[libvirt] [tck PATCH 2/3] fix selinux/100-static-relabel-no test

This test disables auto-relabeling so that it can test if setting a user-defined label in the config will work. The problem is that the disk image used to boot is then not labelled correctly, and qemu can't open it. To circumvent this failure (which is *not* of the functionality we're testing), this patch just temporarily sets SELinux to permissive mode during the test, then sets it back during cleanup. Signed-off-by: Laine Stump <laine(a)laine.org&gt; --- scripts/selinux/100-static-relabel-no.t | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/scripts/selinux/100-static-relabel-no.t b/scripts/selinux/100-static-relabel-no.t index ab52534..733dbf3 100644 --- a/scripts/selinux/100-static-relabel-no.t +++ b/scripts/selinux/100-static-relabel-no.t @@ -32,10 +32,14 @@ use Test::More tests => 6; use Sys::Virt::TCK; use Sys::Virt::TCK::SELinux; +my $selinux_status = ""; my $tck = Sys::Virt::TCK->new(); my $conn = eval { $tck->setup(); }; BAIL_OUT "failed to setup test harness: $@" if $@; -END { $tck->cleanup if $tck; } +END { + system("setenforce", "1") if ($selinux_status eq "Enforcing"); + $tck->cleanup if $tck; +} my $info; eval { @@ -58,6 +62,13 @@ SKIP: { ->disk(src => $disk, dst => "vdb", type => "file") ->as_xml; + chomp($selinux_status = `getenforce`); + diag "selinux is $selinux_status"; + if ($selinux_status eq "Enforcing") { + diag "Temporarily setting SELinux to Permissive mode"; + system("setenforce", "0"); + } + diag "Creating a new transient domain"; my $dom; ok_domain(sub { $dom = $conn->create_domain($xml) }, "created transient domain object"); -- 2.14.5