Project

General

Profile

Actions
Copy link

action #170461

open

action #166613: Yast default selected LSM changes from Apparmor to SELinux, existing openQA test fails in first_boot

test fails in wpa_supplicant

Added by cahu about 2 months ago. Updated about 2 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Bugs in existing tests
Target version:
-
Start date:
2024-11-28
Due date:
% Done:

0%

Estimated time:
Difficulty:
Tags:
bugbusters

Description

Tumbleweed iso test with SELinux enabled by default, see context:
https://bugzilla.suse.com/show_bug.cgi?id=1230118

also see: https://progress.opensuse.org/issues/166613

The wpa_supplicant test downloads and extracts an archive to a tmp directory
and runs its tests on it. This is not allowed by SELinux since the /tmp dir should
not be used for production stuff.
The correct way is to either place the data/ to /var/lib/dhcpd/ (with mv -Z) (recommended)
or to label the data/ directory as dhcpd_state_t (dirty)

These should then vanish:
type=AVC msg=audit(1732730378.190:2899): avc: denied { open } for pid=162111 comm="dhclient" path="/tmp/tmp.isqQausZ5e/data/dhclient.lease" dev="tmpfs" ino=931 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file permissive=0
type=AVC msg=audit(1732730378.190:2900): avc: denied { open } for pid=162111 comm="dhclient" path="/tmp/tmp.isqQausZ5e/data/dhclient.lease" dev="tmpfs" ino=931 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file permissive=0
type=AVC msg=audit(1732730384.296:2904): avc: denied { open } for pid=162111 comm="dhclient" path="/tmp/tmp.isqQausZ5e/data/dhclient.lease" dev="tmpfs" ino=931 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=file permissive=0
type=AVC msg=audit(1732730384.296:2905): avc: denied { write } for pid=162111 comm="dhclient" name="data" dev="tmpfs" ino=883 scontext=unconfined_u:system_r:dhcpc_t:s0-s0:c0.c1023 tcontext=unconfined_u:object_r:user_tmp_t:s0 tclass=dir permissive=0

Observation

openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-extra_tests_textmode@64bit fails in
wpa_supplicant

Test suite description

Maintainer: slindomansilla@suse.de.
Mainly post-installation console extra tests.

Reproducible

Fails since (at least) Build 20240702

Expected result

Last good: 20240611 (or more recent)

Further details

Always latest result in this scenario: latest

Actions
Copy link
 #1

Updated by cahu about 2 months ago

  • Tags set to bugbusters
Actions
Copy link
 #2

Updated by szarate about 2 months ago

Cathy, I will take a step back on this ticket to find a better solution, as I see that the failure has to do with the test setup, and not the actual test.

Bear with us :)

Actions
Copy link

Also available in: Atom PDF