[PATCH] securityselinuxhelper: Fix retval of setcon_raw() and security_disable()

The securityselinuxhelper is a mock that's replacing libselinux APIs with our own implementation to achieve deterministic results. Our implementation uses env vars (among other things) to hold internal state. For instance, "FAKE_SELINUX_CONTEXT" and "FAKE_SELINUX_DISABLED" variables are used. However, as we were switching from setenv() to g_setenv() we also changed the set of possible retvals from setcon_raw() and security_disable(). Previously, the retval of setenv() was used directly which returns 0 on success and -1 on error. But g_setenv() has different retval semantics: it returns 1 on success and 0 on error. This discrepancy can be observed by running viridentitytest where case #2 reports an error ("!") - because setcon_raw() returns 1. Signed-off-by: Michal Privoznik <mprivozn(a)redhat.com&gt; --- tests/securityselinuxhelper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/securityselinuxhelper.c b/tests/securityselinuxhelper.c index b308ef5095..c3d6505ef2 100644 --- a/tests/securityselinuxhelper.c +++ b/tests/securityselinuxhelper.c @@ -140,7 +140,7 @@ int setcon_raw(const char *context) errno = EINVAL; return -1; } - return g_setenv("FAKE_SELINUX_CONTEXT", context, TRUE); + return g_setenv("FAKE_SELINUX_CONTEXT", context, TRUE) == TRUE ? 0 : -1; } int setcon(const char *context) @@ -219,7 +219,7 @@ int security_disable(void) return -1; } - return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE); + return g_setenv("FAKE_SELINUX_DISABLED", "1", TRUE) == TRUE ? 0 : -1; } int security_getenforce(void) -- 2.26.3