On Thu, Oct 7, 2021 at 7:25 PM Ioanna Alifieraki <ioanna-maria.alifieraki@xxxxxxxxxxxxx> wrote: > > Create a corrupt profile and expect to be removed after the test is run. > > Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki@xxxxxxxxxxxxx> > --- > tests/meson.build | 1 + > tests/virt-aa-helper-test | 29 +++++++++++++++++++++++++++++ > 2 files changed, 30 insertions(+) > > diff --git a/tests/meson.build b/tests/meson.build > index dfbc2c01e2..991cfc402d 100644 > --- a/tests/meson.build > +++ b/tests/meson.build > @@ -40,6 +40,7 @@ tests_env = [ > 'LC_ALL=C', > 'LIBVIRT_AUTOSTART=0', > 'G_DEBUG=fatal-warnings', > + 'sysconfdir=@0@'.format(get_option('prefix') / get_option('sysconfdir')), > ] > > if use_expensive_tests > diff --git a/tests/virt-aa-helper-test b/tests/virt-aa-helper-test > index 83f53acef6..135c4968b5 100755 > --- a/tests/virt-aa-helper-test > +++ b/tests/virt-aa-helper-test > @@ -16,6 +16,7 @@ fi > output="/dev/null" > use_valgrind="" > ld_library_path="$abs_top_builddir/src/" > +profile_path="$sysconfdir/apparmor.d/libvirt/" > if [ ! -z "$1" ] && [ "$1" = "-d" ]; then > output="/dev/stdout" > shift > @@ -399,6 +400,34 @@ testme "0" "shmem doorbell" "-r -u $valid_uuid" "$test_xml" "\"/var/lib/libvirt/ > sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk1,g" -e "s,</devices>,<shmem name='shmem_server'><model type='ivshmem-doorbell'/><server path='/var/lib/libvirt/ivshmem_socket'/></shmem></devices>,g" "$template_xml" > "$test_xml" > testme "0" "shmem doorbell serverpath" "-r -u $valid_uuid" "$test_xml" "\"/var/lib/libvirt/ivshmem_socket\"\s*rw,$" > > +# For the next test to run apparmor needs to be installed and enabled. > +# In some environments (e.g. containers) even though apparmor is > +# installed, it is not enabled because securityfs is not mounted. > +# In those environments this test cannot run so skip it. > +# This test also needs to be run as root. > +if [ `eval id -u` = 0 ] && [ -x "$(command -v aa-enabled)" ] && [ `eval aa-enabled` = "Yes" ]; then This is great to be checked before causing a failure, but a question to the libvirt-CI experts, how doable (or not) would it be to get apparmor installed on those distro testbeds that support it? Are there any good pointers one would start to look at adapting those testbeds? > + sed -e "s,###UUID###,$uuid,g" -e "s,###DISK###,$disk2,g" "$template_xml" > "$test_xml" > + # Running the tests does not require libvirt to be installed. As a > + # result the appropriate directories have not been created. Create them > + # now to run the test. > + mkdir -p "$profile_path" > + # create a corrupted profile > + touch "$profile_path/$valid_uuid" > + testme "0" "purge" "-r -u $valid_uuid" "$test_xml" > + # All the tests are run with the --dry-run option this test is > + # never going to fail because the profile is not going to be loaded. > + # However, since we touch the profile if it's still here after the test > + # it means that something went wrong, so make the test fail. > + if [ -f "$profile_path/$valid_uuid" ]; then > + echo "FAIL: failed to purge corrupted profile" >$output > + echo " '$extra_args $args': " > + errors=$(($errors + 1)) > + # remove corrupted profile anyways not to interfere with > + # subsequent runs of the tests. > + rm "$profile_path/$valid_uuid" > + fi > +fi > + > testme "0" "help" "-h" > > echo "" >$output > -- > 2.17.1 > -- Christian Ehrhardt Staff Engineer, Ubuntu Server Canonical Ltd