From b37d385e0f4e41b27a413162c0404e588724743f Mon Sep 17 00:00:00 2001 From: Clark Williams Date: Fri, 19 Feb 2010 17:01:14 -0600 Subject: add utility function to detect SELinux status and use it Add a utility function selinuxEnabled() that returns true if SELinux is enabled on the host and false otherwise. Use this in _setupDev() method of the Root object to avoid shelling out unnecessarily to 'chcon'. Signed-off-by: Clark Williams --- py/mock/backend.py | 10 +++++++--- py/mock/util.py | 11 +++++++++++ 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/py/mock/backend.py b/py/mock/backend.py index bcadc3e..7ca6a1d 100644 --- a/py/mock/backend.py +++ b/py/mock/backend.py @@ -101,6 +101,9 @@ class Root(object): self.state("init plugins") self._initPlugins() + # figure out if SELinux is enabled on the host + self.selinux = mock.util.selinuxEnabled() + # officially set state so it is logged self.state("start") @@ -322,9 +325,10 @@ class Root(object): os.mknod( self.makeChrootPath(i[2]), i[0], i[1]) # set context. (only necessary if host running selinux enabled.) # fails gracefully if chcon not installed. - mock.util.do( - ["chcon", "--reference=/%s"% i[2], self.makeChrootPath(i[2])] - , raiseExc=0, shell=False) + if self.selinux: + mock.util.do( + ["chcon", "--reference=/%s"% i[2], self.makeChrootPath(i[2])] + , raiseExc=0, shell=False) os.symlink("/proc/self/fd/0", self.makeChrootPath("dev/stdin")) os.symlink("/proc/self/fd/1", self.makeChrootPath("dev/stdout")) diff --git a/py/mock/util.py b/py/mock/util.py index f52003e..07bcba0 100644 --- a/py/mock/util.py +++ b/py/mock/util.py @@ -262,6 +262,17 @@ def logOutput(fds, logger, returnOutput=1, start=0, timeout=0): logger.debug(tail) return output +decorate(traceLog()) +def selinuxEnabled(): + p = subprocess.Popen(["/usr/sbin/getenforce"], + shell=True, + stdout=subprocess.PIPE, + close_fds=True) + p.wait() + if p.stdout.read().strip() == "Disabled": + return False + return True + # logger = # output = [1|0] # chrootPath -- cgit