iptables/tests/tests.yml
Phil Sutter 0d517b6b1f tests: Disable backport-iptables-add-libxt-cgroup-frontend test
It is disabled in RHTS as well. The main issue is that starting with
RHEL9, libcgroup-tools is no longer available. The test had to be
migrated to cgroups v2 in order to pass.

Related: RHEL-14147
2023-10-27 18:59:35 +00:00

91 lines
3.3 KiB
YAML

---
- hosts: localhost
tags: [ always ]
tasks:
- set_fact:
our_required_packages:
- iproute # multiple tests need ip command
- iputils # multiple tests need ping/ping6 commands
- iptables # multiple tests need iptables/ip6tables commands
- iptables-services # multiple tests need iptables/ip6tables config files
- initscripts # multiple tests need system command
#- libcgroup-tools # backport-iptables-add-libxt-cgroup-frontend needs cg* commands (not available in RHEL9)
- ipset # multiple tests need ipset command
- strace # xtables-tools-locking-vulnerable-to-local-DoS needs strace command
- policycoreutils # initscript-sanity needs restorecon command
- hosts: localhost
tags:
- rhts-all
roles:
- role: standard-test-rhts
tests:
# - backport-iptables-add-libxt-cgroup-frontend
- initscript-sanity
- ip6tables-do-not-accept-dst-or-src-direction-on-ip6sets
- ip6tables-service-does-not-allow-dhcpv6-client-by
- ip6tables-t-nat-A-POSTROUTING-OUTPUT-with-DROP
- iptables-rule-deletion-fails-for-rules-that-use
- iptables-save-cuts-space-before-j
- iptables-save-modprobe-option
- NFQUEUE-queue-bypass
- RFE-Enable-the-missing-IPv6-SET-target
- RFE-iptables-add-C-option-to-iptables-in-RHEL6
- TRACE-target-of-iptables-can-t-work-in
- xtables-tools-locking-vulnerable-to-local-DoS
required_packages: "{{ our_required_packages }}"
- hosts: localhost
tags:
- classic
- beakerlib-all
roles:
- role: standard-test-beakerlib
tests:
#- backport-iptables-add-libxt-cgroup-frontend
- initscript-sanity
- ip6tables-do-not-accept-dst-or-src-direction-on-ip6sets
- ip6tables-service-does-not-allow-dhcpv6-client-by
- ip6tables-t-nat-A-POSTROUTING-OUTPUT-with-DROP
- iptables-rule-deletion-fails-for-rules-that-use
- iptables-save-cuts-space-before-j
- iptables-save-modprobe-option
- NFQUEUE-queue-bypass
- RFE-Enable-the-missing-IPv6-SET-target
- RFE-iptables-add-C-option-to-iptables-in-RHEL6
- TRACE-target-of-iptables-can-t-work-in
- xtables-tools-locking-vulnerable-to-local-DoS
required_packages: "{{ our_required_packages }}"
- hosts: localhost
tags:
- container
roles:
- role: standard-test-beakerlib
tests:
#- backport-iptables-add-libxt-cgroup-frontend # journaling/logging issues?
- ip6tables-do-not-accept-dst-or-src-direction-on-ip6sets
- ip6tables-service-does-not-allow-dhcpv6-client-by
- ip6tables-t-nat-A-POSTROUTING-OUTPUT-with-DROP
- iptables-rule-deletion-fails-for-rules-that-use
- iptables-save-cuts-space-before-j
- iptables-save-modprobe-option
- NFQUEUE-queue-bypass
- RFE-Enable-the-missing-IPv6-SET-target
- RFE-iptables-add-C-option-to-iptables-in-RHEL6
- xtables-tools-locking-vulnerable-to-local-DoS
required_packages: "{{ our_required_packages }}"
- hosts: localhost
tags:
- atomic
roles:
- role: standard-test-beakerlib
tests:
- ip6tables-service-does-not-allow-dhcpv6-client-by
- iptables-save-cuts-space-before-j
- iptables-save-modprobe-option
- NFQUEUE-queue-bypass
- RFE-iptables-add-C-option-to-iptables-in-RHEL6
- xtables-tools-locking-vulnerable-to-local-DoS