action #126815
[security][alp] test fails in audit2allow in selinux tests
Start date:
2023-03-28
Due date:
% Done:
100%
Estimated time:
Difficulty:
Description
openQA test in scenario alp-micro-0.1-Default-x86_64-selinux@uefi fails in
audit2allow
It used to pass in https://openqa.opensuse.org/tests/3193154 but stared failing in 2.3.
From Johannes:
validate_script_output("audit2allow -a", sub { m/allow\ ._t\ .;.*/sx });
this fails for audit2allow
since there's no deny
the next line will work
you need to special case this
Acceptance Criteria¶
- Fix the test, maybe by removing the fake denial addition in ALP special case which was a bit silly in the first place, and simply modify the expectation to be the current ALP behavior in final March prototype
History
#1
Updated by tjyrinki_suse 2 months ago
Updated by - Tags set to alp, fail
#2
Updated by tjyrinki_suse 2 months ago
- Description updated (diff)
#3
Updated by pstivanin 2 months ago
Updated by - Status changed from New to Blocked
- Assignee set to pstivanin
As per https://progress.opensuse.org/issues/126812#note-7 , I'm setting this to blocked until a build can be retriggered.
#5
Updated by pstivanin about 2 months ago
- Status changed from Blocked to In Progress
#6
Updated by pstivanin about 2 months ago
- % Done changed from 0 to 80
Since audit2allow returns always an empty output (there are no denials in ALP), there's not much point in further testing it.
Right now the change I made is just checking that audit2allow is empty and then exits the test.
#7
Updated by pstivanin about 2 months ago
- % Done changed from 80 to 100
#8
Updated by pstivanin about 2 months ago
- Status changed from In Progress to Resolved
#9
Updated by tjyrinki_suse about 2 months ago
This makes sense, thank you!