From 303f280bb410cdbff378fc398413d785dc931bf5 Mon Sep 17 00:00:00 2001
From: Samson-W <samson@hardenedlinux.org>
Date: Thu, 4 Jun 2020 17:48:55 +0800
Subject: [PATCH] Fix a bug of 4.6

---
 bin/hardening/4.6_enable_selinux.sh | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/bin/hardening/4.6_enable_selinux.sh b/bin/hardening/4.6_enable_selinux.sh
index 707efa2..d9b4614 100755
--- a/bin/hardening/4.6_enable_selinux.sh
+++ b/bin/hardening/4.6_enable_selinux.sh
@@ -68,7 +68,8 @@ audit_centos () {
 	if [ $FNRET -eq 0 ]; then
 		if [ $(grep -c selinux $LSM_RUN_STATUS_FILE) -eq 1 ]; then
 			ok "SELinux was activated."
-			if [ $(getenforce | grep -c Enforcing) -eq 1 ]; then
+			does_valid_pattern_exist_in_file $SELINUXCONF_FILE $SELINUXENFORCE_MODE
+			if [ ${FNRET} -eq 0 -a $(getenforce | grep -c 'Enforcing') -eq 1 ]; then
 				ok "SELinux is in Enforcing mode."
 				FNRET=0
 			else