Hi!
Reviewed-by: Andrea Cervesato <[email protected]>
On 2/17/25 14:08, Petr Vorel wrote:
Some SLES15 versions create /selinux directory which fails the detection
if SELinux is actually not enabled. Therefore detect if directory
actually contains the 'enforce' file.
Also drop /selinux directory detection and detect only /sys/fs/selinux,
/sys/fs/selinux mount point was added in kernel 3.0 in commit
7a627e3b9a2b ("SELINUX: add /sys/fs/selinux mount point to put selinuxfs")
14 years is enough, kernel 3.0 is not even supported in current LTP and
we don't even support /selinux in C API (tst_security.c).
Fixes: e7b804df65 ("shell: Add tst_security.sh helper")
Signed-off-by: Petr Vorel <[email protected]>
---
testcases/lib/tst_security.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/testcases/lib/tst_security.sh b/testcases/lib/tst_security.sh
index 05640234ea..356c28fc73 100644
--- a/testcases/lib/tst_security.sh
+++ b/testcases/lib/tst_security.sh
@@ -127,8 +127,7 @@ tst_get_selinux_dir()
{
local dir="/sys/fs/selinux"
- [ -d "$dir" ] || dir="/selinux"
- [ -d "$dir" ] && echo "$dir"
+ [ -f "$dir/enforce" ] && echo "$dir"
}
# Get SELinux enforce file path
