action #168703
open[MinimalVM] Ensure SELinux status is checked
0%
Description
In preparation for SLES16, we should tune the Tumbleweed jeos-selinux tests such, that they check if the image has SELinux enabled by default.
See e.g. jeos-selinux, where the SELinux functionality is tested, but it is never tested, if SELinux is enabled by default.
We should add a new setting SELINUX and if that is set to 1, then check if SELinux is enabled by default.
Acceptance criteria¶
- The jeos-selinux test runs contains a new setting (e.g.
SELINUX) that defines if SELinux is expected to be enabled by default - If
SELINUXis enabled, the test run check if SELinux is enabled by default and fails if it's not
Updated by ph03nix about 1 month ago
- Related to action #166613: Yast default selected LSM changes from Apparmor to SELinux, existing openQA test fails in first_boot added
Updated by favogt about 1 month ago
We should add a new setting SELINUX and if that is set to 1, then check if SELinux is enabled by default.
IMO there should be something in version_utils that returns whether SELinux is enabled by default. If needed with some more primitives on top like selinux_is_active and selinux_needs_to_be_enabled.
Updated by szarate 15 days ago
favogt wrote in #note-3:
We should add a new setting SELINUX and if that is set to 1, then check if SELinux is enabled by default.
IMO there should be something in
version_utilsthat returns whether SELinux is enabled by default. If needed with some more primitives on top likeselinux_is_activeandselinux_needs_to_be_enabled.
100%, created: https://progress.opensuse.org/issues/169591