[PATCH] securityselinuxhelper: Fix retval of setcon_raw() and security_disable()

Ján Tomko jtomko at jtomko.net
Mon May 10 11:06:16 UTC 2021

On a Monday in 2021, Michal Privoznik wrote:
>The securityselinuxhelper is a mock that's replacing libselinux
>APIs with our own implementation to achieve deterministic
>results. Our implementation uses env vars (among other things) to
>hold internal state. For instance, "FAKE_SELINUX_CONTEXT" and
>"FAKE_SELINUX_DISABLED" variables are used. However, as we were
>switching from setenv() to g_setenv() we also changed the set of
>possible retvals from setcon_raw() and security_disable().
>Previously, the retval of setenv() was used directly which
>returns 0 on success and -1 on error. But g_setenv() has
>different retval semantics: it returns 1 on success and 0 on
>This discrepancy can be observed by running viridentitytest where
>case #2 reports an error ("!") - because setcon_raw() returns 1.
>Signed-off-by: Michal Privoznik <mprivozn at redhat.com>
> tests/securityselinuxhelper.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Ján Tomko <jtomko at redhat.com>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20210510/2a7fd910/attachment-0001.sig>

More information about the libvir-list mailing list