Project

General

Profile

Actions
Copy link

action #168571

closed

action #166613: Yast default selected LSM changes from Apparmor to SELinux, existing openQA test fails in first_boot

[security][tumbleweed] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor

Added by cahu about 1 month ago. Updated 25 days ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Bugs in existing tests
Target version:
-
Start date:
2024-10-21
Due date:
% Done:

0%

Estimated time:
Difficulty:
Tags:
apparmor

Description

Tumbleweed iso test with SELinux enabled by default, see context:
https://bugzilla.suse.com/show_bug.cgi?id=1230118

also see: https://progress.opensuse.org/issues/166613

these test fails due to the reason that they check if Apparmor is installed and enabled
but it is not, as SELinux is selected as the default during install

https://openqa.opensuse.org/tests/4548583#step/aa_status/1
https://openqa.opensuse.org/tests/4548583#step/aa_enforce/9
https://openqa.opensuse.org/tests/4548641#step/usr_sbin_smbd/1
https://openqa.opensuse.org/tests/4548716#step/settings_disable_enable_apparmor/1
https://openqa.opensuse.org/tests/4548767#step/yast2_apparmor/6

Observation

openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-apparmor@64bit fails in
aa_status

Test suite description

Maintainer: QE Security; test AppArmor tool with an existing disk image.

Reproducible

Fails since (at least) Build 20231102

Expected result

Last good: 20231020 (or more recent)

Further details

Always latest result in this scenario: latest

Related issues 1 (1 open0 closed)

Is duplicate of openQA Tests - action #167662: [security][tumbleweed] test fails in aa_enforce: audit 4.0 changes need adaptionFeedbackamanzini

Actions
Actions
Copy link
 #1

Updated by szarate about 1 month ago

  • Parent task set to #166613

Contact @cahu if any questions.

cc @tjyrinki_suse
Looks like for apparmor and security audit testsuites need to be reworked too. #168571 can be rejected in favor of #167662

Actions
Copy link
 #2

Updated by szarate about 1 month ago

  • Subject changed from test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor to [qe-security] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor
Actions
Copy link
 #3

Updated by tjyrinki_suse about 1 month ago · Edited

  • Tags set to apparmor
  • Subject changed from [qe-security] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor to [security][tumbleweed] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor
  • Status changed from New to Workable

Above comment says "#168571 can be rejected in favor of #167662", so closing this and trying to change 167662 accordingly.

Actions
Copy link
 #4

Updated by cahu 30 days ago

just a quick note: for the verification runs you can create an iso as described here:
https://bugzilla.suse.com/show_bug.cgi?id=1230118#c7

Actions
Copy link
 #5

Updated by tjyrinki_suse 25 days ago

  • Is duplicate of action #167662: [security][tumbleweed] test fails in aa_enforce: audit 4.0 changes need adaption added
Actions
Copy link
 #6

Updated by tjyrinki_suse 25 days ago · Edited

  • Status changed from Workable to Rejected
Actions
Copy link

Also available in: Atom PDF