node-feature-discovery/source/selinux/selinux.go

/*
Copyright 2017 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package selinux

import (
	"fmt"
	"io/ioutil"

	"github.com/kubernetes-incubator/node-feature-discovery/source"
)

type Source struct{}

func (s Source) Name() string { return "selinux" }

func (s Source) Discover() (source.Features, error) {
	features := source.Features{}
	status, err := ioutil.ReadFile("/host-sys/fs/selinux/enforce")
	if err != nil {
		return nil, fmt.Errorf("Failed to detect the status of selinux, please check if the system supports selinux and make sure /sys on the host is mounted into the container: %s", err.Error())
	}
	if status[0] == byte('1') {
		// selinux is enabled.
		features["enabled"] = true
	}
	return features, nil
}
Advertise selinux status by adding labels This commit: - enables node-feature-dicovery to advertise selinux status on the node by adding a label. - update the template to mount /sys into the container, this is needed to know about the selinux status on the host - adds selinux source for unit tests 2018-03-06 14:11:44 -05:00			`/*`
			`Copyright 2017 The Kubernetes Authors.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package selinux`

			`import (`
			`"fmt"`
Support for non-binary labels Make it possible to advertise also other than simple 'true' values for feature labels. 2018-06-21 19:02:30 +03:00			`"io/ioutil"`

			`"github.com/kubernetes-incubator/node-feature-discovery/source"`
Advertise selinux status by adding labels This commit: - enables node-feature-dicovery to advertise selinux status on the node by adding a label. - update the template to mount /sys into the container, this is needed to know about the selinux status on the host - adds selinux source for unit tests 2018-03-06 14:11:44 -05:00			`)`

			`type Source struct{}`

			`func (s Source) Name() string { return "selinux" }`

Support for non-binary labels Make it possible to advertise also other than simple 'true' values for feature labels. 2018-06-21 19:02:30 +03:00			`func (s Source) Discover() (source.Features, error) {`
			`features := source.Features{}`
Advertise selinux status by adding labels This commit: - enables node-feature-dicovery to advertise selinux status on the node by adding a label. - update the template to mount /sys into the container, this is needed to know about the selinux status on the host - adds selinux source for unit tests 2018-03-06 14:11:44 -05:00			`status, err := ioutil.ReadFile("/host-sys/fs/selinux/enforce")`
			`if err != nil {`
			`return nil, fmt.Errorf("Failed to detect the status of selinux, please check if the system supports selinux and make sure /sys on the host is mounted into the container: %s", err.Error())`
			`}`
			`if status[0] == byte('1') {`
			`// selinux is enabled.`
Support for non-binary labels Make it possible to advertise also other than simple 'true' values for feature labels. 2018-06-21 19:02:30 +03:00			`features["enabled"] = true`
Advertise selinux status by adding labels This commit: - enables node-feature-dicovery to advertise selinux status on the node by adding a label. - update the template to mount /sys into the container, this is needed to know about the selinux status on the host - adds selinux source for unit tests 2018-03-06 14:11:44 -05:00			`}`
			`return features, nil`
			`}`