[LTP] [PATCH 1/2] tst_security.sh: Fix SELinux detection
Andrea Cervesato
andrea.cervesato@suse.com
Mon Feb 17 14:16:04 CET 2025
Hi!
Reviewed-by: Andrea Cervesato <andrea.cervesato@suse.com>
On 2/17/25 14:08, Petr Vorel wrote:
> Some SLES15 versions create /selinux directory which fails the detection
> if SELinux is actually not enabled. Therefore detect if directory
> actually contains the 'enforce' file.
>
> Also drop /selinux directory detection and detect only /sys/fs/selinux,
> /sys/fs/selinux mount point was added in kernel 3.0 in commit
> 7a627e3b9a2b ("SELINUX: add /sys/fs/selinux mount point to put selinuxfs")
> 14 years is enough, kernel 3.0 is not even supported in current LTP and
> we don't even support /selinux in C API (tst_security.c).
>
> Fixes: e7b804df65 ("shell: Add tst_security.sh helper")
> Signed-off-by: Petr Vorel <pvorel@suse.cz>
> ---
> testcases/lib/tst_security.sh | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/testcases/lib/tst_security.sh b/testcases/lib/tst_security.sh
> index 05640234ea..356c28fc73 100644
> --- a/testcases/lib/tst_security.sh
> +++ b/testcases/lib/tst_security.sh
> @@ -127,8 +127,7 @@ tst_get_selinux_dir()
> {
> local dir="/sys/fs/selinux"
>
> - [ -d "$dir" ] || dir="/selinux"
> - [ -d "$dir" ] && echo "$dir"
> + [ -f "$dir/enforce" ] && echo "$dir"
> }
>
> # Get SELinux enforce file path
More information about the ltp
mailing list