diff mbox

[1/1] sandbox: make test not fail on systems without SELinux

Message ID 20161117212006.20697-1-nicolas.iooss@m4x.org (mailing list archive)
State Not Applicable
Headers show

Commit Message

Nicolas Iooss Nov. 17, 2016, 9:20 p.m. UTC 
On systems without SELinux (eg. some continuous integration
environments), "make test" fails with:

    Traceback (most recent call last):
      File "test_sandbox.py", line 110, in <module>
        if selinux.security_getenforce() == 1:
    FileNotFoundError: [Errno 2] No such file or directory

This is exception is thrown because the selinuxfs file system is not
mounted.

Detect such configurations using selinux.is_selinux_enabled() and skip
the test when SELinux is disabled accordingly.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 sandbox/test_sandbox.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Stephen Smalley Nov. 17, 2016, 9:45 p.m. UTC | #1 
On 11/17/2016 04:20 PM, Nicolas Iooss wrote:
> On systems without SELinux (eg. some continuous integration
> environments), "make test" fails with:
> 
>     Traceback (most recent call last):
>       File "test_sandbox.py", line 110, in <module>
>         if selinux.security_getenforce() == 1:
>     FileNotFoundError: [Errno 2] No such file or directory
> 
> This is exception is thrown because the selinuxfs file system is not
> mounted.
> 
> Detect such configurations using selinux.is_selinux_enabled() and skip
> the test when SELinux is disabled accordingly.
> 
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

Thanks, applied

> ---
>  sandbox/test_sandbox.py | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/sandbox/test_sandbox.py b/sandbox/test_sandbox.py
> index bcecf66ee257..ba849a08141d 100644
> --- a/sandbox/test_sandbox.py
> +++ b/sandbox/test_sandbox.py
> @@ -107,7 +107,7 @@ class SandboxTests(unittest.TestCase):
>  
>  if __name__ == "__main__":
>      import selinux
> -    if selinux.security_getenforce() == 1:
> +    if selinux.is_selinux_enabled() and selinux.security_getenforce() == 1:
>          unittest.main()
>      else:
>          print("SELinux must be in enforcing mode for this test")
>
diff mbox

Patch

diff --git a/sandbox/test_sandbox.py b/sandbox/test_sandbox.py
index bcecf66ee257..ba849a08141d 100644
--- a/sandbox/test_sandbox.py
+++ b/sandbox/test_sandbox.py
@@ -107,7 +107,7 @@  class SandboxTests(unittest.TestCase):
 
 if __name__ == "__main__":
     import selinux
-    if selinux.security_getenforce() == 1:
+    if selinux.is_selinux_enabled() and selinux.security_getenforce() == 1:
         unittest.main()
     else:
         print("SELinux must be in enforcing mode for this test")