From: Frantisek Sumsal Date: Mon, 5 Jun 2023 20:35:05 +0000 (+0200) Subject: test: load the SELinux module outside of the VM X-Git-Tag: v254-rc1~277^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fa5dee77c0d86b7b23f9d18ad0281e3b7ff08af9;p=thirdparty%2Fsystemd.git test: load the SELinux module outside of the VM Turns out we can, apart from just building the module, "shove" it into the SELinux database in a chroot as well. This brings quite significant time savings, as the SELinux db rebuild takes 2 - 5 minutes in a VM without acceleration (and takes currently ~half of the runtime of the test in the C8S job). --- diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh index 5d72638ec6f..85be3bed9b6 100755 --- a/test/TEST-06-SELINUX/test.sh +++ b/test/TEST-06-SELINUX/test.sh @@ -42,16 +42,14 @@ test_append_files() { fi mkdir "$workspace/systemd-test-module" - cp systemd_test.te "$workspace/systemd-test-module" - cp systemd_test.if "$workspace/systemd-test-module" - cp systemd_test.fc "$workspace/systemd-test-module" + cp -v systemd_test.* "$workspace/systemd-test-module/" image_install -o sesearch image_install runcon image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/... image_install -o /usr/lib/selinux/hll/pp # Debian/Ubuntu/... - if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean systemd_test.pp; then + if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean load systemd_test.pp QUIET=n; then dfatal "Failed to build the systemd test module" exit 1 fi diff --git a/test/testsuite-06.units/load-systemd-test-module.service b/test/testsuite-06.units/load-systemd-test-module.service deleted file mode 100644 index 2d15a627156..00000000000 --- a/test/testsuite-06.units/load-systemd-test-module.service +++ /dev/null @@ -1,15 +0,0 @@ -# SPDX-License-Identifier: LGPL-2.1-or-later -[Unit] -Description=Load systemd-test module -DefaultDependencies=no -Requires=local-fs.target -Conflicts=shutdown.target -After=local-fs.target -Before=sysinit.target shutdown.target autorelabel.service -ConditionSecurity=selinux - -[Service] -ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile load' -Type=oneshot -TimeoutSec=0 -RemainAfterExit=yes diff --git a/test/units/testsuite-06.service b/test/units/testsuite-06.service index b91f93ca09c..c4c1d87fed5 100644 --- a/test/units/testsuite-06.service +++ b/test/units/testsuite-06.service @@ -2,9 +2,6 @@ [Unit] Description=TEST-06-SELINUX -Requires=load-systemd-test-module.service -After=load-systemd-test-module.service - [Service] ExecStartPre=rm -f /failed /testok ExecStart=/usr/lib/systemd/tests/testdata/units/%N.sh