fs_mgr: overlayfs: test w/o sepolicy in enforced mode Skip sepolicy test if device is not in enforcing mode. Test: adb-remount-test.sh Change-Id: I1558674819bda0c9f575d5202f693fec55c9d84f

commit: 94343060e5e06d749a23a7f947c3edeccf39e709 [log] [tgz]
author: Mark Salyzyn <salyzyn@google.com> Thu Dec 13 16:47:58 2018 -0800
committer: Mark Salyzyn <salyzyn@google.com> Thu Dec 13 16:48:41 2018 -0800
tree: cc5747396a8d4e1174a5d56e03ec055e21b2c337
parent: 9ce2c8a0bdcc9c960f5a5135996aded9936206c0 [diff]
diff --git a/fs_mgr/tests/adb-remount-test.sh b/fs_mgr/tests/adb-remount-test.sh
index aaee1a7..5957e30 100755
--- a/fs_mgr/tests/adb-remount-test.sh
+++ b/fs_mgr/tests/adb-remount-test.sh

@@ -290,6 +290,11 @@
 fi
 inAdb || die "specified device not in adb mode"
 isDebuggable || die "device not a debug build"
+enforcing=true
+if ! adb_su getenforce </dev/null | grep 'Enforcing' >/dev/null; then
+  echo "${ORANGE}[  WARNING ]${NORMAL} device does not have sepolicy in enforcing mode"
+  enforcing=false
+fi
 
 # Do something
 
@@ -535,9 +540,11 @@
   die "re-read system hello after reboot"
 check_eq "${A}" "${B}" system after reboot
 # Only root can read vendor if sepolicy permissions are as expected
-B="`adb_cat /vendor/hello`" &&
-  die "re-read vendor hello after reboot w/o root"
-check_eq "cat: /vendor/hello: Permission denied" "${B}" vendor after reboot w/o root
+if ${enforcing}; then
+  B="`adb_cat /vendor/hello`" &&
+    die "re-read vendor hello after reboot w/o root"
+  check_eq "cat: /vendor/hello: Permission denied" "${B}" vendor after reboot w/o root
+fi
 adb_root &&
   B="`adb_cat /vendor/hello`" ||
   die "re-read vendor hello after reboot"
commit	94343060e5e06d749a23a7f947c3edeccf39e709	[log] [tgz]
author	Mark Salyzyn <salyzyn@google.com>	Thu Dec 13 16:47:58 2018 -0800
committer	Mark Salyzyn <salyzyn@google.com>	Thu Dec 13 16:48:41 2018 -0800
tree	cc5747396a8d4e1174a5d56e03ec055e21b2c337
parent	9ce2c8a0bdcc9c960f5a5135996aded9936206c0 [diff]