[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] tests: skip tests upon failure to set SELinux context
From: |
Pádraig Brady |
Subject: |
[PATCH] tests: skip tests upon failure to set SELinux context |
Date: |
Wed, 30 Aug 2017 17:21:30 -0700 |
On some setups the root:object_r:tmp_t context is invalid.
This does indicate a limitation in the test framework,
but for now we'll relax this to skipping the tests.
The tests still run on a Fedora 25 system for example.
* tests/cp/cp-a-selinux.sh: Upon chcon error, skip rather than ERROR.
* tests/install/install-Z-selinux.sh: Likewise.
* tests/misc/chcon.sh: Likewise.
* tests/misc/runcon-no-reorder.sh: Likewise.
* tests/misc/selinux.sh: Likewise.
* tests/mkdir/restorecon.sh: Likewise.
---
tests/cp/cp-a-selinux.sh | 2 +-
tests/install/install-Z-selinux.sh | 2 +-
tests/misc/chcon.sh | 2 +-
tests/misc/runcon-no-reorder.sh | 2 +-
tests/misc/selinux.sh | 3 +--
tests/mkdir/restorecon.sh | 2 +-
6 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
index de07406..5db1f5b 100755
--- a/tests/cp/cp-a-selinux.sh
+++ b/tests/cp/cp-a-selinux.sh
@@ -33,7 +33,7 @@ mls_enabled_ && ctx="$ctx:s0"
# Check basic functionality - before check on fixed context mount
touch c || framework_failure_
-chcon $ctx c || framework_failure_
+chcon $ctx c || skip "Failed to set context: $ctx"
cp -a c d 2>err || framework_failure_
cp --preserve=context c e || framework_failure_
cp --preserve=all c f || framework_failure_
diff --git a/tests/install/install-Z-selinux.sh
b/tests/install/install-Z-selinux.sh
index ad2e1cd..e3d2048 100755
--- a/tests/install/install-Z-selinux.sh
+++ b/tests/install/install-Z-selinux.sh
@@ -24,7 +24,7 @@ require_selinux_
mkdir subdir || framework_failure_
ctx='root:object_r:tmp_t'
mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
cd subdir
# Since in a tmp_t dir, dirs can be created as user_tmp_t ...
diff --git a/tests/misc/chcon.sh b/tests/misc/chcon.sh
index 13a72a0..55fcc63 100755
--- a/tests/misc/chcon.sh
+++ b/tests/misc/chcon.sh
@@ -35,7 +35,7 @@ r1=object_r
t1=tmp_t
range=s0
ctx=$u1:$r1:$t1:$range
-chcon $ctx f || fail=1
+chcon $ctx f || skip "Failed to set context: $ctx"
stat --printf='f|%C\n' f > out || fail=1
# Use --reference.
diff --git a/tests/misc/runcon-no-reorder.sh b/tests/misc/runcon-no-reorder.sh
index 370771b..f905cfc 100755
--- a/tests/misc/runcon-no-reorder.sh
+++ b/tests/misc/runcon-no-reorder.sh
@@ -30,7 +30,7 @@ echo "$diag" > exp || framework_failure_
runcon $(id -Z) true -j 2> out && > exp
# When run on a system with no /selinux/context (i.e., in a chroot),
-# it chcon fails with this: "runcon: invalid context: \
+# it fails with this: "runcon: invalid context: \
# root:system_r:unconfined_t:s0-s0:c0.c1023: No such file or directory"
# That diagnostic is ok, too, so map it to the more common one.
case $(cat out) in
diff --git a/tests/misc/selinux.sh b/tests/misc/selinux.sh
index ee1217a..bc6da96 100755
--- a/tests/misc/selinux.sh
+++ b/tests/misc/selinux.sh
@@ -33,8 +33,7 @@ mkfifo_or_skip_ p
ctx='root:object_r:tmp_t'
mls_enabled_ && ctx="$ctx:s0"
-chcon $ctx f d p ||
- skip_ '"chcon '$ctx' ..." failed'
+chcon $ctx f d p || skip "Failed to set context: $ctx"
# inspect that context with both ls -Z and stat.
for i in d f p; do
diff --git a/tests/mkdir/restorecon.sh b/tests/mkdir/restorecon.sh
index fa74b33..e117ed9 100755
--- a/tests/mkdir/restorecon.sh
+++ b/tests/mkdir/restorecon.sh
@@ -23,7 +23,7 @@ require_selinux_
mkdir subdir || framework_failure_
ctx='root:object_r:tmp_t'
mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
cd subdir
# --- mkdir -Z ---
--
2.9.3
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [PATCH] tests: skip tests upon failure to set SELinux context,
Pádraig Brady <=