On Mon, Dec 07, 2009 at 12:14:48AM -0600, Manoj Srivastava wrote: > It is not a valid response, it is an error response. As the man > page says, is_selinux_enabled returns 1 if SELinux is running or 0 if > it is not. Anything else is undefined; you certainly should not assume > that selinux is running unless the return value is 1. > > >> Should sed maybe explicitly test for a value of 1 (or > 0) instead? > > > > Is -1 meant to be an "I don't know" response? > > It is meant to be an error value. Since you can't take > corrective action, just ignore it and go on.
So if /proc is missing it's better to try to get the security context anyway or to assume there are none? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org