blob: 0c8427c46b3790a3d86e54c76314f814b9cbd00a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
From b6668a23d4a58c08d25023440854f9ce720b87de Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Thu, 11 Feb 2016 14:36:50 +0100
Subject: [PATCH] tests: support non-MLS SELinux systems in mkdir tests
When running "make check" on a Linux system running SELinux with a
non-MLS policy, tests/mkdir/restorecon.sh test fails with:
chcon: invalid context: root:object_r:tmp_t:s0: Invalid argument
Indeed in such a configuration, contexts cannot have ":s0" suffix.
* tests/mkdir/restorecon.sh: detect non-MLS SELinux configurations by
using sestatus and in this case use a valid context when calling
runcon. Update the sed pattern of get_selinux_type to always grab the
SELinux type from the output of "ls -Zd" even with a non-MLS policy.
[Upstream bug: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22631]
---
tests/mkdir/restorecon.sh | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/tests/mkdir/restorecon.sh b/tests/mkdir/restorecon.sh
index 0e7f03bc93db..cfd3bdda9637 100755
--- a/tests/mkdir/restorecon.sh
+++ b/tests/mkdir/restorecon.sh
@@ -21,10 +21,14 @@ print_ver_ mkdir mknod mkfifo
require_selinux_
-get_selinux_type() { ls -Zd "$1" | sed -n 's/.*:\(.*_t\):.*/\1/p'; }
+get_selinux_type() { ls -Zd "$1" | sed -n 's/.*:\(.*_t\)[: ].*/\1/p'; }
mkdir subdir || framework_failure_
-chcon 'root:object_r:tmp_t:s0' subdir || framework_failure_
+if sestatus 2>&1 |grep 'Policy MLS status:.*enabled' > /dev/null; then
+ chcon 'root:object_r:tmp_t:s0' subdir || framework_failure_
+else
+ chcon 'root:object_r:tmp_t' subdir || framework_failure_
+fi
cd subdir
# --- mkdir -Z ---
--
2.7.0
|