setfiles fails to relabel if selinux not enabled

Setfiles now checks the capabilities on the mounted file systems for
'seclabel' (see setfiles/setfiles.c:723:exclude_non_seclabel_mounts) on
newer kernels (>=2.6.30 see setfiles.c:734). However the 'seclabel'
feature is not available if selinux is not enabled. The result is that
setfiles silently fails to relabel any filesystems.

The patch below removes the check for seclabel if selinux is disabled.

As an alternative maybe seclabel should be available even if selinux is
disabled? It seems that whether a fs supports security labels is
independent of selinux being enabled.

Signed-off-by: Joshua Brindle <method@manicmethod.com>

policycoreutils/setfiles/setfiles.c

@@ -750,6 +750,8 @@ static void exclude_non_seclabel_mounts()
 	/* Check to see if the kernel supports seclabel */
 	if (uname(&uts) == 0 && strverscmp(uts.release, "2.6.30") < 0)
 		return;
+	if (is_selinux_enabled() <= 0)
+		return;
 
 	fp = fopen("/proc/mounts", "r");
 	if (!fp)