Skip to content

Commit 6ae0042

Browse files
schmchrtpcmoore
authored andcommitted
selinux: Chain up tool resolving errors in install_policy.sh
Subshell evaluations are not exempt from errexit, so if a command is not available, `which` will fail and exit the script as a whole. This causes the helpful error messages to not be printed if they are tacked on using a `$?` comparison. Resolve the issue by using chains of logical operators, which are not subject to the effects of errexit. Fixes: e37c187 ("scripts/selinux: modernize mdp") Signed-off-by: Tim Schumacher <[email protected]> Signed-off-by: Paul Moore <[email protected]>
1 parent 2c2b1e0 commit 6ae0042

File tree

1 file changed

+6
-9
lines changed

1 file changed

+6
-9
lines changed

scripts/selinux/install_policy.sh

Lines changed: 6 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6,27 +6,24 @@ if [ `id -u` -ne 0 ]; then
66
exit 1
77
fi
88

9-
SF=`which setfiles`
10-
if [ $? -eq 1 ]; then
9+
SF=`which setfiles` || {
1110
echo "Could not find setfiles"
1211
echo "Do you have policycoreutils installed?"
1312
exit 1
14-
fi
13+
}
1514

16-
CP=`which checkpolicy`
17-
if [ $? -eq 1 ]; then
15+
CP=`which checkpolicy` || {
1816
echo "Could not find checkpolicy"
1917
echo "Do you have checkpolicy installed?"
2018
exit 1
21-
fi
19+
}
2220
VERS=`$CP -V | awk '{print $1}'`
2321

24-
ENABLED=`which selinuxenabled`
25-
if [ $? -eq 1 ]; then
22+
ENABLED=`which selinuxenabled` || {
2623
echo "Could not find selinuxenabled"
2724
echo "Do you have libselinux-utils installed?"
2825
exit 1
29-
fi
26+
}
3027

3128
if selinuxenabled; then
3229
echo "SELinux is already enabled"

0 commit comments

Comments
 (0)