tests: skip tests upon failure to set SELinux context

On some setups the root:object_r:tmp_t context is invalid.
This does indicate a limitation in the test framework,
but for now we'll relax this to skipping the tests.
The tests still run on a Fedora 25 system for example.

* tests/cp/cp-a-selinux.sh: Upon chcon error, skip rather than ERROR.
* tests/install/install-Z-selinux.sh: Likewise.
* tests/misc/chcon.sh: Likewise.
* tests/misc/runcon-no-reorder.sh: Likewise.
* tests/misc/selinux.sh: Likewise.
* tests/mkdir/restorecon.sh: Likewise.

diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
index de0740656f9536cb02b5e158bdfd8f041f96ff1e..5db1f5b5700602d1d391efede786ecace7a0eed4 100755 (executable)
--- a/tests/cp/cp-a-selinux.sh
+++ b/tests/cp/cp-a-selinux.sh
@@ -33,7 +33,7 @@ mls_enabled_ && ctx="$ctx:s0"
 
 # Check basic functionality - before check on fixed context mount
 touch c || framework_failure_
-chcon $ctx c || framework_failure_
+chcon $ctx c || skip "Failed to set context: $ctx"
 cp -a c d 2>err || framework_failure_
 cp --preserve=context c e || framework_failure_
 cp --preserve=all c f || framework_failure_

diff --git a/tests/install/install-Z-selinux.sh b/tests/install/install-Z-selinux.sh
index ad2e1cd5c78d26832d3766dd5ad86bfbc515020a..e3d20485e7ffb3aae82ec2e145827ae9f0098cb5 100755 (executable)
--- a/tests/install/install-Z-selinux.sh
+++ b/tests/install/install-Z-selinux.sh
@@ -24,7 +24,7 @@ require_selinux_
 mkdir subdir || framework_failure_
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
 cd subdir
 
 # Since in a tmp_t dir, dirs can be created as user_tmp_t ...

diff --git a/tests/misc/chcon.sh b/tests/misc/chcon.sh
index 13a72a04e265bccdbf155759733996112aa0703e..55fcc6303c290e9ca56f8b8eb25911c3bd1a00bc 100755 (executable)
--- a/tests/misc/chcon.sh
+++ b/tests/misc/chcon.sh
@@ -35,7 +35,7 @@ r1=object_r
 t1=tmp_t
 range=s0
 ctx=$u1:$r1:$t1:$range
-chcon $ctx f || fail=1
+chcon $ctx f || skip "Failed to set context: $ctx"
 stat --printf='f|%C\n' f > out || fail=1
 
 # Use --reference.

diff --git a/tests/misc/runcon-no-reorder.sh b/tests/misc/runcon-no-reorder.sh
index 370771b96c494767c7a13ee8b82f4639e51a0e77..f905cfcdf3816c79995ad6c4ad8382b0dd63e42d 100755 (executable)
--- a/tests/misc/runcon-no-reorder.sh
+++ b/tests/misc/runcon-no-reorder.sh
@@ -30,7 +30,7 @@ echo "$diag" > exp || framework_failure_
 runcon $(id -Z) true -j 2> out && > exp
 
 # When run on a system with no /selinux/context (i.e., in a chroot),
-# it chcon fails with this: "runcon: invalid context: \
+# it fails with this: "runcon: invalid context: \
 # root:system_r:unconfined_t:s0-s0:c0.c1023: No such file or directory"
 # That diagnostic is ok, too, so map it to the more common one.
 case $(cat out) in

diff --git a/tests/misc/selinux.sh b/tests/misc/selinux.sh
index ee1217a5228f25493a5e51b5d0677105df94659c..bc6da96521ec467761760d6a42f48082e6320921 100755 (executable)
--- a/tests/misc/selinux.sh
+++ b/tests/misc/selinux.sh
@@ -33,8 +33,7 @@ mkfifo_or_skip_ p
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
 
-chcon $ctx f d p ||
-  skip_ '"chcon '$ctx' ..." failed'
+chcon $ctx f d p || skip "Failed to set context: $ctx"
 
 # inspect that context with both ls -Z and stat.
 for i in d f p; do

diff --git a/tests/mkdir/restorecon.sh b/tests/mkdir/restorecon.sh
index fa74b33dc3f8b745b150fba03fb2c872adba9eee..e117ed9ca636c3546d774b149167d1ed451cd964 100755 (executable)
--- a/tests/mkdir/restorecon.sh
+++ b/tests/mkdir/restorecon.sh
@@ -23,7 +23,7 @@ require_selinux_
 mkdir subdir || framework_failure_
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
 cd subdir
 
 # --- mkdir -Z ---