test: build the SELinux test module on the host

Let's save some time and build the SELinux test module on the host
instead of a possibly unaccelerated VM. This brings the runtime of
TEST-06-SELINUX from ~12 minutes down to a ~1 minute.

diff --git a/test/TEST-06-SELINUX/test.sh b/test/TEST-06-SELINUX/test.sh
index a867dea4b772f1e18ce2defd8153500b9e77b808..5d72638ec6f3de2fc63bcdca3f0d3b37c7a4d42d 100755 (executable)
--- a/test/TEST-06-SELINUX/test.sh
+++ b/test/TEST-06-SELINUX/test.sh
@@ -7,7 +7,6 @@ IMAGE_NAME="selinux"
 TEST_NO_NSPAWN=1
 
 # Requirements:
-# Fedora 23
 # selinux-policy-targeted
 # selinux-policy-devel
 
@@ -21,38 +20,41 @@ SETUP_SELINUX=yes
 KERNEL_APPEND="${KERNEL_APPEND:=} selinux=1 security=selinux"
 
 test_append_files() {
-    (
-        local workspace="${1:?}"
-        local policy_headers_dir=/usr/share/selinux/devel
-        local modules_dir=/var/lib/selinux
-
-        setup_selinux
-        # Make sure we never expand this to "/..."
-        rm -rf "${workspace:?}/$modules_dir"
-
-        if ! cp -ar "$modules_dir" "$workspace/$modules_dir"; then
-            dfatal "Failed to copy $modules_dir"
-            exit 1
-        fi
-
-        rm -rf "${workspace:?}/$policy_headers_dir"
-        inst_dir /usr/share/selinux
-
-        if ! cp -ar "$policy_headers_dir" "$workspace/$policy_headers_dir"; then
-            dfatal "Failed to copy $policy_headers_dir"
-            exit 1
-        fi
-
-        mkdir "$workspace/systemd-test-module"
-        cp systemd_test.te "$workspace/systemd-test-module"
-        cp systemd_test.if "$workspace/systemd-test-module"
-        cp systemd_test.fc "$workspace/systemd-test-module"
-        image_install -o sesearch
-        image_install runcon
-        image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
-        image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
-        image_install -o /usr/lib/selinux/hll/pp     # Debian/Ubuntu/...
-    )
+    local workspace="${1:?}"
+    local policy_headers_dir=/usr/share/selinux/devel
+    local modules_dir=/var/lib/selinux
+
+    setup_selinux
+    # Make sure we never expand this to "/..."
+    rm -rf "${workspace:?}/$modules_dir"
+
+    if ! cp -ar "$modules_dir" "$workspace/$modules_dir"; then
+        dfatal "Failed to copy $modules_dir"
+        exit 1
+    fi
+
+    rm -rf "${workspace:?}/$policy_headers_dir"
+    inst_dir /usr/share/selinux
+
+    if ! cp -ar "$policy_headers_dir" "$workspace/$policy_headers_dir"; then
+        dfatal "Failed to copy $policy_headers_dir"
+        exit 1
+    fi
+
+    mkdir "$workspace/systemd-test-module"
+    cp systemd_test.te "$workspace/systemd-test-module"
+    cp systemd_test.if "$workspace/systemd-test-module"
+    cp systemd_test.fc "$workspace/systemd-test-module"
+    image_install -o sesearch
+    image_install runcon
+    image_install checkmodule semodule semodule_package m4 make load_policy sefcontext_compile
+    image_install -o /usr/libexec/selinux/hll/pp # Fedora/RHEL/...
+    image_install -o /usr/lib/selinux/hll/pp     # Debian/Ubuntu/...
+
+    if ! chroot "$workspace" make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile clean systemd_test.pp; then
+        dfatal "Failed to build the systemd test module"
+        exit 1
+    fi
 }
 
 do_test "$@"

diff --git a/test/testsuite-06.units/load-systemd-test-module.service b/test/testsuite-06.units/load-systemd-test-module.service
index 3a22c15b25e9dfc48d7c361e94d6c98b652a0836..2d15a627156c46ecd14b273ab0f646496b48203d 100644 (file)
--- a/test/testsuite-06.units/load-systemd-test-module.service
+++ b/test/testsuite-06.units/load-systemd-test-module.service
@@ -9,7 +9,7 @@ Before=sysinit.target shutdown.target autorelabel.service
 ConditionSecurity=selinux
 
 [Service]
-ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && cd /systemd-test-module && make -f /usr/share/selinux/devel/Makefile clean load'
+ExecStart=sh -x -c 'echo 0 >/sys/fs/selinux/enforce && make -C /systemd-test-module -f /usr/share/selinux/devel/Makefile load'
 Type=oneshot
 TimeoutSec=0
 RemainAfterExit=yes