跟我学习日常写的shell脚本-设置系统selinux

设置系统selinux

#!/bin/bash   
#  -------------+--------------------   
# * Filename    :       selinux.sh                         
# * Date        :       2020-06-15 
# * Author      :       wangjianxiong           
# * Description :                       
#  -------------+--------------------- 

path=/etc/selinux/config
selinux=`sed -rn "/^(SELINUX=).*$/p" $path`
case $1 in
    enforcing|en)
        sed -ri "s@^(SELINUX=).*$@1enforcing@g" $path
        if [ $selinux ==  'SELINUX=disabled' ];then
            read -p "SELinux enforcing. you need reboot system ( yes or no ):" input
            [ $input == 'yes' -o $input == 'y' ] && reboot || echo "please Manual operation reboot"
        else
            echo "SELinux enforcing."
        fi
        ;;
    permissive|per|pe)
        sed -ri "s@^(SELINUX=).*$@1permissive@g" $path
        if [ $selinux == 'SELINUX=disabled' ];then
            read -p "SELinux permissive. you need reboot system ( yes or no ):" input
            [ $input == 'yes' -o $input == 'y'] && reboot || echo "please Manual operation reboot"
        else
            echo "SELINUX permissive"
        fi
        ;;
    disabled|dis|di)
        sed -ri "s@^(SELINUX=).*$@1disabled@g" $path
        if [ $selinux == 'SELINUX=enforcing' ];then
            read -p "SELinux permissive. you need reboot system ( yes or no ):" input
            [ $input == 'yes' -o $input == 'y' ] && reboot || echo "please Manual operation reboot"
        else
            echo "SELINUX disabled"
        fi
        ;;
    l|a)
        echo `sed -nr 's@(^SELINUX=.*)@1@p' $path`
        ;; 
    help|--help)
        echo "$0 [ enforcing | permissive | disabled  ]"
        ;;
    *)
        echo "$0 [ enforcing | permissive | disabled  ]"
        ;;
esac

执行：

[root@tdh1 ~]# ./set_selinux.sh --help
./set_selinux.sh [ enforcing | permissive | disabled  ]