From 464d495cc2381b12a57748fc771426b5290a37e4 Mon Sep 17 00:00:00 2001
From: Luca Boccassi <luca.boccassi@gmail.com>
Date: Sat, 23 Nov 2024 13:28:03 +0000
Subject: [PATCH] test: mask tmpfiles.d file shipped by selinux policy package
 in containers

This tmpfiles.d wants to write to sysfs, which is read-only in containers,
so systemd-tmpfiles --create fails in TEST-22-TMPFILES when ran in nspawn
if the selinux policy package is instealled. Mask it, as it's not our
config file, we don't need it in the test.

(cherry picked from commit 6fd3496cfd0d28808b5489ee87f826c2130f5f0b)
(cherry picked from commit 2d975f64d40cff41f36792d92dde65a65fb0dd9d)
(cherry picked from commit 37e27eeec811af0a2d8f86b2b241669ef9ed31fa)
---
 test/units/testsuite-22.sh | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/test/units/testsuite-22.sh b/test/units/testsuite-22.sh
index 9c2a033aa9..85109a1ad5 100755
--- a/test/units/testsuite-22.sh
+++ b/test/units/testsuite-22.sh
@@ -6,6 +6,14 @@ set -o pipefail
 # shellcheck source=test/units/test-control.sh
 . "$(dirname "$0")"/test-control.sh
 
+if systemd-detect-virt --quiet --container; then
+    # This comes from the selinux package and tries to write
+    # some files under sysfs, which will be read-only in a container,
+    # so mask it. It's not our tmpfiles.d file anyway.
+    mkdir -p /run/tmpfiles.d/
+    ln -s /dev/null /run/tmpfiles.d/selinux-policy.conf
+fi
+
 run_subtests
 
 touch /testok