action #168571
openaction #166613: Yast default selected LSM changes from Apparmor to SELinux, existing openQA test fails in first_boot
[security][tumbleweed] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor
0%
Description
Tumbleweed iso test with SELinux enabled by default, see context:
https://bugzilla.suse.com/show_bug.cgi?id=1230118
also see: https://progress.opensuse.org/issues/166613
these test fails due to the reason that they check if Apparmor is installed and enabled
but it is not, as SELinux is selected as the default during install
https://openqa.opensuse.org/tests/4548583#step/aa_status/1
https://openqa.opensuse.org/tests/4548583#step/aa_enforce/9
https://openqa.opensuse.org/tests/4548641#step/usr_sbin_smbd/1
https://openqa.opensuse.org/tests/4548716#step/settings_disable_enable_apparmor/1
https://openqa.opensuse.org/tests/4548767#step/yast2_apparmor/6
Observation¶
openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-apparmor@64bit fails in
aa_status
Test suite description¶
Maintainer: QE Security; test AppArmor tool with an existing disk image.
Reproducible¶
Fails since (at least) Build 20231102
Expected result¶
Last good: 20231020 (or more recent)
Further details¶
Always latest result in this scenario: latest
Updated by tjyrinki_suse 4 days ago
- Tags set to apparmor
- Subject changed from [qe-security] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor to [security][tumbleweed] test fails in aa_status aa_enforce usr_sbin_smbd settings_disable_enable_apparmor yast2_apparmor
- Status changed from New to Workable
This is related to ticket #167662 and can be worked as part of that or separately in this ticket.
Updated by cahu 2 days ago
just a quick note: for the verification runs you can create an iso as described here:
https://bugzilla.suse.com/show_bug.cgi?id=1230118#c7