On Thu, May 2, 2024 at 3:18 PM Stephen Smalley <stephen.smalley.work@xxxxxxxxx> wrote: > > On Fri, Jan 26, 2024 at 5:12 AM Ondrej Mosnacek <omosnace@xxxxxxxxxx> wrote: > > > > On Thu, Jan 25, 2024 at 5:09 PM Paul Moore <paul@xxxxxxxxxxxxxx> wrote: > > > > > > On Thu, Jan 25, 2024 at 10:59 AM Stephen Smalley > > > <stephen.smalley.work@xxxxxxxxx> wrote: > > > > So as a side-bar is anyone running ./tools/nfs.sh on a regular basis > > > > or has it been wired up into the automated testing by anyone? If not > > > > and if we can get it back to a clean state, that would be good to do. > > > > > > I am not as part of my kernel-secnext testing, I should, but I haven't > > > had the time to configure that as part of the test run. Building and > > > testing on Debian in addition to Fedora is still higher on my > > > kernel-secnext todo list, and I haven't made much progress there. > > > > > > I believe the IBM/RH folks are doing regular testing, perhaps they > > > have something in place? > > > > We don't currently run the NFS-backed selinux-testsuite, > > unfortunately. Looking at my unmerged branches, I can see I tried to > > add it over 2 years ago, but the note I had left for myself says > > "doesn't work yet due to NFS bug", so presumably it wasn't passing > > even back then. > > I finally tracked down the source of one bug (not setting the label on > new files properly) and sent a patch for that. Several of the other > failures were introduced by the use of fifos for synchronization; > apparently fifos on NFS aren't expected to work and hence unix_socket > and other tests that rely on those won't work there. Actually, it seems that I misinterpreted earlier test results. With my patch applied on top of nfs-next, the entire ./tools/nfs.sh run passes, including unix_socket and friends. Huzzah! Can we get this wired up into automated regression testing to keep it that way?
