwen added a reviewer: vanmeeuwen.
This revision is now accepted and ready to land.Feb 23 2016, 12:23 PM
This revision was automatically updated to reflect the committed changes.