diff options
Diffstat (limited to 'init.cfg')
| -rw-r--r-- | init.cfg | 18 |
1 files changed, 15 insertions, 3 deletions
@@ -128,6 +128,15 @@ require_selinux_() esac } +# Return the SELinux type component if available +get_selinux_type() { ls -Zd "$1" | sed -n 's/.*:\(.*_t\)[: ].*/\1/p'; } + +# Whether SELinux Multi Level Security is enabled +mls_enabled_() { + sestatus 2>&1 | + grep 'Policy MLS status:.*enabled' > /dev/null +} + # Skip this test if we're not in SELinux "enforcing" mode. require_selinux_enforcing_() { @@ -637,10 +646,13 @@ skip_if_mcstransd_is_running_() # and if it's running, skip this test. __ctx=$(stat --printf='%C\n' .) || framework_failure_ case $__ctx in - *:*:*:*) ;; # four components is ok - *) # anything else probably means mcstransd is running - skip_ "unexpected context '$__ctx'; turn off mcstransd" ;; + *:*:*:*) __ctx_ok=1 ;; # four components is ok + *:*:*) # three components is ok too if there is no MLS + mls_enabled_ && __ctk_ok=1 ;; esac + + test "$__ctx_ok" || + skip_ "unexpected context '$__ctx'; turn off mcstransd" } # Skip the current test if umask doesn't work as usual. |