diff options
| author | Leandro Pereira <leandro@hardinfo.org> | 2019-06-18 07:36:01 -0700 | 
|---|---|---|
| committer | Leandro Pereira <leandro@hardinfo.org> | 2019-06-18 07:36:01 -0700 | 
| commit | 62cccb86cc10abd4f27fe6009c0e14df5aa0fd62 (patch) | |
| tree | 65f057967d8fe749b1312c9a854ac529f6ba4498 | |
| parent | 915233d5539e03fb7124af4f5a483b7c063d1a80 (diff) | |
Add information about SELinux and other LSMs
| -rw-r--r-- | includes/computer.h | 2 | ||||
| -rw-r--r-- | modules/computer.c | 13 | ||||
| -rw-r--r-- | modules/computer/os.c | 27 | 
3 files changed, 41 insertions, 1 deletions
| diff --git a/includes/computer.h b/includes/computer.h index 892a3d69..9b70ae9a 100644 --- a/includes/computer.h +++ b/includes/computer.h @@ -145,6 +145,8 @@ gchar *computer_get_alsacards(Computer * computer);  gchar *computer_get_entropy_avail(void);  gchar *computer_get_aslr(void);  gchar *computer_get_dmesg_status(void); +const gchar *computer_get_selinux(void); +gchar *computer_get_lsm(void);  OperatingSystem *computer_get_os(void);  AlsaInfo *computer_get_alsainfo(void); diff --git a/modules/computer.c b/modules/computer.c index 61a75ec5..2a8c56b5 100644 --- a/modules/computer.c +++ b/modules/computer.c @@ -534,13 +534,24 @@ gchar *callback_security(void)  {      struct Info *info = info_new(); -    info_add_group(info, _("Security"), +    info_add_group(info, _("HardInfo"),          info_field(_("HardInfo running as"), (getuid() == 0) ? _("Superuser") : _("User")), +        info_field_last()); + +    info_add_group(info, _("Health"),          info_field_update(_("Available entropy in /dev/random"), 1000), +        info_field_last()); + +    info_add_group(info, _("Hardening Features"),          info_field(_("ASLR"), idle_free(computer_get_aslr())),          info_field(_("dmesg"), idle_free(computer_get_dmesg_status())),          info_field_last()); +    info_add_group(info, _("Linux Security Modules"), +        info_field(_("Modules available"), idle_free(computer_get_lsm())), +        info_field(_("SELinux status"), computer_get_selinux()), +        info_field_last()); +      return info_flatten(info);  } diff --git a/modules/computer/os.c b/modules/computer/os.c index 49210307..5872ff82 100644 --- a/modules/computer/os.c +++ b/modules/computer/os.c @@ -490,3 +490,30 @@ computer_get_os(void)      return os;  } + +const gchar * +computer_get_selinux(void) +{ +    int r; +    gboolean spawned = g_spawn_command_line_sync("selinuxenabled", +                                                 NULL, NULL, &r, NULL); + +    if (!spawned) +        return _("Not installed"); + +    if (r == 0) +        return _("Enabled"); + +    return _("Disabled"); +} + +gchar * +computer_get_lsm(void) +{ +    gchar *contents; + +    if (!g_file_get_contents("/sys/kernel/security/lsm", &contents, NULL, NULL)) +        return g_strdup(_("Unknown")); + +    return contents; +} | 
