[PATCH] tests: skip tests upon failure to set SELinux context

[Pádraig Brady]

On some setups the root:object_r:tmp_t context is invalid.
This does indicate a limitation in the test framework,
but for now we'll relax this to skipping the tests.
The tests still run on a Fedora 25 system for example.

* tests/cp/cp-a-selinux.sh: Upon chcon error, skip rather than ERROR.
* tests/install/install-Z-selinux.sh: Likewise.
* tests/misc/chcon.sh: Likewise.
* tests/misc/runcon-no-reorder.sh: Likewise.
* tests/misc/selinux.sh: Likewise.
* tests/mkdir/restorecon.sh: Likewise.
---
 tests/cp/cp-a-selinux.sh           | 2 +-
 tests/install/install-Z-selinux.sh | 2 +-
 tests/misc/chcon.sh                | 2 +-
 tests/misc/runcon-no-reorder.sh    | 2 +-
 tests/misc/selinux.sh              | 3 +--
 tests/mkdir/restorecon.sh          | 2 +-
 6 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/tests/cp/cp-a-selinux.sh b/tests/cp/cp-a-selinux.sh
index de07406..5db1f5b 100755
--- a/tests/cp/cp-a-selinux.sh
+++ b/tests/cp/cp-a-selinux.sh
@@ -33,7 +33,7 @@ mls_enabled_ && ctx="$ctx:s0"
 
 # Check basic functionality - before check on fixed context mount
 touch c || framework_failure_
-chcon $ctx c || framework_failure_
+chcon $ctx c || skip "Failed to set context: $ctx"
 cp -a c d 2>err || framework_failure_
 cp --preserve=context c e || framework_failure_
 cp --preserve=all c f || framework_failure_
diff --git a/tests/install/install-Z-selinux.sh 
b/tests/install/install-Z-selinux.sh
index ad2e1cd..e3d2048 100755
--- a/tests/install/install-Z-selinux.sh
+++ b/tests/install/install-Z-selinux.sh
@@ -24,7 +24,7 @@ require_selinux_
 mkdir subdir || framework_failure_
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
 cd subdir
 
 # Since in a tmp_t dir, dirs can be created as user_tmp_t ...
diff --git a/tests/misc/chcon.sh b/tests/misc/chcon.sh
index 13a72a0..55fcc63 100755
--- a/tests/misc/chcon.sh
+++ b/tests/misc/chcon.sh
@@ -35,7 +35,7 @@ r1=object_r
 t1=tmp_t
 range=s0
 ctx=$u1:$r1:$t1:$range
-chcon $ctx f || fail=1
+chcon $ctx f || skip "Failed to set context: $ctx"
 stat --printf='f|%C\n' f > out || fail=1
 
 # Use --reference.
diff --git a/tests/misc/runcon-no-reorder.sh b/tests/misc/runcon-no-reorder.sh
index 370771b..f905cfc 100755
--- a/tests/misc/runcon-no-reorder.sh
+++ b/tests/misc/runcon-no-reorder.sh
@@ -30,7 +30,7 @@ echo "$diag" > exp || framework_failure_
 runcon $(id -Z) true -j 2> out && > exp
 
 # When run on a system with no /selinux/context (i.e., in a chroot),
-# it chcon fails with this: "runcon: invalid context: \
+# it fails with this: "runcon: invalid context: \
 # root:system_r:unconfined_t:s0-s0:c0.c1023: No such file or directory"
 # That diagnostic is ok, too, so map it to the more common one.
 case $(cat out) in
diff --git a/tests/misc/selinux.sh b/tests/misc/selinux.sh
index ee1217a..bc6da96 100755
--- a/tests/misc/selinux.sh
+++ b/tests/misc/selinux.sh
@@ -33,8 +33,7 @@ mkfifo_or_skip_ p
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
 
-chcon $ctx f d p ||
-  skip_ '"chcon '$ctx' ..." failed'
+chcon $ctx f d p || skip "Failed to set context: $ctx"
 
 # inspect that context with both ls -Z and stat.
 for i in d f p; do
diff --git a/tests/mkdir/restorecon.sh b/tests/mkdir/restorecon.sh
index fa74b33..e117ed9 100755
--- a/tests/mkdir/restorecon.sh
+++ b/tests/mkdir/restorecon.sh
@@ -23,7 +23,7 @@ require_selinux_
 mkdir subdir || framework_failure_
 ctx='root:object_r:tmp_t'
 mls_enabled_ && ctx="$ctx:s0"
-chcon "$ctx" subdir || framework_failure_
+chcon "$ctx" subdir || skip "Failed to set context: $ctx"
 cd subdir
 
 # --- mkdir -Z ---
-- 
2.9.3