The securityselinuxhelper is a mock that's replacing libselinux
APIs with our own implementation to achieve deterministic
results. Our implementation uses env vars (among other things) to
hold internal state. For instance, "FAKE_SELINUX_CONTEXT" and
"FAKE_SELINUX_DISABLED" variables are used. However, as we were
switching from setenv() to g_setenv() we also changed the set of
possible retvals from setcon_raw() and security_disable().
Previously, the retval of setenv() was used directly which
returns 0 on success and -1 on error. But g_setenv() has
different retval semantics: it returns 1 on success and 0 on
error.
This discrepancy can be observed by running viridentitytest where
case #2 reports an error ("!") - because setcon_raw() returns 1.
Signed-off-by: Michal Privoznik <mprivozn@xxxxxxxxxx>
---
tests/securityselinuxhelper.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c
index b308ef5095..c3d6505ef2 100644
--- a/tests/securityselinuxhelper.c
+++ b/tests/securityselinuxhelper.c
@@ -140,7 +140,7 @@ int setcon_raw(const char *context)
errno = EINVAL;
return -1;
}
- return g_setenv("FAKE_SELINUX_CONTEXT", context, TRUE);
+ return g_setenv("FAKE_SELINUX_CONTEXT", context, TRUE) == TRUE ? 0 : -1;
}
int setcon(const char *context)
@@ -219,7 +219,7 @@ int security_disable(void)
return -1;
}
- return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE);
+ return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1;
}
int security_getenforce(void)
--
2.26.3
