Create a corrupt profile and expect to be removed after the test is run. Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki@xxxxxxxxxxxxx> --- tests/meson.build | 1 + tests/virt-aa-helper-test | 29 +++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+) diff --git a/tests/meson.build b/tests/meson.build index dfbc2c01e2..991cfc402d 100644 --- a/tests/meson.build +++ b/tests/meson.build @@ -40,6 +40,7 @@ tests_env = [ 'LC_ALL=C', 'LIBVIRT_AUTOSTART=0', 'G_DEBUG=fatal-warnings', + 'sysconfdir=@0@'.format(get_option('prefix') / get_option('sysconfdir')), ] if use_expensive_tests diff --git a/tests/virt-aa-helper-test b/tests/virt-aa-helper-test index 83f53acef6..135c4968b5 100755 --- a/tests/virt-aa-helper-test +++ b/tests/virt-aa-helper-test @@ -16,6 +16,7 @@ fi output="/dev/null" use_valgrind="" ld_library_path="$abs_top_builddir/src/" +profile_path="$sysconfdir/apparmor.d/libvirt/" if [ ! -z "$1" ] && [ "$1" = "-d" ]; then output="/dev/stdout" shift @@ -399,6 +400,34 @@ testme "0" "shmem doorbell" "-r -u $valid_uuid" "$test_xml" "\"/var/lib/libvirt/ sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk1,g" -e "s,</devices>,<shmem name='shmem_server'><model type='ivshmem-doorbell'/><server path='/var/lib/libvirt/ivshmem_socket'/></shmem></devices>,g" "$template_xml" > "$test_xml" testme "0" "shmem doorbell serverpath" "-r -u $valid_uuid" "$test_xml" "\"/var/lib/libvirt/ivshmem_socket\"\s*rw,$" +# For the next test to run apparmor needs to be installed and enabled. +# In some environments (e.g. containers) even though apparmor is +# installed, it is not enabled because securityfs is not mounted. +# In those environments this test cannot run so skip it. +# This test also needs to be run as root. +if [ `eval id -u` = 0 ] && [ -x "$(command -v aa-enabled)" ] && [ `eval aa-enabled` = "Yes" ]; then + sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk2,g" "$template_xml" > "$test_xml" + # Running the tests does not require libvirt to be installed. As a + # result the appropriate directories have not been created. Create them + # now to run the test. + mkdir -p "$profile_path" + # create a corrupted profile + touch "$profile_path/$valid_uuid" + testme "0" "purge" "-r -u $valid_uuid" "$test_xml" + # All the tests are run with the --dry-run option this test is + # never going to fail because the profile is not going to be loaded. + # However, since we touch the profile if it's still here after the test + # it means that something went wrong, so make the test fail. + if [ -f "$profile_path/$valid_uuid" ]; then + echo "FAIL: failed to purge corrupted profile" >$output + echo " '$extra_args $args': " + errors=$(($errors + 1)) + # remove corrupted profile anyways not to interfere with + # subsequent runs of the tests. + rm "$profile_path/$valid_uuid" + fi +fi + testme "0" "help" "-h" echo "" >$output -- 2.17.1