keremet/rpm-ostree
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
fca01e70b5
rpm-ostree/tests
History
Colin Walters fca01e70b5 Lower initial SELinux policy load from compose to core 
Add a `selinux` verb to treespec, and bind it from treefile.  If
set, use it in the core to load an initial policy before import,
if we didn't already set a policy.

In practice right now this is only used from the compose path
since the SysrootUpgrader uses the policy from the merge deployment.

Unset the policy if rojig mode is enabled.

Now, non-SELinux use cases are required to set `selinux: false`
in the treespec. For `ex container` I just set it in our example
specs.  Probably that should forcibly disable it in the
treespec but eh, it's experimental.

The other case I can think of is client-side layering; before
we would create a policy using the target root, but it
wasn't a *hard* requirement, i.e. we didn't error out if
`policy_get_name() == NULL`.  Let's preserve that semantic by
hooking off of whether `_new_system()` was used.

Prep for sharing code with `compose rojig`.

Closes: #1630
Approved by: jlebon
2018-10-23 13:40:46 +00:00
..
check tests: add test for sorting + conversion of sysuser 2018-08-30 17:37:27 +00:00
common core,scripts: When no cachedir+unified-core, disable rofiles-fuse 2018-10-12 19:03:26 +00:00
compose-tests tests/compose: Use workdir in tmpdir 2018-10-23 13:40:46 +00:00
composedata compose: Support not specifying a ref 2018-10-09 19:47:25 +00:00
ex-container-tests Lower initial SELinux policy load from compose to core 2018-10-23 13:40:46 +00:00
gpghome daemon: start with one commit only when resolving versions 2016-12-24 12:28:48 +00:00
manual db: Remove query parameter to diff 2015-04-23 16:30:18 -04:00
utils tests/utils: Drop empty inject-pkglist.py 2018-07-28 06:53:40 +00:00
vmcheck app/livefs: Require --i-like-danger switch 2018-10-17 20:10:11 +00:00
compose tests: Rename one libcomposetest.sh 2018-09-10 17:06:10 +00:00
ex-container tests: Rename one libcomposetest.sh 2018-09-10 17:06:10 +00:00
README.md tests: Add ./tests/compose 2016-12-06 19:05:05 +00:00

README.md

Tests are divided into three groups:

  • Tests in the check directory are non-destructive and uninstalled. Some of the tests require root privileges. Use make check to run these.

  • The composecheck tests currently require uid 0 capabilities - the default in Docker, or you can run them via a user namespace. They are non-destructive, but are installed.

    To use them, you might do a make && sudo make install inside a Docker container.

    Then invoke ./tests/compose. Alternatively of course, you can simply run the tests on a host system or in an existing container, without doing a build.

    Note: This is intentionally not a Makefile target because it doesn't require building and doesn't use uninstalled binaries.

  • Tests in the vmcheck directory are oriented around using Vagrant. Use make vmcheck to run them. See also HACKING.md in the top directory.

The common directory contains files used by multiple tests. The utils directory contains helper utilities required to run the tests.