Closed quantheory closed 10 years ago
Thanks, I'll take a look at it when I'm near a computer (traveling now). This has bit me before in the context of NFS 4 ACLs, so I'm not sure if the route you took - blacklisting some entries - is the right one, or whether we should rewrite the tests do that they're safer with regards to unexpected/system attributes, or simply requiring a tmpfs which doesn't have attributes.
Yes, I admit that there are a couple of problems here; this was mostly just what I threw together in half an hour to prove to myself that I knew what was going on and could get tests to pass.
One issue is that for half of the assertions, I'm adding security.selinux to the expected output, and for the other half, I'm filtering it out of the actual output. It probably only makes sense to do the latter.
The other issue is that I didn't think that this would be specific to SELinux, which I suppose is confirmed by what you've just said about NFS 4 ACL trouble. Rather than treating a HAVE_SELINUX variable in the environment as a boolean flag, it would make more sense to specify which attributes to ignore.
I've now modified the commit on this request (warning: the git history has changed). Now instead of hard-coding the SELinux case, this allows you to specify a comma-separated list of attributes to ignore, which addresses the two issues I mentioned above.
E.g., this command worked on my box with SELinux:
TEST_IGNORE_XATTRS="security.selinux" python2 setup.py test
If you wanted to be really smart about it, I suppose you could try to detect what attributes the temp files are created with, and then set this variable automatically, but letting the user do this via the environment is better than just letting the tests fail.
Released in version 0.5.3 (https://pypi.python.org/pypi/pyxattr/0.5.3). Thanks!
This change contains some simple workarounds for the unit tests, in the case where you're on an SELinux system where temporary test files get the security.selinux attribute. My fix is a bit hacked together, and I haven't tested it thoroughly (Python 2.7 and 3.3, but only on the one system). But I think the idea is basically sound; if you define HAVE_SELINUX=TRUE, the assertions will either expect or ignore security.selinux.