stephensmalley
commented
5 years ago I am now seeing a failure in the testsuite on file/test 16. Not entirely sure yet of root cause but seems to be tied to this commit.
Closed WOnder93 closed 5 years ago
stephensmalley
commented
5 years ago I am now seeing a failure in the testsuite on file/test 16. Not entirely sure yet of root cause but seems to be tied to this commit.
stephensmalley
commented
5 years ago Reverted. There are a couple issues with the commit that I should have caught:
stephensmalley
commented
5 years ago On a separate note, historically we have taken most patches for selinux-testsuite through selinux list rather than github pull requests. Not sure what our current policy is, but we should probably at least post them to selinux list too even if we merge them via github.
pcmoore
commented
5 years ago I am now seeing a failure in the testsuite on file/test 16. Not entirely sure yet of root cause but seems to be tied to this commit.
I just saw that this patch has been reverted, but FWIW I can verify the failure on my test system:
On a separate note, historically we have taken most patches for selinux-testsuite through selinux list rather than github pull requests. Not sure what our current policy is, but we should probably at least post them to selinux list too even if we merge them via github.
We haven't been very strict with how we accept patches for the selinux-testsuite, but considering that we handle most everything else SELinux related via the mailing list, it probably makes sense to do the same for the test suite.
WOnder93
commented
5 years ago Reverted. There are a couple issues with the commit that I should have caught:
- domain_auto_trans should be converted to domain_auto_transition_pattern, not domain_transition_pattern; otherwise the transition is not the default behavior upon exec and transitions don't occur. This broke the file tests.
Ouch, sorry for missing that, my mistake :/
- We probably shouldn't be touching policy/redhat/* files at all; those were forked from the test policy to avoid any further changes that would break compatibility with older RHEL releases, and unless you are actually testing that they still work on those older RHEL releases, we shouldn't modify them. We might even be able to get rid of them at this point given how old RHEL4 and 5 are.
OK, I'll exclude the redhat/* policies in the next revision and will also consider sending a patch to remove them. (We have an internal test based on selinux-testuite that will need to work on RHEL-5 for a while still, but it uses a snapshot and is only updated when strictly necessary, so it wouldn't be directly impacted. Even if it does need to be updated in the future, we can always find a workaround, so I don't see any strong reason to keep the legacy stuff upstream.)
On a separate note, historically we have taken most patches for selinux-testsuite through selinux list rather than github pull requests. Not sure what our current policy is, but we should probably at least post them to selinux list too even if we merge them via github.
We haven't been very strict with how we accept patches for the selinux-testsuite, but considering that we handle most everything else SELinux related via the mailing list, it probably makes sense to do the same for the test suite.
I don't recall anyone complaining about it before, but now that I know it is preferred, I will add mailing the patch to my workflow for selinux-testsuite, no problem.
Replace deprecated macros with new ones. Fedora's policy has both; refpolicy just the new ones.
Partially addresses issue #57.