Skip to content

Commit 8d2f98b

Browse files
henrywangcgwalters
henrywang
authored and
cgwalters
committed
test: skip OSCI gating AVC test
Skip in TMT test to avoid duplicate with downstream Signed-off-by: Xiaofeng Wang <henrywangxf@me.com>
1 parent 1f586c4 commit 8d2f98b

File tree

4 files changed

+22
-6
lines changed

4 files changed

+22
-6
lines changed

crates/xtask/src/tmt.rs

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1070,6 +1070,18 @@ pub(crate) fn update_integration() -> Result<()> {
10701070
tests_content.push_str("# THIS IS GENERATED CODE - DO NOT EDIT\n");
10711071
tests_content.push_str("# Generated by: cargo xtask tmt\n");
10721072
tests_content.push_str("\n");
1073+
// bootc probes for SELinux mac_admin capability by attempting chcon with
1074+
// an intentionally invalid label, which generates expected AVC denials.
1075+
// Report as informational only in OSCI gating test
1076+
tests_content
1077+
.push_str("# bootc probes for SELinux mac_admin capability by attempting chcon with\n");
1078+
tests_content
1079+
.push_str("# an intentionally invalid label, which generates expected AVC denials.\n");
1080+
tests_content.push_str("# Report as informational only in OSCI gating test\n");
1081+
tests_content.push_str("check:\n");
1082+
tests_content.push_str(" - how: avc\n");
1083+
tests_content.push_str(" result: info\n");
1084+
tests_content.push_str("\n");
10731085
tests_content.push_str(&tests_yaml_formatted);
10741086

10751087
// Only write if content changed

hack/packages.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,9 @@ rsync
33
cloud-init
44
/usr/bin/flock
55
/usr/bin/awk
6+
# Needed by tmt avc check
7+
audit
8+
policycoreutils
69
# Required by install-to-filesystem-var-mount test
710
parted
811
lvm2

tmt/plans/integration.fmf

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -2,12 +2,6 @@
22
provision:
33
how: virtual
44
image: $@{test_disk_image}
5-
# bootc probes for SELinux mac_admin/install_t capability by attempting
6-
# chcon with an intentionally invalid label (see lsm.rs test_install_t).
7-
# This generates expected AVC denials that rhel-ci's injected AVC check
8-
# would otherwise flag as test failures.
9-
environment:
10-
AVC_ERROR: +no_avc_check
115
prepare:
126
# Install image mode system on package mode system
137
# Do not run on image mode VM running on Github CI and Locally

tmt/tests/tests.fmf

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,13 @@
11
# THIS IS GENERATED CODE - DO NOT EDIT
22
# Generated by: cargo xtask tmt
33

4+
# bootc probes for SELinux mac_admin capability by attempting chcon with
5+
# an intentionally invalid label, which generates expected AVC denials.
6+
# Report as informational only in OSCI gating test
7+
check:
8+
- how: avc
9+
result: info
10+
411
/test-01-readonly:
512
summary: Execute booted readonly/nondestructive tests
613
duration: 30m

0 commit comments

Comments
 (0)