From: Frantisek Sumsal <frantisek@sumsal.cz>
Date: Fri, 5 Feb 2021 15:59:38 +0000 (+0100)
Subject: test: add a custom SELinux file context
X-Git-Tag: v248-rc1~186^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F18478%2Fhead;p=thirdparty%2Fsystemd.git

test: add a custom SELinux file context

Since the test suite overhaul, the test units are now under
/usr/lib/systemd/tests/testdata/tetsuite-06.units with
system_u:object_r:lib_t context. This causes an AVC denial, since the
systemd unit files are expected to have the
system_u:object_r:systemd_unit_file_t context. Let's fix this by using a
custom file context definition.
---

diff --git a/test/TEST-06-SELINUX/systemd_test.fc b/test/TEST-06-SELINUX/systemd_test.fc
new file mode 100644
index 00000000000..249c6792cf3
--- /dev/null
+++ b/test/TEST-06-SELINUX/systemd_test.fc
@@ -0,0 +1 @@
+/usr/lib/systemd/tests/testdata/testsuite-06\.units(/.*)?   system_u:object_r:systemd_unit_file_t:s0
diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh
index 37528a1a26c..f05cd355938 100755
--- a/test/TEST-06-SELINUX/test.sh
+++ b/test/TEST-06-SELINUX/test.sh
@@ -37,6 +37,7 @@ test_append_files() {
         mkdir $1/systemd-test-module
         cp systemd_test.te $1/systemd-test-module
         cp systemd_test.if $1/systemd-test-module
+        cp systemd_test.fc $1/systemd-test-module
         dracut_install -o sesearch
         dracut_install runcon
         dracut_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile