Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2023-02-16 at 10:29 -0500, Mimi Zohar wrote:
> On Thu, 2023-02-16 at 09:16 +0100, Roberto Sassu wrote:
> > On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote:
> > > Hi Petr,
> > > 
> > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote:
> > > > Hi Mimi,
> > > > 
> > > > > Tested:
> > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413
> > > > 
> > > > Thanks for merging this.
> > > 
> > > I actually pushed out the patches to "next-testing" to make sure it
> > > works.  In doing so, I dropped a couple of Roberto's patches, which
> > > aren't quite ready and one of mine as well.  In general, I'm not sure
> > > pushing patches out to "next-integrity" should be considered "merging"
> > > quite yet.  In this case, your patches are fine.  (Perhaps there needs
> > > to be a better work flow.)
> > > 
> > > > My test was working:
> > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359
> > > 
> > > Yes, I saw.
> > > 
> > > > But the same code now fails for Fedora.
> > > > I wonder what exactly is wrong now:
> > > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106
> > > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846
> > > 
> > > The UML kernel built properly, but for some reason the fsverity and
> > > portable_signature tests aren't finding it.
> > 
> > It could be this (in the logs):
> > 
> > There exist one or more cache(s) with similar key but they have
> > different version or scope.
> > 
> > I would try:
> > 
> > enableCrossOsArchive: true
> > 
> > after:
> > 
> >       uses: actions/cache@v3
> >       with:
> >         path:
> >         key:
> > 
> > for every step using the cache.
> > 
> > Cache version is a hash generated for a combination of compression tool
> > used (Gzip, Zstd, etc. based on the runner OS) and the path of
> > directories being cached.
> > 
> > Maybe there was some change from the time the kernel and signing key
> > were cached.
> 
> Adding "enableCrossOsArchive: true" didn't help, nor did clearing the
> cache.

FYI, with a clean cache, but without any changes, this seems to be
working now.

> 
> 
> > 
> > > > FAIL: fsverity
> > > > ==============
> > > > 
> > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin)
> > > > dd is /usr/bin/dd
> > > > mkfs is /usr/sbin/mkfs
> > > > blkid is /usr/sbin/blkid
> > > > e2fsck is /usr/sbin/e2fsck
> > > > tune2fs is /usr/sbin/tune2fs
> > > > evmctl is ../src/evmctl
> > > > setfattr is /usr/bin/setfattr
> > > > ./functions.sh: line 90: ../linux: No such file or directory
> > > > =================================
> > > >  Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup
> > > >  To stop after first failure
> > > > =================================
> > > > PASS: 0 SKIP: 0 FAIL: 1
> > > > 
> > > > FAIL fsverity.test (exit status: 1)
> > > > 
> > > > FAIL: portable_signatures
> > > > =========================
> > > > 
> > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl
> > > > ./functions.sh: line 90: ../linux: No such file or directory
> > > > ./functions.sh: line 90: ../linux: No such file or directory
> > 
> 
> 





[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux