diff options
Diffstat (limited to 'test/dbus-daemon.c')
| -rw-r--r-- | test/dbus-daemon.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/test/dbus-daemon.c b/test/dbus-daemon.c index e4e11f16..e29ae454 100644 --- a/test/dbus-daemon.c +++ b/test/dbus-daemon.c @@ -516,6 +516,19 @@ test_creds (Fixture *f, g_test_message ("%s of this process is %s", name, label); g_assert_cmpuint (strlen (label) + 1, ==, len); seen |= SEEN_LINUX_SECURITY_LABEL; + + /* + * At this point we would like to do something like: + * + * g_assert_cmpstr (label, ==, real_security_label); + * + * but there is no LSM-agnostic way to find out our real security + * label in a way that matches SO_PEERSEC. The closest thing + * available is reading /proc/self/attr/current, but that is only + * equal to SO_PEERSEC after applying LSM-specific + * canonicalization (for example for AppArmor you have to remove + * a trailing newline from /proc/self/attr/current). + */ #else g_assert_not_reached (); #endif |