I've just pushed a few change sets.
These two avoid failures that you'd see only when running "make check"
as root. The second is even less likely in that to trigger the failure
you'd have to be running "make check" as root on a system with SELinux
in enforcing mode, but with mcstransd deactivated.
>From 504fa74e243cd258b649b3a436cf14b6d91faf91 Mon Sep 17 00:00:00 2001
From: Jim Meyering <[EMAIL PROTECTED]>
Date: Tue, 1 Apr 2008 16:13:02 +0200
Subject: [PATCH] root tests: Set NON_ROOT_USERNAME if not set already.
* tests/test-lib.sh (require_root_): This avoids failure of a
couple of root-only tests that require a value for that envvar.
Signed-off-by: Jim Meyering <[EMAIL PROTECTED]>
---
tests/test-lib.sh | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/tests/test-lib.sh b/tests/test-lib.sh
index 078afca..9e04cfa 100644
--- a/tests/test-lib.sh
+++ b/tests/test-lib.sh
@@ -115,7 +115,12 @@ environment variable set to yes. E.g.,
fi
}
-require_root_() { uid_is_privileged_ || skip_test_ "must be run as root"; }
+require_root_()
+{
+ uid_is_privileged_ || skip_test_ "must be run as root"
+ NON_ROOT_USERNAME=${NON_ROOT_USERNAME=nobody}
+}
+
skip_if_root_() { uid_is_privileged_ && skip_test_ "must be run as non-root"; }
error_() { echo "$0: $@" 1>&2; (exit 1); exit 1; }
framework_failure() { error_ 'failure in testing framework'; }
--
1.5.5.rc2.7.g0b2fe
>From 6e177448b9e204d384b8e12a38b386f3c53aa33e Mon Sep 17 00:00:00 2001
From: Jim Meyering <[EMAIL PROTECTED]>
Date: Tue, 1 Apr 2008 16:34:08 +0200
Subject: [PATCH] Avoid root-only SELinux-related test failures w/o mcstransd.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
When mcstransd is not running (i.e., after service mcstrans stop),
"make check" as root would provoke two test failures.
* tests/cp/cp-a-selinux: Use the context, root:object_r:tmp_t:s0,
that works both with and without mcstransd.
Thanks to Eric Paris for the tip and to Ondřej Vašík for alerting
me to the problem.
Reported by Robert Scheck in <http://bugzilla.redhat.com/436717>.
Signed-off-by: Jim Meyering <[EMAIL PROTECTED]>
---
tests/cp/cp-a-selinux | 9 ++++++---
tests/misc/chcon | 22 ++++++++++++----------
2 files changed, 18 insertions(+), 13 deletions(-)
diff --git a/tests/cp/cp-a-selinux b/tests/cp/cp-a-selinux
index 33b4c22..6789457 100755
--- a/tests/cp/cp-a-selinux
+++ b/tests/cp/cp-a-selinux
@@ -2,7 +2,7 @@
# Ensure that cp -a and cp --preserve=context work properly.
# In particular, test on a writable NFS partition.
-# Copyright (C) 2007 Free Software Foundation, Inc.
+# Copyright (C) 2007-2008 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -35,8 +35,11 @@ dd if=/dev/zero of=blob bs=8192 count=200 > /dev/null 2>&1 \
|| framework_failure
mkdir mnt || framework_failure
mkfs -t ext2 -F blob > /dev/null 2>&1 || framework_failure
-mount -oloop,context=system_u:object_r:removable_t blob mnt \
- || framework_failure
+
+# This context is special: it works even when mcstransd isn't running.
+ctx=root:object_r:tmp_t:s0
+
+mount -oloop,context=$ctx blob mnt || framework_failure
cd mnt || framework_failure
echo > f || framework_failure
diff --git a/tests/misc/chcon b/tests/misc/chcon
index 9be450f..d4a9d31 100755
--- a/tests/misc/chcon
+++ b/tests/misc/chcon
@@ -17,10 +17,13 @@ touch f g d/sub/1 d/sub/2 || framework_failure
fail=0
# Set to a specified context.
+# Use root:object_r:tmp_t:s0. It is special in that
+# it works even when mcstransd isn't running.
u1=root
r1=object_r
t1=tmp_t
-ctx=$u1:$r1:$t1
+range=s0
+ctx=$u1:$r1:$t1:$range
chcon $ctx f || fail=1
stat --printf='f|%C\n' f > out || fail=1
@@ -32,8 +35,7 @@ stat --printf='g|%C\n' g >> out || fail=1
u2=user_u
r2=object_r
t2=file_t
-l2=SystemLow-SystemHigh
-for i in --user=$u2 --role=$r2 --type=$t2 --range=$l2; do
+for i in --user=$u2 --role=$r2 --type=$t2 --range=$range; do
chcon $i f || fail=1
stat --printf="f|$i|"'%C\n' f >> out || fail=1
done
@@ -47,13 +49,13 @@ done
cat <<EOF > exp || fail=1
f|$ctx
g|$ctx
-f|--user=$u2|$u2:$r1:$t1
-f|--role=$r2|$u2:$r2:$t1
-f|--type=$t2|$u2:$r2:$t2
-f|--range=$l2|$u2:$r2:$t2:$l2
-f|-uroot|root:object_r:file_t:SystemLow-SystemHigh
-f|-robject_r|root:object_r:file_t:SystemLow-SystemHigh
-f|-ttmp_t|root:object_r:tmp_t:SystemLow-SystemHigh
+f|--user=$u2|$u2:$r1:$t1:$range
+f|--role=$r2|$u2:$r2:$t1:$range
+f|--type=$t2|$u2:$r2:$t2:$range
+f|--range=$range|$u2:$r2:$t2:$range
+f|-uroot|root:object_r:file_t:$range
+f|-robject_r|root:object_r:file_t:$range
+f|-ttmp_t|root:object_r:tmp_t:$range
EOF
compare out exp || fail=1
--
1.5.5.rc2.7.g0b2fe
_______________________________________________
Bug-coreutils mailing list
Bug-coreutils@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-coreutils
