selinux: use the uucore::selinux::is_selinux_enabled() function

sylvestre · sylvestre · commit 6091d0b62bd0 · 2025-05-11T09:36:15.000+02:00
diff --git a/src/uu/id/src/id.rs b/src/uu/id/src/id.rs
@@ -138,7 +138,7 @@ pub fn uumain(args: impl uucore::Args) -> UResult<()> {
         selinux_supported: {
             #[cfg(feature = "selinux")]
             {
-                selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                uucore::selinux::is_selinux_enabled()
             }
             #[cfg(not(feature = "selinux"))]
             {
diff --git a/src/uu/ls/src/ls.rs b/src/uu/ls/src/ls.rs
@@ -1157,7 +1157,7 @@ impl Config {
             selinux_supported: {
                 #[cfg(feature = "selinux")]
                 {
-                    selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                    uucore::selinux::is_selinux_enabled()
                 }
                 #[cfg(not(feature = "selinux"))]
                 {
diff --git a/src/uu/runcon/Cargo.toml b/src/uu/runcon/Cargo.toml
@@ -19,7 +19,7 @@ path = "src/runcon.rs"
 
 [dependencies]
 clap = { workspace = true }
-uucore = { workspace = true, features = ["entries", "fs", "perms"] }
+uucore = { workspace = true, features = ["entries", "fs", "perms", "selinux"] }
 selinux = { workspace = true }
 thiserror = { workspace = true }
 libc = { workspace = true }
diff --git a/src/uu/runcon/src/runcon.rs b/src/uu/runcon/src/runcon.rs
@@ -271,7 +271,7 @@ fn set_next_exec_context(context: &OpaqueSecurityContext) -> Result<()> {
 }
 
 fn get_plain_context(context: &OsStr) -> Result<OpaqueSecurityContext> {
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 
@@ -342,7 +342,7 @@ fn get_custom_context(
     use OpaqueSecurityContext as OSC;
     type SetNewValueProc = fn(&OSC, &CStr) -> selinux::errors::Result<()>;
 
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 
diff --git a/src/uucore/src/lib/features/selinux.rs b/src/uucore/src/lib/features/selinux.rs
@@ -284,7 +284,10 @@ mod tests {
     fn test_invalid_context_string_error() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         // Pass a context string containing a null byte to trigger CString::new error
         let invalid_context = String::from("invalid\0context");
         let result = set_selinux_security_context(path, Some(&invalid_context));
@@ -322,7 +325,10 @@ mod tests {
     fn test_get_selinux_security_context() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         std::fs::write(path, b"test content").expect("Failed to write to tempfile");
 
         let result = get_selinux_security_context(path);
@@ -387,7 +393,10 @@ mod tests {
     #[test]
     fn test_get_selinux_context_nonexistent_file() {
         let path = Path::new("/nonexistent/file/that/does/not/exist");
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         let result = get_selinux_security_context(path);
 
         assert!(result.is_err());
diff --git a/tests/by-util/test_id.rs b/tests/by-util/test_id.rs
@@ -376,8 +376,7 @@ fn test_id_zero() {
 #[test]
 #[cfg(feature = "feat_selinux")]
 fn test_id_context() {
-    use selinux::{self, KernelSupport};
-    if selinux::kernel_support() == KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         println!("test skipped: Kernel has no support for SElinux context");
         return;
     }
@@ -450,12 +449,11 @@ fn test_id_no_specified_user_posixly() {
         feature = "feat_selinux"
     ))]
     {
-        use selinux::{self, KernelSupport};
-        if selinux::kernel_support() == KernelSupport::Unsupported {
-            println!("test skipped: Kernel has no support for SElinux context");
-        } else {
+        if uucore::selinux::is_selinux_enabled() {
             let result = ts.ucmd().succeeds();
             assert!(result.stdout_str().contains("context="));
+        } else {
+            println!("test skipped: Kernel has no support for SElinux context");
         }
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -138,7 +138,7 @@ pub fn uumain(args: impl uucore::Args) -> UResult<()> {`
`138`	`138`	`selinux_supported: {`
`139`	`139`	`#[cfg(feature = "selinux")]`
`140`	`140`	`{`
`141`		`- selinux::kernel_support() != selinux::KernelSupport::Unsupported`
	`141`	`+ uucore::selinux::is_selinux_enabled()`
`142`	`142`	`}`
`143`	`143`	`#[cfg(not(feature = "selinux"))]`
`144`	`144`	`{`
Original file line number	Diff line number	Diff line change
`@@ -1157,7 +1157,7 @@ impl Config {`
`1157`	`1157`	`selinux_supported: {`
`1158`	`1158`	`#[cfg(feature = "selinux")]`
`1159`	`1159`	`{`
`1160`		`- selinux::kernel_support() != selinux::KernelSupport::Unsupported`
	`1160`	`+ uucore::selinux::is_selinux_enabled()`
`1161`	`1161`	`}`
`1162`	`1162`	`#[cfg(not(feature = "selinux"))]`
`1163`	`1163`	`{`
Original file line number	Diff line number	Diff line change
`@@ -271,7 +271,7 @@ fn set_next_exec_context(context: &OpaqueSecurityContext) -> Result<()> {`
`271`	`271`	`}`
`272`	`272`
`273`	`273`	`fn get_plain_context(context: &OsStr) -> Result<OpaqueSecurityContext> {`
`274`		`- if selinux::kernel_support() == selinux::KernelSupport::Unsupported {`
	`274`	`+ if !uucore::selinux::is_selinux_enabled() {`
`275`	`275`	`return Err(Error::SELinuxNotEnabled);`
`276`	`276`	`}`
`277`	`277`
`@@ -342,7 +342,7 @@ fn get_custom_context(`
`342`	`342`	`use OpaqueSecurityContext as OSC;`
`343`	`343`	`type SetNewValueProc = fn(&OSC, &CStr) -> selinux::errors::Result<()>;`
`344`	`344`
`345`		`- if selinux::kernel_support() == selinux::KernelSupport::Unsupported {`
	`345`	`+ if !uucore::selinux::is_selinux_enabled() {`
`346`	`346`	`return Err(Error::SELinuxNotEnabled);`
`347`	`347`	`}`
`348`	`348`
Original file line number	Diff line number	Diff line change
`@@ -376,8 +376,7 @@ fn test_id_zero() {`
`376`	`376`	`#[test]`
`377`	`377`	`#[cfg(feature = "feat_selinux")]`
`378`	`378`	`fn test_id_context() {`
`379`		`- use selinux::{self, KernelSupport};`
`380`		`- if selinux::kernel_support() == KernelSupport::Unsupported {`
	`379`	`+ if !uucore::selinux::is_selinux_enabled() {`
`381`	`380`	`println!("test skipped: Kernel has no support for SElinux context");`
`382`	`381`	`return;`
`383`	`382`	`}`
`@@ -450,12 +449,11 @@ fn test_id_no_specified_user_posixly() {`
`450`	`449`	`feature = "feat_selinux"`
`451`	`450`	`))]`
`452`	`451`	`{`
`453`		`- use selinux::{self, KernelSupport};`
`454`		`- if selinux::kernel_support() == KernelSupport::Unsupported {`
`455`		`- println!("test skipped: Kernel has no support for SElinux context");`
`456`		`- } else {`
	`452`	`+ if uucore::selinux::is_selinux_enabled() {`
`457`	`453`	`let result = ts.ucmd().succeeds();`
`458`	`454`	`assert!(result.stdout_str().contains("context="));`
	`455`	`+ } else {`
	`456`	`+ println!("test skipped: Kernel has no support for SElinux context");`
`459`	`457`	`}`
`460`	`458`	`}`
`461`	`459`	`}`