Merge pull request #7909 from sylvestre/use-selinux-func

selinux: use the uucore::selinux::is_selinux_enabled() function

Author: cakebaker

src/uu/id/src/id.rs

@@ -138,7 +138,7 @@ pub fn uumain(args: impl uucore::Args) -> UResult<()> {
         selinux_supported: {
             #[cfg(feature = "selinux")]
             {
-                selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                uucore::selinux::is_selinux_enabled()
             }
             #[cfg(not(feature = "selinux"))]
             {

src/uu/ls/src/ls.rs

@@ -1157,7 +1157,7 @@ impl Config {
             selinux_supported: {
                 #[cfg(feature = "selinux")]
                 {
-                    selinux::kernel_support() != selinux::KernelSupport::Unsupported
+                    uucore::selinux::is_selinux_enabled()
                 }
                 #[cfg(not(feature = "selinux"))]
                 {

src/uu/runcon/Cargo.toml

@@ -19,7 +19,7 @@ path = "src/runcon.rs"
 
 [dependencies]
 clap = { workspace = true }
-uucore = { workspace = true, features = ["entries", "fs", "perms"] }
+uucore = { workspace = true, features = ["entries", "fs", "perms", "selinux"] }
 selinux = { workspace = true }
 thiserror = { workspace = true }
 libc = { workspace = true }

src/uu/runcon/src/runcon.rs

@@ -271,7 +271,7 @@ fn set_next_exec_context(context: &OpaqueSecurityContext) -> Result<()> {
 }
 
 fn get_plain_context(context: &OsStr) -> Result<OpaqueSecurityContext> {
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 
@@ -342,7 +342,7 @@ fn get_custom_context(
     use OpaqueSecurityContext as OSC;
     type SetNewValueProc = fn(&OSC, &CStr) -> selinux::errors::Result<()>;
 
-    if selinux::kernel_support() == selinux::KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         return Err(Error::SELinuxNotEnabled);
     }
 

src/uucore/src/lib/features/selinux.rs

@@ -3,6 +3,8 @@
 // For the full copyright and license information, please view the LICENSE
 // file that was distributed with this source code.
 
+//! Set of functions to manage SELinux security contexts
+
 use std::error::Error;
 use std::path::Path;
 
@@ -284,7 +286,10 @@ mod tests {
     fn test_invalid_context_string_error() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         // Pass a context string containing a null byte to trigger CString::new error
         let invalid_context = String::from("invalid\0context");
         let result = set_selinux_security_context(path, Some(&invalid_context));
@@ -322,7 +327,10 @@ mod tests {
     fn test_get_selinux_security_context() {
         let tmpfile = NamedTempFile::new().expect("Failed to create tempfile");
         let path = tmpfile.path();
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         std::fs::write(path, b"test content").expect("Failed to write to tempfile");
 
         let result = get_selinux_security_context(path);
@@ -387,7 +395,10 @@ mod tests {
     #[test]
     fn test_get_selinux_context_nonexistent_file() {
         let path = Path::new("/nonexistent/file/that/does/not/exist");
-
+        if !is_selinux_enabled() {
+            println!("test skipped: Kernel has no support for SElinux context");
+            return;
+        }
         let result = get_selinux_security_context(path);
 
         assert!(result.is_err());

tests/by-util/test_id.rs

@@ -376,8 +376,7 @@ fn test_id_zero() {
 #[test]
 #[cfg(feature = "feat_selinux")]
 fn test_id_context() {
-    use selinux::{self, KernelSupport};
-    if selinux::kernel_support() == KernelSupport::Unsupported {
+    if !uucore::selinux::is_selinux_enabled() {
         println!("test skipped: Kernel has no support for SElinux context");
         return;
     }
@@ -450,12 +449,11 @@ fn test_id_no_specified_user_posixly() {
         feature = "feat_selinux"
     ))]
     {
-        use selinux::{self, KernelSupport};
-        if selinux::kernel_support() == KernelSupport::Unsupported {
-            println!("test skipped: Kernel has no support for SElinux context");
-        } else {
+        if uucore::selinux::is_selinux_enabled() {
             let result = ts.ucmd().succeeds();
             assert!(result.stdout_str().contains("context="));
+        } else {
+            println!("test skipped: Kernel has no support for SElinux context");
         }
     }
 }