Merge pull request #2 from cloudlinux/KPT-1881

KPT-1881 kernelcare now supports secure boot

Author: histrio

kc-compat.py

@@ -39,29 +39,6 @@ def inside_vz_container():
     return os.path.exists('/proc/vz/veinfo') and not os.path.exists('/proc/vz/version')
 
 
-def _get_last_byte_from(filename):
-    """ Reading the last byte from the varfile
-    :return: last byte in a file as unsigned int or None if file was empty
-    """
-    with open(filename, 'rb') as f:
-        last, = struct.unpack("B", f.read()[-1:])
-        return last
-
-
-def is_secure_boot():
-    """ Detects Secure Boot
-    :return: True if Secure Boot is enabled, false otherwise
-    """
-    efivars_location = "/sys/firmware/efi/efivars/"
-    if not os.path.isdir(efivars_location):
-        return False
-    for filename in os.listdir(efivars_location):
-        if filename.startswith('SecureBoot'):
-            varfile = os.path.join(efivars_location, filename)
-            return _get_last_byte_from(varfile) == 1
-    return False
-
-
 def inside_lxc_container():
     return '/lxc/' in open('/proc/1/cgroup').read()
 
@@ -87,10 +64,7 @@ def main():
     else exit with 0 if COMPATIBLE, 1 or more otherwise
     """
     silent = len(sys.argv) > 1 and (sys.argv[1] == '--silent' or sys.argv[1] == '-q')
-    if is_secure_boot():
-        myprint(silent, "UNSUPPORTED; SECURE BOOT")
-        return 3
-    if inside_vz_container() or inside_lxc_container() or is_secure_boot():
+    if inside_vz_container() or inside_lxc_container():
         myprint(silent, "UNSUPPORTED; INSIDE CONTAINER")
         return 2
     if is_compat():