Pádraig Brady wrote:
> The attached fixes a logic inversion issue,
> and doesn't print context in file system mode
> which is confusing to me at least.
>
> There is also the argument not to print context
> in terse mode at all, as we'll have issues
> with outputting other extended attributes
> like capabilities and ACLs etc?
...
> Subject: [PATCH] stat: adjust the printing of SELinux context
>
> * src/stat.c (default_format): Don't print SELinux context
> when in file system (-f) mode, as the context is associated
> with the file, not the file system.
> Fix logic inversion, so that in terse mode, %C is included
> only when is_selinux_enabled and not vice versa.
Good catches. Thanks!
The above fixes sound fine.
...
> - if (0 < is_selinux_enabled ())
> + if (is_selinux_enabled ())
...
> - if (0 < is_selinux_enabled ())
> + if (is_selinux_enabled ())
However, the changes to the use of is_selinux_enabled look wrong,
since that function returns -1 upon failure.
That's why we test 0 < is_selinux_enabled ().
>From the man page:
DESCRIPTION
is_selinux_enabled returns 1 if SELinux is running or 0 if it is
not. On error, -1 is returned.
