diff options
| author | Jim Meyering <jim@meyering.net> | 2007-09-05 10:57:54 +0200 |
|---|---|---|
| committer | Jim Meyering <jim@meyering.net> | 2007-09-05 10:58:45 +0200 |
| commit | 0fb836f179d0cb2509aefcf007157e02dd0814b6 (patch) | |
| tree | f4c6040fe50cac03c0fb58df15e36f608f2f4bf2 | |
| parent | 4055cd5a2679bc625c4dde7bce941461481ea8b0 (diff) | |
| download | coreutils-0fb836f179d0cb2509aefcf007157e02dd0814b6.tar.xz | |
Adapt to new SELinux behavior: "?" vs. new "unlabeled"
* src/ls.c (gobble_file): Interpret the new "unlabeled" indicator
from getfilecon/lgetfilecon the same way we interpret a negative
return value: no security context. So we don't print the "+".
* tests/selinux: Recognize that "unlabeled" means insufficient
support for SELinux, just like "?".
| -rw-r--r-- | ChangeLog | 9 | ||||
| -rw-r--r-- | src/ls.c | 3 | ||||
| -rw-r--r-- | tests/selinux | 9 |
3 files changed, 16 insertions, 5 deletions
@@ -1,3 +1,12 @@ +2007-09-05 Jim Meyering <jim@meyering.net> + + Adapt to new SELinux behavior: "?" vs. new "unlabeled" + * src/ls.c (gobble_file): Interpret the new "unlabeled" indicator + from getfilecon/lgetfilecon the same way we interpret a negative + return value: no security context. So we don't print the "+". + * tests/selinux: Recognize that "unlabeled" means insufficient + support for SELinux, just like "?". + 2007-09-03 Jim Meyering <jim@meyering.net> Invoke $(AUTOCONF) manually, if needed to get an updated version string. @@ -2651,7 +2651,8 @@ gobble_file (char const *name, enum filetype type, ino_t inode, ? getfilecon (absolute_name, &f->scontext) : lgetfilecon (absolute_name, &f->scontext)); err = (attr_len < 0); - file_has_security_context = (err == 0); + file_has_security_context = + (err == 0 && ! STREQ ("unlabeled", f->scontext)); /* When requesting security context information, don't make ls fail just because the file (even a command line argument) diff --git a/tests/selinux b/tests/selinux index 087658a39..2026a6a98 100644 --- a/tests/selinux +++ b/tests/selinux @@ -1,4 +1,4 @@ -# Is a test expensive? +# Skip this test if there is insufficient SELinux support. # Copyright (C) 2007 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify @@ -14,9 +14,10 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. -test "`ls -Zd .`" = '? .' && - { +case `ls -Zd .` in + '? .'|'unlabeled .') echo "$0: skipping this test; this system (or maybe just" 1>&2 echo " the current file system) lacks SELinux support" 1>&2 (exit 77); exit 77 - } + ;; +esac |