From 750decd076c4aa4e23a489117f5ab573f51965ce Mon Sep 17 00:00:00 2001
From: Erope <wjhjd163@gmail.com>
Date: Fri, 13 May 2022 19:29:03 +0800
Subject: [PATCH] Add SELinux Check

---
 README.md            |  2 +-
 script/install.sh    | 23 ++++++++++++++++++-----
 script/install_en.sh | 23 ++++++++++++++++++-----
 3 files changed, 37 insertions(+), 11 deletions(-)

diff --git a/README.md b/README.md
index fe2b4f1..01b4daf 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,7 @@
   <br>
   <small><i>LOGO designed by <a href="https://xio.ng" target="_blank">熊大</a> .</i></small>
   <br><br>
-<img src="https://img.shields.io/github/workflow/status/naiba/nezha/Dashboard%20image?label=Dash%20v0.13.13&logo=github&style=for-the-badge">&nbsp;<img src="https://img.shields.io/github/v/release/naiba/nezha?color=brightgreen&label=Agent&style=for-the-badge&logo=github">&nbsp;<img src="https://img.shields.io/github/workflow/status/naiba/nezha/Agent%20release?label=Agent%20CI&logo=github&style=for-the-badge">&nbsp;<img src="https://img.shields.io/badge/Installer-v0.10.0-brightgreen?style=for-the-badge&logo=linux">
+<img src="https://img.shields.io/github/workflow/status/naiba/nezha/Dashboard%20image?label=Dash%20v0.13.13&logo=github&style=for-the-badge">&nbsp;<img src="https://img.shields.io/github/v/release/naiba/nezha?color=brightgreen&label=Agent&style=for-the-badge&logo=github">&nbsp;<img src="https://img.shields.io/github/workflow/status/naiba/nezha/Agent%20release?label=Agent%20CI&logo=github&style=for-the-badge">&nbsp;<img src="https://img.shields.io/badge/Installer-v0.10.1-brightgreen?style=for-the-badge&logo=linux">
   <br>
   <br>
   <p>:trollface: <b>Nezha Monitoring</b> self-hosted lightweight monitoring and operation and maintenance system. Supports system status, HTTP (SSL certificate change, upcoming expiration, expiration), TCP, Ping <b>monitoring</b> and <b>alerting</b>, execute scheduled tasks and <b>web terminal</b>.</p>
diff --git a/script/install.sh b/script/install.sh
index ecf25c0..cbe3544 100755
--- a/script/install.sh
+++ b/script/install.sh
@@ -11,7 +11,7 @@ NZ_BASE_PATH="/opt/nezha"
 NZ_DASHBOARD_PATH="${NZ_BASE_PATH}/dashboard"
 NZ_AGENT_PATH="${NZ_BASE_PATH}/agent"
 NZ_AGENT_SERVICE="/etc/systemd/system/nezha-agent.service"
-NZ_VERSION="v0.10.0"
+NZ_VERSION="v0.10.1"
 
 red='\033[0;31m'
 green='\033[0;32m'
@@ -124,15 +124,16 @@ before_show_menu() {
 }
 
 install_base() {
-    (command -v git >/dev/null 2>&1 && command -v curl >/dev/null 2>&1 && command -v wget >/dev/null 2>&1 && command -v unzip >/dev/null 2>&1) ||
+    (command -v git >/dev/null 2>&1 && command -v curl >/dev/null 2>&1 && command -v wget >/dev/null 2>&1 && command -v unzip >/dev/null 2>&1 && command -v getenforce >/dev/null 2>&1) ||
         (install_soft curl wget git unzip)
 }
 
 install_soft() {
-    (command -v yum >/dev/null 2>&1 && yum install $* -y) ||
-        (command -v apt >/dev/null 2>&1 && apt install $* -y) ||
+    # Arch官方库不包含selinux等组件
+    (command -v yum >/dev/null 2>&1 && yum install $* selinux-policy -y) ||
+        (command -v apt >/dev/null 2>&1 && apt install $* selinux-utils -y) ||
         (command -v pacman >/dev/null 2>&1 && pacman -Syu $*) ||
-        (command -v apt-get >/dev/null 2>&1 && apt-get install $* -y)
+        (command -v apt-get >/dev/null 2>&1 && apt-get install $* selinux-utils -y)
 }
 
 install_dashboard() {
@@ -195,8 +196,20 @@ install_dashboard() {
     fi
 }
 
+selinux(){
+    #判断当前的状态
+    getenforce | grep enfor
+    if [ $? -eq 0 ];then
+        echo -e "SELinux是开启状态，正在关闭！" 
+        setenforce 0 &>/dev/null
+        find_key="SELINUX="
+        sed -ri "/^$find_key/c${find_key}disabled" /etc/selinux/config
+    fi
+}
+
 install_agent() {
     install_base
+    selinux
 
     echo -e "> 安装监控Agent"
 
diff --git a/script/install_en.sh b/script/install_en.sh
index 240fd64..0482e1f 100755
--- a/script/install_en.sh
+++ b/script/install_en.sh
@@ -11,7 +11,7 @@ NZ_BASE_PATH="/opt/nezha"
 NZ_DASHBOARD_PATH="${NZ_BASE_PATH}/dashboard"
 NZ_AGENT_PATH="${NZ_BASE_PATH}/agent"
 NZ_AGENT_SERVICE="/etc/systemd/system/nezha-agent.service"
-NZ_VERSION="v0.10.0"
+NZ_VERSION="v0.10.1"
 
 red='\033[0;31m'
 green='\033[0;32m'
@@ -94,15 +94,16 @@ before_show_menu() {
 }
 
 install_base() {
-    (command -v git >/dev/null 2>&1 && command -v curl >/dev/null 2>&1 && command -v wget >/dev/null 2>&1 && command -v unzip >/dev/null 2>&1) ||
+    (command -v git >/dev/null 2>&1 && command -v curl >/dev/null 2>&1 && command -v wget >/dev/null 2>&1 && command -v unzip >/dev/null 2>&1 && command -v getenforce >/dev/null 2>&1) ||
         (install_soft curl wget git unzip)
 }
 
 install_soft() {
-    (command -v yum >/dev/null 2>&1 && yum install $* -y) ||
-        (command -v apt >/dev/null 2>&1 && apt install $* -y) ||
+    # The official Arch library does not contain selinux components
+    (command -v yum >/dev/null 2>&1 && yum install $* selinux-policy -y) ||
+        (command -v apt >/dev/null 2>&1 && apt install $* selinux-utils -y) ||
         (command -v pacman >/dev/null 2>&1 && pacman -Syu $*) ||
-        (command -v apt-get >/dev/null 2>&1 && apt-get install $* -y)
+        (command -v apt-get >/dev/null 2>&1 && apt-get install $* selinux-utils -y)
 }
 
 install_dashboard() {
@@ -164,8 +165,20 @@ install_dashboard() {
     fi
 }
 
+selinux(){
+    #Check SELinux
+    getenforce | grep enfor
+    if [ $? -eq 0 ];then
+        echo -e "SELinux running，closing now！" 
+        setenforce 0 &>/dev/null
+        find_key="SELINUX="
+        sed -ri "/^$find_key/c${find_key}disabled" /etc/selinux/config
+    fi
+}
+
 install_agent() {
     install_base
+    selinux
 
     echo -e "> Install Nezha Agent"