selinux: is_selinux_enabled() returns 0, 1 and -1

Unfortunately, the current libselinux implementation of
is_selinux_enabled() returns -1 on error. This behavior is
undocumented.

The proper solution is to use "if (is_selinux_enabled() > 0)".

Signed-off-by: Karel Zak <kzak@redhat.com>

4 files changed, 4 insertions, 4 deletions

diff --git a/login-utils/chfn.c b/login-utils/chfn.c
index ee0dc312c..3ca190f10 100644
--- a/login-utils/chfn.c
+++ b/login-utils/chfn.c
@@ -148,7 +148,7 @@ int main (int argc, char **argv) {
     }
 
 #ifdef HAVE_LIBSELINUX
-    if (is_selinux_enabled()) {
+    if (is_selinux_enabled() > 0) {
       if(uid == 0) {
 	if (checkAccess(oldf.username,PASSWD__CHFN)!=0) {
 	  security_context_t user_context;
diff --git a/login-utils/chsh.c b/login-utils/chsh.c
index d4cc52670..08b1e0d28 100644
--- a/login-utils/chsh.c
+++ b/login-utils/chsh.c
@@ -134,7 +134,7 @@ main (int argc, char *argv[]) {
     }
 
 #ifdef HAVE_LIBSELINUX
-    if (is_selinux_enabled()) {
+    if (is_selinux_enabled() > 0) {
       if(uid == 0) {
 	if (checkAccess(pw->pw_name,PASSWD__CHSH)!=0) {
 	  security_context_t user_context;
diff --git a/login-utils/selinux_utils.c b/login-utils/selinux_utils.c
index fff5eaaeb..2db5dd3d0 100644
--- a/login-utils/selinux_utils.c
+++ b/login-utils/selinux_utils.c
@@ -36,7 +36,7 @@ int checkAccess(char *chuser, int access) {
 }
 
 int setupDefaultContext(char *orig_file) {
-  if (is_selinux_enabled()) {
+  if (is_selinux_enabled() > 0) {
     security_context_t scontext;
     
     if (getfilecon(orig_file,&scontext)<0) {
diff --git a/login-utils/vipw.c b/login-utils/vipw.c
index fea28ac2e..5f4472111 100644
--- a/login-utils/vipw.c
+++ b/login-utils/vipw.c
@@ -195,7 +195,7 @@ pw_unlock(void) {
 	link(orig_file, tmp);
 
 #ifdef HAVE_LIBSELINUX
-	if (is_selinux_enabled()) {
+	if (is_selinux_enabled() > 0) {
 	  security_context_t passwd_context=NULL;
 	  int ret=0;
 	  if (getfilecon(orig_file,&passwd_context) < 0) {