system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-21 10:17:21 +00:00
Code Issues Actions 7 Packages Projects Releases Wiki Activity

test: load the SELinux module outside of the VM

Browse source 
Turns out we can, apart from just building the module, "shove" it into
the SELinux database in a chroot as well. This brings quite significant
time savings, as the SELinux db rebuild takes 2 - 5 minutes in a VM
without acceleration (and takes currently ~half of the runtime of the test
in the C8S job).
This commit is contained in:
Frantisek Sumsal 2023-06-05 22:35:05 +02:00
parent 8c0ace5739
commit fa5dee77c0
3 changed files with 2 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
test/TEST-06-SELINUX/test.sh
View file

@ -42,16 +42,14 @@ test_append_files() {
fi
mkdir "$workspace/systemd-test-module"
cp systemd_test.te "$workspace/systemd-test-module"
cp systemd_test.if "$workspace/systemd-test-module"
cp systemd_test.fc "$workspace/systemd-test-module"
cp -v systemd_test.* "$workspace/systemd-test-module/"
image_install -o sesearch
image_install runcon
image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
image_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/...
if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean systemd_test.pp; then
if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean load systemd_test.pp QUIET=n; then
dfatal "Failed to build the systemd test module"
exit 1
fi

15
test/testsuite-06.units/load-systemd-test-module.service
View file

@ -1,15 +0,0 @@
# SPDX-License-Identifier: LGPL-2.1-or-later
[Unit]
Description=Load systemd-test module
DefaultDependencies=no
Requires=local-fs.target
Conflicts=shutdown.target
After=local-fs.target
Before=sysinit.target shutdown.target autorelabel.service
ConditionSecurity=selinux
[Service]
ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile load'
Type=oneshot
TimeoutSec=0
RemainAfterExit=yes

3
test/units/testsuite-06.service
View file

@ -2,9 +2,6 @@
[Unit]
Description=TEST-06-SELINUX
Requires=load-systemd-test-module.service
After=load-systemd-test-module.service
[Service]
ExecStartPre=rm -f /failed /testok
ExecStart=/usr/lib/systemd/tests/testdata/units/%N.sh