[LTP] [PATCH v4 1/2] core: add tst_selinux_enabled() utility
Petr Vorel
pvorel@suse.cz
Wed Jul 23 21:50:11 CEST 2025
Hi Andrea, Stephen,
> On 7/23/25 3:13 PM, Stephen Smalley wrote:
> > To be more precise, the bug is only triggerable for LSMs that
> > implement the listsecurity LSM hook (to return a synthesized security
> > xattr regardless of whether one is set in the filesystem), which are
> > only SELinux and Smack.
+1
> Thanks for the clarification. I guess we have a solution: we can take a look
> at /sys/kernel/security/lsm and verify if smack/selinux are enabled.
Given that "selinux" is *not* in /sys/kernel/security/lsm when "security=selinux
selinux=0 enforcing=0" as kernel cmdline and it on "security=selinux selinux=1
enforcing=0" this is really the best solution.
Thank you both for your patience to get a reliable test!
Kind regards,
Petr
> - Andrea
More information about the ltp
mailing list