From 6091d0b62bd08645d566311c2d5d54f2dc1700d9 Mon Sep 17 00:00:00 2001
From: Sylvestre Ledru <sylvestre@debian.org>
Date: Sat, 10 May 2025 21:03:58 +0200
Subject: [PATCH] selinux: use the uucore::selinux::is_selinux_enabled()
 function

---
 src/uu/id/src/id.rs                    |  2 +-
 src/uu/ls/src/ls.rs                    |  2 +-
 src/uu/runcon/Cargo.toml               |  2 +-
 src/uu/runcon/src/runcon.rs            |  4 ++--
 src/uucore/src/lib/features/selinux.rs | 15 ++++++++++++---
 tests/by-util/test_id.rs               | 10 ++++------
 6 files changed, 21 insertions(+), 14 deletions(-)

diff --git a/src/uu/id/src/id.rs b/src/uu/id/src/id.rs
index 473bc3fec..5799759b0 100644
--- a/src/uu/id/src/id.rs
+++ b/src/uu/id/src/id.rs
@@ -138,7 +138,7 @@ pub fn uumain(args: impl uucore::Args) -> UResult<()> {
         selinux_supported: {
             #[cfg(feature = "selinux")]
             {
-                selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                uucore::selinux::is_selinux_enabled()
             }
             #[cfg(not(feature = "selinux"))]
             {
diff --git a/src/uu/ls/src/ls.rs b/src/uu/ls/src/ls.rs
index dcfbd3ac3..b5b1d6df2 100644
--- a/src/uu/ls/src/ls.rs
+++ b/src/uu/ls/src/ls.rs
@@ -1157,7 +1157,7 @@ impl Config {
             selinux_supported: {
                 #[cfg(feature = "selinux")]
                 {
-                    selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                    uucore::selinux::is_selinux_enabled()
                 }
                 #[cfg(not(feature = "selinux"))]
                 {
diff --git a/src/uu/runcon/Cargo.toml b/src/uu/runcon/Cargo.toml
index af11e9abb..d010a8ad8 100644
--- a/src/uu/runcon/Cargo.toml
+++ b/src/uu/runcon/Cargo.toml
@@ -19,7 +19,7 @@ path = "src/runcon.rs"
 
 [dependencies]
 clap = { workspace = true }
-uucore = { workspace = true, features = ["entries", "fs", "perms"] }
+uucore = { workspace = true, features = ["entries", "fs", "perms", "selinux"] }
 selinux = { workspace = true }
 thiserror = { workspace = true }
 libc = { workspace = true }
diff --git a/src/uu/runcon/src/runcon.rs b/src/uu/runcon/src/runcon.rs
index 82ce7da48..658aa33b2 100644
--- a/src/uu/runcon/src/runcon.rs
+++ b/src/uu/runcon/src/runcon.rs
@@ -271,7 +271,7 @@ fn set_next_exec_context(context: &OpaqueSecurityContext) -> Result<()> {
 }
 
 fn get_plain_context(context: &OsStr) -> Result<OpaqueSecurityContext> {
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 
@@ -342,7 +342,7 @@ fn get_custom_context(
     use OpaqueSecurityContext as OSC;
     type SetNewValueProc = fn(&OSC, &CStr) -> selinux::errors::Result<()>;
 
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 
diff --git a/src/uucore/src/lib/features/selinux.rs b/src/uucore/src/lib/features/selinux.rs
index 220e199b2..501cd3ffb 100644
--- a/src/uucore/src/lib/features/selinux.rs
+++ b/src/uucore/src/lib/features/selinux.rs
@@ -284,7 +284,10 @@ mod tests {
     fn test_invalid_context_string_error() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         // Pass a context string containing a null byte to trigger CString::new error
         let invalid_context = String::from("invalid\0context");
         let result = set_selinux_security_context(path, Some(&invalid_context));
@@ -322,7 +325,10 @@ mod tests {
     fn test_get_selinux_security_context() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         std::fs::write(path, b"test content").expect("Failed to write to tempfile");
 
         let result = get_selinux_security_context(path);
@@ -387,7 +393,10 @@ mod tests {
     #[test]
     fn test_get_selinux_context_nonexistent_file() {
         let path = Path::new("/nonexistent/file/that/does/not/exist");
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         let result = get_selinux_security_context(path);
 
         assert!(result.is_err());
diff --git a/tests/by-util/test_id.rs b/tests/by-util/test_id.rs
index c678a0b11..7a7d5e9a1 100644
--- a/tests/by-util/test_id.rs
+++ b/tests/by-util/test_id.rs
@@ -376,8 +376,7 @@ fn test_id_zero() {
 #[test]
 #[cfg(feature = "feat_selinux")]
 fn test_id_context() {
-    use selinux::{self, KernelSupport};
-    if selinux::kernel_support() == KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         println!("test skipped: Kernel has no support for SElinux context");
         return;
     }
@@ -450,12 +449,11 @@ fn test_id_no_specified_user_posixly() {
         feature = "feat_selinux"
     ))]
     {
-        use selinux::{self, KernelSupport};
-        if selinux::kernel_support() == KernelSupport::Unsupported {
-            println!("test skipped: Kernel has no support for SElinux context");
-        } else {
+        if uucore::selinux::is_selinux_enabled() {
             let result = ts.ucmd().succeeds();
             assert!(result.stdout_str().contains("context="));
+        } else {
+            println!("test skipped: Kernel has no support for SElinux context");
         }
     }
 }