rpms
/
systemd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
systemd/0256-test-build-the-SELinux...

117 lines
4.3 KiB
Diff
Raw Permalink Blame History

From 0baa19a28f07328fa4357efc97a522bc0e29f74e Mon Sep 17 00:00:00 2001
From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 19 May 2023 11:45:11 +0200
Subject: [PATCH] test: build the SELinux test module on the host
Let's save some time and build the SELinux test module on the host
instead of a possibly unaccelerated VM. This brings the runtime of
TEST-06-SELINUX from ~12 minutes down to a ~1 minute.
(cherry picked from commit 038efe6df154b04a4c2a1d9da7263e5f49d2a1b0)
Related: #2170883
---
test/TEST-06-SELINUX/test.sh | 68 ++++++++++---------
.../load-systemd-test-module.service | 2 +-
2 files changed, 36 insertions(+), 34 deletions(-)
diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh
index a867dea4b7..5d72638ec6 100755
--- a/test/TEST-06-SELINUX/test.sh
+++ b/test/TEST-06-SELINUX/test.sh
@@ -7,7 +7,6 @@ IMAGE_NAME="selinux"
TEST_NO_NSPAWN=1
# Requirements:
-# Fedora 23
# selinux-policy-targeted
# selinux-policy-devel
@@ -21,38 +20,41 @@ SETUP_SELINUX=yes
KERNEL_APPEND="${KERNEL_APPEND:=} selinux=1 security=selinux"
test_append_files() {
- (
- local workspace="${1:?}"
- local policy_headers_dir=/usr/share/selinux/devel
- local modules_dir=/var/lib/selinux
-
- setup_selinux
- # Make sure we never expand this to "/..."
- rm -rf "${workspace:?}/$modules_dir"
-
- if ! cp -ar "$modules_dir" "$workspace/$modules_dir"; then
- dfatal "Failed to copy $modules_dir"
- exit 1
- fi
-
- rm -rf "${workspace:?}/$policy_headers_dir"
- inst_dir /usr/share/selinux
-
- if ! cp -ar "$policy_headers_dir" "$workspace/$policy_headers_dir"; then
- dfatal "Failed to copy $policy_headers_dir"
- exit 1
- fi
-
- mkdir "$workspace/systemd-test-module"
- cp systemd_test.te "$workspace/systemd-test-module"
- cp systemd_test.if "$workspace/systemd-test-module"
- cp systemd_test.fc "$workspace/systemd-test-module"
- image_install -o sesearch
- image_install runcon
- image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
- image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
- image_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/...
- )
+ local workspace="${1:?}"
+ local policy_headers_dir=/usr/share/selinux/devel
+ local modules_dir=/var/lib/selinux
+
+ setup_selinux
+ # Make sure we never expand this to "/..."
+ rm -rf "${workspace:?}/$modules_dir"
+
+ if ! cp -ar "$modules_dir" "$workspace/$modules_dir"; then
+ dfatal "Failed to copy $modules_dir"
+ exit 1
+ fi
+
+ rm -rf "${workspace:?}/$policy_headers_dir"
+ inst_dir /usr/share/selinux
+
+ if ! cp -ar "$policy_headers_dir" "$workspace/$policy_headers_dir"; then
+ dfatal "Failed to copy $policy_headers_dir"
+ exit 1
+ fi
+
+ mkdir "$workspace/systemd-test-module"
+ cp systemd_test.te "$workspace/systemd-test-module"
+ cp systemd_test.if "$workspace/systemd-test-module"
+ cp systemd_test.fc "$workspace/systemd-test-module"
+ image_install -o sesearch
+ image_install runcon
+ image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
+ image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
+ image_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/...
+
+ if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean systemd_test.pp; then
+ dfatal "Failed to build the systemd test module"
+ exit 1
+ fi
}
do_test "$@"
diff --git a/test/testsuite-06.units/load-systemd-test-module.service b/test/testsuite-06.units/load-systemd-test-module.service
index 3a22c15b25..2d15a62715 100644
--- a/test/testsuite-06.units/load-systemd-test-module.service
+++ b/test/testsuite-06.units/load-systemd-test-module.service
@@ -9,7 +9,7 @@ Before=sysinit.target shutdown.target autorelabel.service
ConditionSecurity=selinux
[Service]
-ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && cd /systemd-test-module && make -f /usr/share/selinux/devel/Makefile clean load'
+ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile load'
Type=oneshot
TimeoutSec=0
RemainAfterExit=yes
Reference in New Issue View Git Blame Copy Permalink