tests: avoid false failure with --disable-selinux

* tests/ls/selinux-segfault.sh: Move recent addition to ... * tests/ls/selinux.sh: ... this new test that uses require_selinux_ to skip appropriately when we've built without selinux support. Also add a non root test that checks we output '.' along with the mode for files, to indicate a security context is present. * tests/local.mk (Reference the new test).
2025-09-10 07:59:52 +02:00 · 2024-11-11 19:54:18 +00:00
parent 00c45be787
commit 8f4fce1751
3 changed files with 41 additions and 15 deletions
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -647,6 +647,7 @@ all_tests =					\
  tests/ls/removed-directory.sh			\
  tests/ls/root-rel-symlink-color.sh		\
  tests/ls/rt-1.sh				\
+  tests/ls/selinux.sh				\
  tests/ls/slink-acl.sh				\
  tests/ls/stat-dtype.sh			\
  tests/ls/stat-failed.sh			\
--- a/tests/ls/selinux-segfault.sh
+++ b/tests/ls/selinux-segfault.sh
@@ -30,19 +30,4 @@ mkdir sedir || framework_failure_
 ln -sf missing sedir/broken || framework_failure_
 returns_ 1 ls -L -R -Z -m sedir > out || fail=1

-nl='
-'
-if sestatus=$(LC_ALL=C sestatus); then
-  sestatus_line_1=${sestatus%%$nl*}
-  case $sestatus_line_1 in
-    'SELinux status:'*' enabled')
-      ls_output=$(LC_ALL=C ls -lnZ sedir/broken) || fail=1
-      set x $ls_output
-      case $6 in
-        *:*:*:*) ;;
-        *) fail=1;
-      esac
-  esac
-fi
-
 Exit $fail
--- a/tests/ls/selinux.sh
+++ b/tests/ls/selinux.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+# Test selinux output
+
+# Copyright (C) 2024 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ ls
+require_selinux_
+
+touch f || framework_failure_
+case $(stat --printf='%C' f) in
+  *:*:*:*) ;;
+  *) skip_ 'unable to match default security context';;
+esac
+
+# ensure that ls -l output includes the "."
+test "$(ls -l f|cut -c11)" = . || fail=1
+
+# ensure that ls -lZ output includes context
+ls_output=$(LC_ALL=C ls -lnZ f) || fail=1
+set x $ls_output
+case $6 in
+  *:*:*:*) ;;
+  *) fail=1 ;;
+esac
+
+Exit $fail