Merge branch 'master' of https://github.com/chef/ohai

Signed-off-by: Ressl Robert <r.ressl@safematix.com>

1 files changed, 9 insertions, 2 deletions

diff --git a/lib/ohai/plugins/linux/fips.rb b/lib/ohai/plugins/linux/fips.rb
index 70d5e142..17c183e2 100644
--- a/lib/ohai/plugins/linux/fips.rb
+++ b/lib/ohai/plugins/linux/fips.rb
@@ -1,6 +1,6 @@
 #
 # Author:: Matt Wrock (<matt@mattwrock.com>)
-# Copyright:: Copyright (c) 2016-2018 Chef Software, Inc.
+# Copyright:: Copyright (c) 2016 Chef Software, Inc.
 # License:: Apache License, Version 2.0
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
@@ -28,11 +28,18 @@ Ohai.plugin(:Fips) do
   collect_data(:linux) do
     fips Mash.new
 
+    # Check for new fips_mode method added in Ruby 2.5. After we drop support
+    # for Ruby 2.4, clean up everything after this and collapse the FIPS plugins.
     require "openssl"
     if defined?(OpenSSL.fips_mode) && OpenSSL.fips_mode && !$FIPS_TEST_MODE
       fips["kernel"] = { "enabled" => true }
     else
-      fips["kernel"] = { "enabled" => false }
+      begin
+        enabled = File.read("/proc/sys/crypto/fips_enabled").chomp
+        fips["kernel"] = { "enabled" => enabled == "0" ? false : true }
+      rescue Errno::ENOENT
+        fips["kernel"] = { "enabled" => false }
+      end
     end
   end
 end