+2007-09-05 Jim Meyering <jim@meyering.net>
+
+ Adapt to new SELinux behavior: "?" vs. new "unlabeled"
+ * src/ls.c (gobble_file): Interpret the new "unlabeled" indicator
+ from getfilecon/lgetfilecon the same way we interpret a negative
+ return value: no security context. So we don't print the "+".
+ * tests/selinux: Recognize that "unlabeled" means insufficient
+ support for SELinux, just like "?".
+
2007-09-03 Jim Meyering <jim@meyering.net>
Invoke $(AUTOCONF) manually, if needed to get an updated version string.
? getfilecon (absolute_name, &f->scontext)
: lgetfilecon (absolute_name, &f->scontext));
err = (attr_len < 0);
- file_has_security_context = (err == 0);
+ file_has_security_context =
+ (err == 0 && ! STREQ ("unlabeled", f->scontext));
/* When requesting security context information, don't make
ls fail just because the file (even a command line argument)
-# Is a test expensive?
+# Skip this test if there is insufficient SELinux support.
# Copyright (C) 2007 Free Software Foundation, Inc.
# This program is free software: you can redistribute it and/or modify
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
-test "`ls -Zd .`" = '? .' &&
- {
+case `ls -Zd .` in
+ '? .'|'unlabeled .')
echo "$0: skipping this test; this system (or maybe just" 1>&2
echo " the current file system) lacks SELinux support" 1>&2
(exit 77); exit 77
- }
+ ;;
+esac