Project

General

Profile

Actions
Copy link

action #175401

closed

action #166613: Yast default selected LSM changes from Apparmor to SELinux, existing openQA test fails in first_boot

test fails in mutt

Added by cahu 3 months ago. Updated 2 months ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
Bugs in existing tests
Target version:
-
Start date:
2025-01-14
Due date:
% Done:

0%

Estimated time:
Difficulty:
Tags:
bugbusters

Description

Tumbleweed iso test with SELinux enabled by default, see context:
https://bugzilla.suse.com/show_bug.cgi?id=1230118

also see: https://progress.opensuse.org/issues/166613

for the verification runs you can create an iso as described here:
https://bugzilla.suse.com/show_bug.cgi?id=1230118#c7

Problem:
i think the postfix_local_write_mail_spool selinux boolean needs to be enabled in the test, i see these AVCs in the log:
type=AVC msg=audit(1736525499.862:2404): avc: denied { write } for pid=77287 comm="local" path="/var/spool/mail/nimda.lock" dev="vda2" ino=27257 scontext=system_u:system_r:postfix_local_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=file permissive=0
type=AVC msg=audit(1736525499.881:2405): avc: denied { write } for pid=77287 comm="local" path="/var/spool/mail/admin.lock" dev="vda2" ino=27261 scontext=system_u:system_r:postfix_local_t:s0 tcontext=system_u:object_r:mail_spool_t:s0 tclass=file permissive=0

Observation

openQA test in scenario opensuse-Tumbleweed-DVD-x86_64-extra_tests_textmode@64bit fails in
mutt

Test suite description

Maintainer: slindomansilla@suse.de.
Mainly post-installation console extra tests.

Reproducible

Fails since (at least) Build 20240702

Expected result

Last good: 20240611 (or more recent)

Further details

Always latest result in this scenario: latest

Actions
Copy link
 #1

Updated by cahu 2 months ago

  • Status changed from New to Rejected

we enabled the boolean by default in the selinux policy now

Actions
Copy link

Also available in: Atom PDF