diff options
author | Ressl Robert <r.ressl@safematix.com> | 2018-11-25 04:00:55 +0100 |
---|---|---|
committer | Ressl Robert <r.ressl@safematix.com> | 2018-11-25 04:01:12 +0100 |
commit | d6d1f4dcc835965432f9fafbea70d4cb91775353 (patch) | |
tree | 2d6bcaaa5f018a9972fdc4f41f746757848f00d6 | |
parent | 0ef38689e322dc665f4b8a83ec603d403168ab5d (diff) | |
parent | dd70db6ab6b359610de06f400b671a25892cdd73 (diff) | |
download | ohai-d6d1f4dcc835965432f9fafbea70d4cb91775353.tar.gz |
Merge branch 'master' of https://github.com/chef/ohai
Signed-off-by: Ressl Robert <r.ressl@safematix.com>
-rw-r--r-- | lib/ohai/plugins/linux/fips.rb | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/lib/ohai/plugins/linux/fips.rb b/lib/ohai/plugins/linux/fips.rb index 70d5e142..17c183e2 100644 --- a/lib/ohai/plugins/linux/fips.rb +++ b/lib/ohai/plugins/linux/fips.rb @@ -1,6 +1,6 @@ # # Author:: Matt Wrock (<matt@mattwrock.com>) -# Copyright:: Copyright (c) 2016-2018 Chef Software, Inc. +# Copyright:: Copyright (c) 2016 Chef Software, Inc. # License:: Apache License, Version 2.0 # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -28,11 +28,18 @@ Ohai.plugin(:Fips) do collect_data(:linux) do fips Mash.new + # Check for new fips_mode method added in Ruby 2.5. After we drop support + # for Ruby 2.4, clean up everything after this and collapse the FIPS plugins. require "openssl" if defined?(OpenSSL.fips_mode) && OpenSSL.fips_mode && !$FIPS_TEST_MODE fips["kernel"] = { "enabled" => true } else - fips["kernel"] = { "enabled" => false } + begin + enabled = File.read("/proc/sys/crypto/fips_enabled").chomp + fips["kernel"] = { "enabled" => enabled == "0" ? false : true } + rescue Errno::ENOENT + fips["kernel"] = { "enabled" => false } + end end end end |