[LTP] [PATCH 1/2] lib: Add tst_selinux_enforcing()
Petr Vorel
pvorel@suse.cz
Wed Mar 20 09:54:51 CET 2024
> On Wed, Mar 20, 2024 at 3:56 PM Petr Vorel <pvorel@suse.cz> wrote:
> > Hi Li, all,
> > > Hi Petr,
> > > On Wed, Mar 20, 2024 at 2:32 PM Petr Vorel <pvorel@suse.cz> wrote:
> > > > Co-developed-by: Mete Durlu <meted@linux.ibm.com>
> > > > Signed-off-by: Petr Vorel <pvorel@suse.cz>
> > > This patch is doing the same work as security_getenforce() which provides
> > > by 'selinux/selinux.h', but it is still worth having it because we do not
> > > want ltp
> > > has many extra dependencies (e.g. libselinux-devel).
> > +1
> > > Reviewed-by: Li Wang <liwang@redhat.com>
> > Thanks!
> > > > ---
> > > > Hi,
> > > > @Li, Cyril:
> > > > 1) I guess we want to distinguish EACCES for SELinux enforcing, right?
> > > > If not, this commit would be dropped and second commit would just use
> > > > const int exp_errs[] = {tc->expected_errno, EACCES};
> > > > TST_EXP_FAIL_ARR(fanotify_mark(fanotify_fd, FAN_MARK_ADD |
> > > > tc->mark.flags,
> > > > tc->mask.flags, dirfd, path),
> > > > exp_errs);
> > > > 2) Some time ago I proposed to merge some lib/*.c files, not
> > > > just have so many files with single functions in the library. E.g.
> > > > lib/tst_fips.c, lib/tst_selinux.c, lib/tst_lockdown.c could be merged
> > > > into lib/tst_security.c. Or do we want to have these separate?
> > > I think the answer is Yes. There are more and more lib/*.c files with
> > I read "Yes" as to keep lib/tst_selinux.c, lib/tst_lockdown.c as separate.
> Ohh, sorry, I don't mean that. More separate (boring!!!) files should be
> avoided.
Thank for info. I'll send this another version, which merge these two files.
I guess we could merge it soon.
Kind regards,
Petr
> I think I should step away from the keyboard now, watching too much screen
> time makes me foolish :).
More information about the ltp
mailing list