test: switch SELinux to permissive in the config file

The config file has (unfortunately) precedence over the kernel command
line, so let's tweak the config file if necessary.

diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh
index 0757b38cc29ecb5d2c17e2be9af6b783ea5279b9..c7eaae8ab4aa0d25da3e1eb98f8908f20f0543ce 100755 (executable)
--- a/test/TEST-06-SELINUX/test.sh
+++ b/test/TEST-06-SELINUX/test.sh
@@ -22,7 +22,7 @@ test -f /usr/share/selinux/devel/include/system/systemd.if && find /etc/selinux
 . "${TEST_BASE_DIR:?}/test-functions"
 
 SETUP_SELINUX=yes
-KERNEL_APPEND="${KERNEL_APPEND:=} selinux=1 security=selinux"
+KERNEL_APPEND="${KERNEL_APPEND:=} selinux=1 security=selinux enforcing=0"
 
 test_append_files() {
     local workspace="${1:?}"
@@ -53,6 +53,9 @@ test_append_files() {
     image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
     image_install -o /usr/lib/selinux/hll/pp     # Debian/Ubuntu/...
 
+    # Config file has (unfortunately) always precedence, so let's switch it there as well
+    sed -i '/^SELINUX=disabled$/s/disabled/permissive/' "$workspace/etc/selinux/config"
+
     if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean load systemd_test.pp QUIET=n; then
         dfatal "Failed to build the systemd test module"
         exit 1

diff --git a/test/units/testsuite-06.sh b/test/units/testsuite-06.sh
index c57d8b9488861b60a56e5de4f8cb8534259b3bad..73ae485041801c16487587322b7a70ad20cebf02 100755 (executable)
--- a/test/units/testsuite-06.sh
+++ b/test/units/testsuite-06.sh
@@ -3,12 +3,6 @@
 set -eux
 set -o pipefail
 
-echo 1 >/sys/fs/selinux/enforce || {
-    echo "Can't make selinux enforcing, skipping test"
-    touch /testok
-    exit
-}
-
 runcon -t systemd_test_start_t systemctl start hola
 runcon -t systemd_test_reload_t systemctl reload hola
 runcon -t systemd_test_stop_t systemctl stop hola