mirror of
https://github.com/RGBCube/uutils-coreutils
synced 2025-07-29 12:07:46 +00:00
Merge pull request #7909 from sylvestre/use-selinux-func
selinux: use the uucore::selinux::is_selinux_enabled() function
This commit is contained in:
Daniel Hofstetter
GitHub
commit
f4b16176a0
6 changed files with 23 additions and 14 deletions
|
|
@ -138,7 +138,7 @@ pub fn uumain(args: impl uucore::Args) -> UResult<()> {
|
|||
selinux_supported: {
|
||||
#[cfg(feature = "selinux")]
|
||||
{
|
||||
selinux::kernel_support() != selinux::KernelSupport::Unsupported
|
||||
uucore::selinux::is_selinux_enabled()
|
||||
}
|
||||
#[cfg(not(feature = "selinux"))]
|
||||
{
|
||||
|
|
|
|||
|
|
@ -1157,7 +1157,7 @@ impl Config {
|
|||
selinux_supported: {
|
||||
#[cfg(feature = "selinux")]
|
||||
{
|
||||
selinux::kernel_support() != selinux::KernelSupport::Unsupported
|
||||
uucore::selinux::is_selinux_enabled()
|
||||
}
|
||||
#[cfg(not(feature = "selinux"))]
|
||||
{
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ path = "src/runcon.rs"
|
|||
|
||||
[dependencies]
|
||||
clap = { workspace = true }
|
||||
uucore = { workspace = true, features = ["entries", "fs", "perms"] }
|
||||
uucore = { workspace = true, features = ["entries", "fs", "perms", "selinux"] }
|
||||
selinux = { workspace = true }
|
||||
thiserror = { workspace = true }
|
||||
libc = { workspace = true }
|
||||
|
|
|
|||
|
|
@ -271,7 +271,7 @@ fn set_next_exec_context(context: &OpaqueSecurityContext) -> Result<()> {
|
|||
}
|
||||
|
||||
fn get_plain_context(context: &OsStr) -> Result<OpaqueSecurityContext> {
|
||||
if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
|
||||
if !uucore::selinux::is_selinux_enabled() {
|
||||
return Err(Error::SELinuxNotEnabled);
|
||||
}
|
||||
|
||||
|
|
@ -342,7 +342,7 @@ fn get_custom_context(
|
|||
use OpaqueSecurityContext as OSC;
|
||||
type SetNewValueProc = fn(&OSC, &CStr) -> selinux::errors::Result<()>;
|
||||
|
||||
if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
|
||||
if !uucore::selinux::is_selinux_enabled() {
|
||||
return Err(Error::SELinuxNotEnabled);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -3,6 +3,8 @@
|
|||
// For the full copyright and license information, please view the LICENSE
|
||||
// file that was distributed with this source code.
|
||||
|
||||
//! Set of functions to manage SELinux security contexts
|
||||
|
||||
use std::error::Error;
|
||||
use std::path::Path;
|
||||
|
||||
|
|
@ -284,7 +286,10 @@ mod tests {
|
|||
fn test_invalid_context_string_error() {
|
||||
let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
|
||||
let path = tmpfile.path();
|
||||
|
||||
if !is_selinux_enabled() {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
return;
|
||||
}
|
||||
// Pass a context string containing a null byte to trigger CString::new error
|
||||
let invalid_context = String::from("invalid\0context");
|
||||
let result = set_selinux_security_context(path, Some(&invalid_context));
|
||||
|
|
@ -322,7 +327,10 @@ mod tests {
|
|||
fn test_get_selinux_security_context() {
|
||||
let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
|
||||
let path = tmpfile.path();
|
||||
|
||||
if !is_selinux_enabled() {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
return;
|
||||
}
|
||||
std::fs::write(path, b"test content").expect("Failed to write to tempfile");
|
||||
|
||||
let result = get_selinux_security_context(path);
|
||||
|
|
@ -387,7 +395,10 @@ mod tests {
|
|||
#[test]
|
||||
fn test_get_selinux_context_nonexistent_file() {
|
||||
let path = Path::new("/nonexistent/file/that/does/not/exist");
|
||||
|
||||
if !is_selinux_enabled() {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
return;
|
||||
}
|
||||
let result = get_selinux_security_context(path);
|
||||
|
||||
assert!(result.is_err());
|
||||
|
|
|
|||
|
|
@ -376,8 +376,7 @@ fn test_id_zero() {
|
|||
#[test]
|
||||
#[cfg(feature = "feat_selinux")]
|
||||
fn test_id_context() {
|
||||
use selinux::{self, KernelSupport};
|
||||
if selinux::kernel_support() == KernelSupport::Unsupported {
|
||||
if !uucore::selinux::is_selinux_enabled() {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
return;
|
||||
}
|
||||
|
|
@ -450,12 +449,11 @@ fn test_id_no_specified_user_posixly() {
|
|||
feature = "feat_selinux"
|
||||
))]
|
||||
{
|
||||
use selinux::{self, KernelSupport};
|
||||
if selinux::kernel_support() == KernelSupport::Unsupported {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
} else {
|
||||
if uucore::selinux::is_selinux_enabled() {
|
||||
let result = ts.ucmd().succeeds();
|
||||
assert!(result.stdout_str().contains("context="));
|
||||
} else {
|
||||
println!("test skipped: Kernel has no support for SElinux context");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue