RHEL7.3 backported the support for bounded transitions under
NO_NEW_PRIVS. Since the kernel version comparison is against
the upstream kernel version that first included this support,
the test was failing on RHEL7. Adjust the logic so that we do
not treat it as an error if earlier kernels correctly return
success (i.e. they contain the back-ported patch).
Signed-off-by: Stephen Smalley <s...@tycho.nsa.gov>
---
tests/nnp/execnnp.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/tests/nnp/execnnp.c b/tests/nnp/execnnp.c
index 8421df4..d8f1986 100644
--- a/tests/nnp/execnnp.c
+++ b/tests/nnp/execnnp.c
@@ -48,9 +48,7 @@ int main(int argc, char **argv)
pid = wait(&status);
if (WIFEXITED(status)) {
- if (nobounded) {
- if (!WEXITSTATUS(status))
- exit(-1);
+ if (WEXITSTATUS(status) && nobounded) {
printf("%s: Kernels < v3.18 do not support bounded
transitions under NNP.\n",
argv[0]);
/* pass the test */
--
2.7.4
_______________________________________________
Selinux mailing list
Selinux@tycho.nsa.gov
To unsubscribe, send email to selinux-le...@tycho.nsa.gov.
To get help, send an email containing "help" to selinux-requ...@tycho.nsa.gov.
