From f7539495bbfcc36bb25657c519eb0e27805d74e3 Mon Sep 17 00:00:00 2001
From: Yaakov Selkowitz <yselkowi@redhat.com>
Date: Mon, 16 Sep 2024 18:24:52 -0400
Subject: [PATCH] tests: avoid security_disable() deprecation warning
The ability to disable selinux at runtime has been removed from Linux 6.4,
and therefore the corresponding libselinux function is now deprecated:
https://github.com/SELinuxProject/selinux/commit/463584cb0592018240db4385e07ee09254ab0a48
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
---
tests/securityselinuxhelper.c | 10 ----------
tests/viridentitytest.c | 8 +++++++-
2 files changed, 7 insertions(+), 11 deletions(-)
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index c32c90c17e..be6e3f0ed8 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -209,16 +209,6 @@ int is_selinux_enabled(void)
return getenv("FAKE_SELINUX_DISABLED") == NULL;
}
-int security_disable(void)
-{
- if (!is_selinux_enabled()) {
- errno = ENOENT;
- return -1;
- }
-
- return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1;
-}
-
int security_getenforce(void)
{
if (!is_selinux_enabled()) {
diff --git a/tests/viridentitytest.c b/tests/viridentitytest.c
index 74e3a03619..bb9ace72c5 100644
--- a/tests/viridentitytest.c
+++ b/tests/viridentitytest.c
@@ -134,7 +134,13 @@ static int testSetFakeSELinuxContext(const void *data G_GNUC_UNUSED)
static int testDisableFakeSELinux(const void *data G_GNUC_UNUSED)
{
#if WITH_SELINUX
- return security_disable();
+ /* security_disable is deprecated */
+ if (!is_selinux_enabled()) {
+ errno = ENOENT;
+ return -1;
+ }
+
+ return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1;
#else
VIR_DEBUG("libvirt not compiled with SELinux, skipping this test");
return EXIT_AM_SKIP;
--
2.46.1