m4: virt-secdriver-selinux: drop obsolete function checks

All of the listed functions are available in libselinux version 2.2.
Our supported OSes start with version 2.5 so there is no need to check
it.

Signed-off-by: Pavel Hrdina <phrdina@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Pavel Hrdina 2020-06-24 10:57:22 +02:00
parent 9ad637c965
commit d3a1a3d708
3 changed files with 5 additions and 43 deletions

View File

@ -32,28 +32,8 @@ AC_DEFUN([LIBVIRT_SECDRIVER_CHECK_SELINUX], [
AC_MSG_ERROR([You must install the libselinux development package and enable SELinux with the --with-selinux=yes in order to compile libvirt --with-secdriver-selinux=yes])
fi
elif test "$with_secdriver_selinux" != "no"; then
old_CFLAGS="$CFLAGS"
old_LIBS="$LIBS"
CFLAGS="$CFLAGS $SELINUX_CFLAGS"
LIBS="$CFLAGS $SELINUX_LIBS"
fail=0
AC_CHECK_FUNC([selinux_virtual_domain_context_path], [], [fail=1])
AC_CHECK_FUNC([selinux_virtual_image_context_path], [], [fail=1])
AC_CHECK_FUNCS([selinux_lxc_contexts_path])
CFLAGS="$old_CFLAGS"
LIBS="$old_LIBS"
if test "$fail" = "1" ; then
if test "$with_secdriver_selinux" = "check" ; then
with_secdriver_selinux=no
else
AC_MSG_ERROR([You must install libselinux development package >= 2.0.82 in order to compile libvirt --with-secdriver-selinux=yes])
fi
else
with_secdriver_selinux=yes
AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available])
fi
with_secdriver_selinux=yes
AC_DEFINE_UNQUOTED([WITH_SECDRIVER_SELINUX], 1, [whether SELinux security driver is available])
fi
AM_CONDITIONAL([WITH_SECDRIVER_SELINUX], [test "$with_secdriver_selinux" != "no"])
])

View File

@ -639,7 +639,6 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
}
#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
static int
virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
{
@ -702,15 +701,6 @@ virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr)
virHashFree(data->mcs);
return -1;
}
#else
static int
virSecuritySELinuxLXCInitialize(virSecurityManagerPtr mgr G_GNUC_UNUSED)
{
virReportSystemError(ENOSYS, "%s",
_("libselinux does not support LXC contexts path"));
return -1;
}
#endif
static int
@ -1018,11 +1008,9 @@ virSecuritySELinuxDriverProbe(const char *virtDriver)
if (is_selinux_enabled() <= 0)
return SECURITY_DRIVER_DISABLE;
if (virtDriver && STREQ(virtDriver, "LXC")) {
#if HAVE_SELINUX_LXC_CONTEXTS_PATH
if (!virFileExists(selinux_lxc_contexts_path()))
#endif
return SECURITY_DRIVER_DISABLE;
if (virtDriver && STREQ(virtDriver, "LXC") &&
!virFileExists(selinux_lxc_contexts_path())) {
return SECURITY_DRIVER_DISABLE;
}
return SECURITY_DRIVER_ENABLE;

View File

@ -48,9 +48,7 @@ static int (*real_is_selinux_enabled)(void);
static const char *(*real_selinux_virtual_domain_context_path)(void);
static const char *(*real_selinux_virtual_image_context_path)(void);
#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
static const char *(*real_selinux_lxc_contexts_path)(void);
#endif
static struct selabel_handle *(*real_selabel_open)(unsigned int backend,
const struct selinux_opt *opts,
@ -73,9 +71,7 @@ static void init_syms(void)
VIR_MOCK_REAL_INIT(selinux_virtual_domain_context_path);
VIR_MOCK_REAL_INIT(selinux_virtual_image_context_path);
#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
VIR_MOCK_REAL_INIT(selinux_lxc_contexts_path);
#endif
VIR_MOCK_REAL_INIT(selabel_open);
VIR_MOCK_REAL_INIT(selabel_close);
@ -273,7 +269,6 @@ const char *selinux_virtual_image_context_path(void)
return abs_srcdir "/securityselinuxhelperdata/virtual_image_context";
}
#ifdef HAVE_SELINUX_LXC_CONTEXTS_PATH
const char *selinux_lxc_contexts_path(void)
{
init_syms();
@ -283,7 +278,6 @@ const char *selinux_lxc_contexts_path(void)
return abs_srcdir "/securityselinuxhelperdata/lxc_contexts";
}
#endif
struct selabel_handle *
selabel_open(unsigned int backend,