Skip to content

Nagios Plugin check_selinux

Davide Madrisan edited this page Apr 10, 2024 · 1 revision

check_selinux - check if SELinux is enabled

[/etc/nrpe.d/check_selinux]
command[check_selinux]=/usr/lib/nagios/plugins/check_selinux
Usage note
This plugin checks if SELinux is enabled.
Copyright (C) 2024 Davide Madrisan <davide.madrisan@gmail.com>
Usage:
  check_selinux [--permissive-is-allowed|--permissive-is-critical]
Options:
  -p  --permissive-is-allowed    permissive mode does not generate a warning
  -P  --permissive-is-critical   permissive mode is to be considered critical
  -h, --help      display this help and exit
  -V, --version   output version information and exit
Note:
  By default, permissive mode raises a warning.
  Use the option -P to turn it into a critical error
  or -p to consider it a valid configuration.
Examples:
  check_selinux
  check_selinux --permissive-is-allowed
  check_selinux --permissive-is-critical
Example of output
> /usr/lib/nagios/plugins/check_selinux
selinux OK - selinux enabled (enforced) (/sys/fs/selinux)

> /usr/lib/nagios/plugins/check_selinux --permissive-is-critical
selinux CRITICAL - selinux disabled (permissive) (/sys/fs/selinux)
Performance data

selinux_enabled