GNU bug report logs - #22631
[PATCH] tests: support non-MLS SELinux systems in mkdir tests

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Pádraig Brady <P <at> draigBrady.com>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#22631: closed ([PATCH] tests: support non-MLS SELinux systems
 in mkdir tests)
Date: Sun, 18 Dec 2016 20:11:02 +0000

[Message part 1 (text/plain, inline)]

Your message dated Sun, 18 Dec 2016 20:10:16 +0000
with message-id <1c1fae03-bbb0-25d5-92c0-46a4feed9a08 <at> draigBrady.com>
and subject line Re: bug#22631: [PATCH] tests: support non-MLS SELinux systems in mkdir tests
has caused the debbugs.gnu.org bug report #22631,
regarding [PATCH] tests: support non-MLS SELinux systems in mkdir tests
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
22631: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=22631
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Nicolas Iooss <nicolas.iooss <at> m4x.org>
To: bug-coreutils <at> gnu.org
Subject: [PATCH] tests: support non-MLS SELinux systems in mkdir tests
Date: Thu, 11 Feb 2016 15:07:52 +0100

When running "make check" on a Linux system running SELinux with a
non-MLS policy, tests/mkdir/restorecon.sh test fails with:

  chcon: invalid context: root:object_r:tmp_t:s0: Invalid argument

Indeed in such a configuration, contexts cannot have ":s0" suffix.

* tests/mkdir/restorecon.sh: detect non-MLS SELinux configurations by
  using sestatus and in this case use a valid context when calling
  runcon.  Update the sed pattern of get_selinux_type to always grab the
  SELinux type from the output of "ls -Zd" even with a non-MLS policy.
---
 tests/mkdir/restorecon.sh | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/tests/mkdir/restorecon.sh b/tests/mkdir/restorecon.sh
index 0e7f03bc93db..cfd3bdda9637 100755
--- a/tests/mkdir/restorecon.sh
+++ b/tests/mkdir/restorecon.sh
@@ -21,10 +21,14 @@ print_ver_ mkdir mknod mkfifo
 require_selinux_
 
 
-get_selinux_type() { ls -Zd "$1" | sed -n 's/.*:\(.*_t\):.*/\1/p'; }
+get_selinux_type() { ls -Zd "$1" | sed -n 's/.*:\(.*_t\)[: ].*/\1/p'; }
 
 mkdir subdir || framework_failure_
-chcon 'root:object_r:tmp_t:s0' subdir || framework_failure_
+if sestatus 2>&1 |grep 'Policy MLS status:.*enabled' > /dev/null; then
+  chcon 'root:object_r:tmp_t:s0' subdir || framework_failure_
+else
+  chcon 'root:object_r:tmp_t' subdir || framework_failure_
+fi
 cd subdir
 
 # --- mkdir -Z ---
-- 
2.7.0

[Message part 3 (message/rfc822, inline)]

From: Pádraig Brady <P <at> draigBrady.com>
To: Nicolas Iooss <nicolas.iooss <at> m4x.org>, 22631-done <at> debbugs.gnu.org
Subject: Re: bug#22631: [PATCH] tests: support non-MLS SELinux systems in
 mkdir tests
Date: Sun, 18 Dec 2016 20:10:16 +0000

On 18/12/16 19:29, Nicolas Iooss wrote:
> I am not running mcstransd on and the SKIP were due to incorrect
> matching in skip_if_mcstransd_is_running_ function. I updated this
> function to accept contexts with three components if MLS is disabled and
> got one more PASS:

Excellent. I tweaked that a little to be less than 80 chars line length,
and avoid a duplicated error message, and pushed at:
http://git.sv.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=v8.26-5-gbe2f82f

Marking this bug as done.

cheers,
Pádraig

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.