This test disables auto-relabeling so that it can test if setting a
user-defined label in the config will work. The problem is that the
disk image used to boot is then not labelled correctly, and qemu can't
open it.
To circumvent this failure (which is *not* of the functionality we're
testing), this patch just temporarily sets SELinux to permissive mode
during the test, then sets it back during cleanup.
Signed-off-by: Laine Stump <laine@xxxxxxxxx>
---
scripts/selinux/100-static-relabel-no.t | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
diff --git a/scripts/selinux/100-static-relabel-no.t b/scripts/selinux/100-static-relabel-no.t
index ab52534..733dbf3 100644
--- a/scripts/selinux/100-static-relabel-no.t
+++ b/scripts/selinux/100-static-relabel-no.t
@@ -32,10 +32,14 @@ use Test::More tests => 6;
use Sys::Virt::TCK;
use Sys::Virt::TCK::SELinux;
+my $selinux_status = "";
my $tck = Sys::Virt::TCK->new();
my $conn = eval { $tck->setup(); };
BAIL_OUT "failed to setup test harness: $@" if $@;
-END { $tck->cleanup if $tck; }
+END {
+ system("setenforce", "1") if ($selinux_status eq "Enforcing");
+ $tck->cleanup if $tck;
+}
my $info;
eval {
@@ -58,6 +62,13 @@ SKIP: {
->disk(src => $disk, dst => "vdb", type => "file")
->as_xml;
+ chomp($selinux_status = `getenforce`);
+ diag "selinux is $selinux_status";
+ if ($selinux_status eq "Enforcing") {
+ diag "Temporarily setting SELinux to Permissive mode";
+ system("setenforce", "0");
+ }
+
diag "Creating a new transient domain";
my $dom;
ok_domain(sub { $dom = $conn->create_domain($xml) }, "created transient domain object");
--
2.14.5
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
