From 330ada0a34924ed2e6e52ac99e7a1db39b9553cc Mon Sep 17 00:00:00 2001
From: Kurt H Maier <khm@pnnl.gov>
Date: Wed, 1 May 2019 13:23:10 -0700
Subject: [PATCH] probe_utils:  add check to see if selinux is enforcing (not
 just enabled)

---
 xCAT-probe/lib/perl/probe_utils.pm | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/xCAT-probe/lib/perl/probe_utils.pm b/xCAT-probe/lib/perl/probe_utils.pm
index 115814943..c45fc753b 100644
--- a/xCAT-probe/lib/perl/probe_utils.pm
+++ b/xCAT-probe/lib/perl/probe_utils.pm
@@ -240,6 +240,33 @@ sub is_selinux_enable {
 
 #------------------------------------------
 
+=head3
+    Description:
+        Test if SELinux is enforcing in current operating system
+    Arguments:
+         None
+    Returns:
+        1 : yes
+        0 : no
+=cut
+
+#------------------------------------------
+sub is_selinux_enforcing {
+    if (-e "/usr/sbin/getenforce") {
+        my $enforce_mode = `/usr/sbin/getenforce`;
+        chomp $enforce_mode;
+        switch ($enforce_mode) {
+          case "Disabled" { return 0; }
+          case "Permissive" { return 0; }
+          case "Enforcing" { return 1; }
+          else { return 0; }
+    } else {
+        return 0;
+    }
+}
+
+#------------------------------------------
+
 =head3
     Description:
         Test if firewall is opened in current operating system