Beispiel #1
0
func (_ *realSelinuxContextRunner) SetContext(dir, context string) error {
	// If SELinux is not enabled, return an empty string
	if !selinux.SelinuxEnabled() {
		return nil
	}

	return selinux.Setfilecon(dir, context)
}
Beispiel #2
0
func TestSetfilecon(t *testing.T) {
	if selinux.SelinuxEnabled() {
		tmp := "selinux_test"
		out, _ := os.OpenFile(tmp, os.O_WRONLY|os.O_CREATE, 0)
		out.Close()
		err := selinux.Setfilecon(tmp, "system_u:object_r:bin_t:s0")
		if err != nil {
			t.Log("Setfilecon failed")
			t.Fatal(err)
		}
		os.Remove(tmp)
	}
}
Beispiel #3
0
func TestSetfilecon(t *testing.T) {
	if selinux.SelinuxEnabled() {
		tmp := "selinux_test"
		con := "system_u:object_r:bin_t:s0"
		out, _ := os.OpenFile(tmp, os.O_WRONLY|os.O_CREATE, 0)
		out.Close()
		err := selinux.Setfilecon(tmp, con)
		if err != nil {
			t.Log("Setfilecon failed")
			t.Fatal(err)
		}
		filecon, err := selinux.Getfilecon(tmp)
		if err != nil {
			t.Log("Getfilecon failed")
			t.Fatal(err)
		}
		if con != filecon {
			t.Fatal("Getfilecon failed, returned %s expected %s", filecon, con)
		}

		os.Remove(tmp)
	}
}
Beispiel #4
0
// SetFileLabel modifies the "path" label to the specified file label
func SetFileLabel(path string, fileLabel string) error {
	if selinux.SelinuxEnabled() && fileLabel != "" {
		return selinux.Setfilecon(path, fileLabel)
	}
	return nil
}