|
Yaakov Selkowitz |
985ee7 |
From f7539495bbfcc36bb25657c519eb0e27805d74e3 Mon Sep 17 00:00:00 2001
|
|
Yaakov Selkowitz |
985ee7 |
From: Yaakov Selkowitz <yselkowi@redhat.com>
|
|
Yaakov Selkowitz |
985ee7 |
Date: Mon, 16 Sep 2024 18:24:52 -0400
|
|
Yaakov Selkowitz |
985ee7 |
Subject: [PATCH] tests: avoid security_disable() deprecation warning
|
|
Yaakov Selkowitz |
985ee7 |
|
|
Yaakov Selkowitz |
985ee7 |
The ability to disable selinux at runtime has been removed from Linux 6.4,
|
|
Yaakov Selkowitz |
985ee7 |
and therefore the corresponding libselinux function is now deprecated:
|
|
Yaakov Selkowitz |
985ee7 |
|
|
Yaakov Selkowitz |
985ee7 |
https://github.com/SELinuxProject/selinux/commit/463584cb0592018240db4385e07ee09254ab0a48
|
|
Yaakov Selkowitz |
985ee7 |
|
|
Yaakov Selkowitz |
985ee7 |
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
|
|
Yaakov Selkowitz |
985ee7 |
---
|
|
Yaakov Selkowitz |
985ee7 |
tests/securityselinuxhelper.c | 10 ----------
|
|
Yaakov Selkowitz |
985ee7 |
tests/viridentitytest.c | 8 +++++++-
|
|
Yaakov Selkowitz |
985ee7 |
2 files changed, 7 insertions(+), 11 deletions(-)
|
|
Yaakov Selkowitz |
985ee7 |
|
|
Yaakov Selkowitz |
985ee7 |
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
|
|
Yaakov Selkowitz |
985ee7 |
index c32c90c17e..be6e3f0ed8 100644
|
|
Yaakov Selkowitz |
985ee7 |
--- a/tests/securityselinuxhelper.c
|
|
Yaakov Selkowitz |
985ee7 |
+++ b/tests/securityselinuxhelper.c
|
|
Yaakov Selkowitz |
985ee7 |
@@ -209,16 +209,6 @@ int is_selinux_enabled(void)
|
|
Yaakov Selkowitz |
985ee7 |
return getenv("FAKE_SELINUX_DISABLED") == NULL;
|
|
Yaakov Selkowitz |
985ee7 |
}
|
|
Yaakov Selkowitz |
985ee7 |
|
|
Yaakov Selkowitz |
985ee7 |
-int security_disable(void)
|
|
Yaakov Selkowitz |
985ee7 |
-{
|
|
Yaakov Selkowitz |
985ee7 |
- if (!is_selinux_enabled()) {
|
|
Yaakov Selkowitz |
985ee7 |
- errno = ENOENT;
|
|
Yaakov Selkowitz |
985ee7 |
- return -1;
|
|
Yaakov Selkowitz |
985ee7 |
- }
|
|
Yaakov Selkowitz |
985ee7 |
-
|
|
Yaakov Selkowitz |
985ee7 |
- return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1;
|
|
Yaakov Selkowitz |
985ee7 |
-}
|
|
Yaakov Selkowitz |
985ee7 |
-
|
|
Yaakov Selkowitz |
985ee7 |
int security_getenforce(void)
|
|
Yaakov Selkowitz |
985ee7 |
{
|
|
Yaakov Selkowitz |
985ee7 |
if (!is_selinux_enabled()) {
|
|
Yaakov Selkowitz |
985ee7 |
diff --git a/tests/viridentitytest.c b/tests/viridentitytest.c
|
|
Yaakov Selkowitz |
985ee7 |
index 74e3a03619..bb9ace72c5 100644
|
|
Yaakov Selkowitz |
985ee7 |
--- a/tests/viridentitytest.c
|
|
Yaakov Selkowitz |
985ee7 |
+++ b/tests/viridentitytest.c
|
|
Yaakov Selkowitz |
985ee7 |
@@ -134,7 +134,13 @@ static int testSetFakeSELinuxContext(const void *data G_GNUC_UNUSED)
|
|
Yaakov Selkowitz |
985ee7 |
static int testDisableFakeSELinux(const void *data G_GNUC_UNUSED)
|
|
Yaakov Selkowitz |
985ee7 |
{
|
|
Yaakov Selkowitz |
985ee7 |
#if WITH_SELINUX
|
|
Yaakov Selkowitz |
985ee7 |
- return security_disable();
|
|
Yaakov Selkowitz |
985ee7 |
+ /* security_disable is deprecated */
|
|
Yaakov Selkowitz |
985ee7 |
+ if (!is_selinux_enabled()) {
|
|
Yaakov Selkowitz |
985ee7 |
+ errno = ENOENT;
|
|
Yaakov Selkowitz |
985ee7 |
+ return -1;
|
|
Yaakov Selkowitz |
985ee7 |
+ }
|
|
Yaakov Selkowitz |
985ee7 |
+
|
|
Yaakov Selkowitz |
985ee7 |
+ return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1;
|
|
Yaakov Selkowitz |
985ee7 |
#else
|
|
Yaakov Selkowitz |
985ee7 |
VIR_DEBUG("libvirt not compiled with SELinux, skipping this test");
|
|
Yaakov Selkowitz |
985ee7 |
return EXIT_AM_SKIP;
|
|
Yaakov Selkowitz |
985ee7 |
--
|
|
Yaakov Selkowitz |
985ee7 |
2.46.1
|
|
Yaakov Selkowitz |
985ee7 |
|