unofficial mirror of bug-gnu-emacs@gnu.org 
 help / color / mirror / code / Atom feed
* bug#29287: tramp-test25-file-selinux fails
@ 2017-11-13 19:30 Glenn Morris
  2017-11-13 20:09 ` Glenn Morris
  0 siblings, 1 reply; 5+ messages in thread
From: Glenn Morris @ 2017-11-13 19:30 UTC (permalink / raw)
  To: 29287; +Cc: michael.albinus

Package: emacs
Version: 26.0.90

tramp-test25-file-selinux fails on RHEL7.4 with SELinux enabled.
Reporting as requested in the comment in the source file. :)

Test tramp-test25-file-selinux backtrace:
  signal(ert-test-failed (((should-not (equal (file-selinux-context tm
  ert-fail(((should-not (equal (file-selinux-context tmp-name1) (file-
  (if (not (unwind-protect (setq value-4340 (apply fn-4338 args-4339))
  (let (form-description-4342) (if (not (unwind-protect (setq value-43
  (let ((value-4340 'ert-form-evaluation-aborted-4341)) (let (form-des
  (let* ((fn-4338 (function equal)) (args-4339 (condition-case err (le
  (progn (write-region "foo" nil tmp-name1) (let* ((fn-4318 (function 
  (unwind-protect (progn (write-region "foo" nil tmp-name1) (let* ((fn
  (let ((tmp-name1 (tramp--test-make-temp-name nil quoted)) (tmp-name2
  (let (quoted) (let ((tmp-name1 (tramp--test-make-temp-name nil quote
  (closure (t) nil (let* ((fn-4308 (function tramp--test-enabled)) (ar
  ert--run-test-internal(#s(ert--test-execution-info :test #s(ert-test
  ert-run-test(#s(ert-test :name tramp-test25-file-selinux :documentat
  ert-run-or-rerun-test(#s(ert--stats :selector (not (tag :expensive-t
  ert-run-tests((not (tag :expensive-test)) #f(compiled-function (even
  ert-run-tests-batch((not (tag :expensive-test)))
  ert-run-tests-batch-and-exit((not (tag :expensive-test)))
  eval((ert-run-tests-batch-and-exit '(not (tag :expensive-test))))
  command-line-1(("-L" ":." "-l" "ert" "-l" "lisp/net/tramp-tests.el" 
  command-line()
  normal-top-level()
Test tramp-test25-file-selinux condition:
    (ert-test-failed
     ((should-not
       (equal
	(file-selinux-context tmp-name1)
	(file-selinux-context tmp-name2)))
      :form
      (equal
       ("unconfined_u" "object_r" "user_tmp_t" "s0")
       ("unconfined_u" "object_r" "user_tmp_t" "s0"))
      :value t :explanation nil))
   FAILED  29/41  tramp-test25-file-selinux





^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#29287: tramp-test25-file-selinux fails
  2017-11-13 19:30 bug#29287: tramp-test25-file-selinux fails Glenn Morris
@ 2017-11-13 20:09 ` Glenn Morris
  2017-11-13 20:11   ` Glenn Morris
  2017-11-14  9:25   ` Michael Albinus
  0 siblings, 2 replies; 5+ messages in thread
From: Glenn Morris @ 2017-11-13 20:09 UTC (permalink / raw)
  To: 29287; +Cc: michael.albinus


PS I think the flaw is in this bit:

  ;; Different permissions mean different SELINUX context.
  (set-file-modes tmp-name1 #o777)
  (set-file-modes tmp-name2 #o444)

No, they don't. File modes and SELinux context are separate.

Perhaps you could use something (file-selinux-context "/") for a value
that is guaranteed to exist and be different from a temp file.
Though I don't know if users can always set a random file's context to
root_t (it works here).





^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#29287: tramp-test25-file-selinux fails
  2017-11-13 20:09 ` Glenn Morris
@ 2017-11-13 20:11   ` Glenn Morris
  2017-11-14  9:25   ` Michael Albinus
  1 sibling, 0 replies; 5+ messages in thread
From: Glenn Morris @ 2017-11-13 20:11 UTC (permalink / raw)
  To: 29287; +Cc: michael.albinus


PPS Nitpick: it's "SELinux", not "SELINUX".





^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#29287: tramp-test25-file-selinux fails
  2017-11-13 20:09 ` Glenn Morris
  2017-11-13 20:11   ` Glenn Morris
@ 2017-11-14  9:25   ` Michael Albinus
  2017-11-14 17:21     ` Glenn Morris
  1 sibling, 1 reply; 5+ messages in thread
From: Michael Albinus @ 2017-11-14  9:25 UTC (permalink / raw)
  To: Glenn Morris; +Cc: 29287

Glenn Morris <rgm@gnu.org> writes:

> Perhaps you could use something (file-selinux-context "/") for a value
> that is guaranteed to exist and be different from a temp file.
> Though I don't know if users can always set a random file's context to
> root_t (it works here).

I've used another approach, hoping it is generic enough.

Could you, pls, check whether my patch (committed to the emacs-26
branch) works for you?

Thanks, and best regards, Michael.





^ permalink raw reply	[flat|nested] 5+ messages in thread
* bug#29287: tramp-test25-file-selinux fails
  2017-11-14  9:25   ` Michael Albinus
@ 2017-11-14 17:21     ` Glenn Morris
  0 siblings, 0 replies; 5+ messages in thread
From: Glenn Morris @ 2017-11-14 17:21 UTC (permalink / raw)
  To: Michael Albinus; +Cc: 29287


Works for me, thanks.





^ permalink raw reply	[flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-11-14 17:21 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-11-13 19:30 bug#29287: tramp-test25-file-selinux fails Glenn Morris
2017-11-13 20:09 ` Glenn Morris
2017-11-13 20:11   ` Glenn Morris
2017-11-14  9:25   ` Michael Albinus
2017-11-14 17:21     ` Glenn Morris

Code repositories for project(s) associated with this public inbox

	https://git.savannah.gnu.org/cgit/emacs.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).