function chkaudit { GETENFORCE="$(which getenforce)" if [ "$EUID" != "0" ] || [ "$USER" != "root" ] then echo "chkaudit must be run as root." else if [ -e "$GETENFORCE" ] then CHK="$($GETENFORCE)" if [[ $CHK == "Enforcing" ]] then AUDIT="$(locate audit.log | grep /audit.log$)" A2A="$(which audit2allow)" echo "Checking $AUDIT for violations..." $A2A < $AUDIT fi fi fi } function mkpolicy { GETENFORCE="$(which getenforce)" if [ "$EUID" != "0" ] || [ "$USER" != "root" ] then echo "mkpolicy must be run as root." else if [ -e "$GETENFORCE" ] then CHK="$($GETENFORCE)" if [[ $CHK == "Enforcing" ]] then AUDIT="$(locate audit.log | grep /audit.log$)" A2A="$(which audit2allow)" echo "Updating SELinux policy..." $A2A -M local < $AUDIT fi fi fi }