Commit 0de93289 authored by Robin Schneider's avatar Robin Schneider

Allow to exclude/disable checkers using `exclude_checkers`

parent 6d6708c0
......@@ -18,6 +18,9 @@ Added
- Mention antievilmaid_, tpmtotp_ and chkboot_ in
:ref:`fdeunlock__ref_related_projects`. [ypid_]
- Allow to exclude/disable checkers using :ref:`exclude_checkers
<fdeunlock__ref_config_exclude_checkers>`. [ypid_]
Fixed
~~~~~
......
......@@ -39,5 +39,19 @@ Each host has it’s own section. Supported options inside sections:
is to be executed in the comforting environment of a shell – or not.
Defaults to ``False``.
.. _fdeunlock__ref_config_exclude_checkers:
``exclude_checkers``
List of host checkers to exclude from running.
Multiple host checkers can be given, separated by newline.
Example:
.. code-block:: ini
[fde-server.example.org-initramfs]
exclude_checkers =
ChecksumChecker
:ref:`fdeunlock__ref_host_checkers` might support additional configuration options.
Refer to the :ref:`fdeunlock__ref_host_checkers` section for details.
......@@ -187,11 +187,19 @@ class FdeUnlock(object):
if not selected_checkers:
return
selected_checker_names = [c.__name__ for c in selected_checkers]
exclude_checkers = self._cfg.get(
self._original_host, 'exclude_checkers',
fallback='')
exclude_checkers = set([a.strip() for a in exclude_checkers.split('\n') if a])
selected_checker_names = set([c.__name__ for c in selected_checkers])
LOG.info("Running {}s: {}".format(
parent_class.__doc__,
', '.join(selected_checker_names)))
', '.join(selected_checker_names.difference(exclude_checkers))))
for checker_class in selected_checkers:
if checker_class.__name__ in exclude_checkers:
LOG.debug("Excluding {}.".format(checker_class.__name__))
continue
LOG.debug("Running {}.".format(checker_class.__name__))
checker = checker_class(self)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment