1 files changed, 30 insertions, 21 deletions

diff --git a/tests/cp/cp-a-selinux b/tests/cp/cp-a-selinux
index 770dcc4fc..b65070a1c 100755
--- a/tests/cp/cp-a-selinux
+++ b/tests/cp/cp-a-selinux
@@ -60,51 +60,60 @@ test $skip = 1 \
 cd mnt                                       || framework_failure
 
 echo > f                                     || framework_failure
-echo > g                                     || framework_failure
-
 
+echo > g                                     || framework_failure
 # /bin/cp from coreutils-6.7-3.fc7 would fail this test by letting cp
 # succeed (giving no diagnostics), yet leaving the destination file empty.
 cp -a f g 2>err || fail=1
 test -s g       || fail=1     # The destination file must not be empty.
 test -s err     && fail=1     # There must be no stderr output.
 
-rm -f g err
+# =====================================================
+# Here, we expect cp to succeed and not warn with "Operation not supported"
+rm -f g
 echo > g
+cp --preserve=all f g 2>err || fail=1
+test -s g || fail=1
+grep "Operation not supported" err && fail=1
 
 # =====================================================
+# The same as above except destination does not exist
+rm -f g
+cp --preserve=all f g 2>err || fail=1
+test -s g || fail=1
+grep "Operation not supported" err && fail=1
+
+# An alternative to the following approach would be to run in a confined
+# domain (maybe creating/loading it) that lacks the required permissions
+# to the file type.
+# Note: this test could also be run by a regular (non-root) user in an
+# NFS mounted directory.  When doing that, I get this diagnostic:
+# cp: failed to set the security context of `g' to `system_u:object_r:nfs_t': \
+#   Operation not supported
+cat <<\EOF > exp || framework_failure=1
+cp: failed to set the security context of
+EOF
+
+rm -f g
+echo > g
+# =====================================================
 # Here, we expect cp to fail, because it cannot set the SELinux
 # security context through NFS or a mount with fixed context.
 cp --preserve=context f g 2> out && fail=1
-
 # Here, we *do* expect the destination to be empty.
 test -s g && fail=1
+sed "s/ .g' to .*//" out > k
+mv k out
+compare out exp || fail=1
 
 rm -f g
 echo > g
 # Check if -a option doesn't silence --preserve=context option diagnostics
 cp -a --preserve=context f g 2> out2 && fail=1
-
 # Here, we *do* expect the destination to be empty.
 test -s g && fail=1
-
-# An alternative to the current approach would be to run in a confined
-# domain (maybe creating/loading it) that lacks the required permissions
-# to the file type.
-# Note: this test could also be run by a regular (non-root) user in an
-# NFS mounted directory.  When doing that, I get this diagnostic:
-# cp: failed to set the security context of `g' to `system_u:object_r:nfs_t': \
-#   Operation not supported
-sed "s/ .g' to .*//" out > k
-mv k out
 sed "s/ .g' to .*//" out2 > k
 mv k out2
-
-cat <<\EOF > exp || fail=1
-cp: failed to set the security context of
-EOF
-
-compare out exp || fail=1
 compare out2 exp || fail=1
 
 Exit $fail