From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Mon, 4 May 2026 22:41:10 +0000 (+0100)
Subject: test: avoid nspawn failure due to scope in use in TEST-06-SELINUX
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ae973bb61767fce6b428f52b20cfcddf2c70c944;p=thirdparty%2Fsystemd.git

test: avoid nspawn failure due to scope in use in TEST-06-SELINUX

TEST-06-SELINUX occasionally fails because repeated nspawn invocations use
the same machine name and scope:

TEST-06-SELINUX.sh[598]: Failed to allocate scope: Unit H.scope was already loaded or has a fragment file.

Use a different machine name/scope for each invocation in the test
case to avoid hitting this issue
---

diff --git a/test/units/TEST-06-SELINUX.sh b/test/units/TEST-06-SELINUX.sh
index 5cf6e80815b..76f5c1652bf 100755
--- a/test/units/TEST-06-SELINUX.sh
+++ b/test/units/TEST-06-SELINUX.sh
@@ -39,12 +39,13 @@ CONTEXT="$(stat -c %C /proc/sys/kernel/core_pattern)"
 (! systemd-run --wait --pipe -p ConditionSecurity='selinux' false)
 systemd-run --wait --pipe -p ConditionSecurity='!selinux' false
 
+# Pass a unique --machine= name on each invocation to avoid "already loaded" flakiness
 NSPAWN_ARGS=(systemd-nspawn -q --volatile=yes --directory=/ --bind-ro=/etc --inaccessible=/etc/machine-id)
-[[ "$("${NSPAWN_ARGS[@]}" cat /proc/self/attr/current | tr -d '\0')" != "$CONTEXT" ]]
-[[ "$("${NSPAWN_ARGS[@]}" --selinux-context="$CONTEXT" cat /proc/self/attr/current | tr -d '\0')" == "$CONTEXT" ]]
-[[ "$("${NSPAWN_ARGS[@]}" stat --printf %C /run)" != "$CONTEXT" ]]
-[[ "$("${NSPAWN_ARGS[@]}" --selinux-apifs-context="$CONTEXT" stat --printf %C /run)" == "$CONTEXT" ]]
-[[ "$("${NSPAWN_ARGS[@]}" --selinux-apifs-context="$CONTEXT" --tmpfs=/tmp stat --printf %C /tmp)" == "$CONTEXT" ]]
+[[ "$("${NSPAWN_ARGS[@]}" --machine="nspawn-test-0" cat /proc/self/attr/current | tr -d '\0')" != "$CONTEXT" ]]
+[[ "$("${NSPAWN_ARGS[@]}" --machine="nspawn-test-1" --selinux-context="$CONTEXT" cat /proc/self/attr/current | tr -d '\0')" == "$CONTEXT" ]]
+[[ "$("${NSPAWN_ARGS[@]}" --machine="nspawn-test-2" stat --printf %C /run)" != "$CONTEXT" ]]
+[[ "$("${NSPAWN_ARGS[@]}" --machine="nspawn-test-3" --selinux-apifs-context="$CONTEXT" stat --printf %C /run)" == "$CONTEXT" ]]
+[[ "$("${NSPAWN_ARGS[@]}" --machine="nspawn-test-4" --selinux-apifs-context="$CONTEXT" --tmpfs=/tmp stat --printf %C /tmp)" == "$CONTEXT" ]]
 
 if [[ -n "${TEST_SELINUX_CHECK_AVCS:-}" ]] && ((TEST_SELINUX_CHECK_AVCS)); then
     (! journalctl -t audit -g AVC -o cat)