morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

TEST-06-SELINUX: Various fixes

Browse Source 
- Stop installing the policy in the initramfs as it's not really
supported anyway (https://github.com/fedora-selinux/selinux-policy/issues/2221)
- Stop relabeling on first boot and prefer to do it at image build time
- Disable mkosi relabeling by default but enable it in CI
- Build image as root in CI so the SELinux relabeling works properly
This commit is contained in:
Daan De Meyer
2024-07-09 12:26:11 +02:00
parent 877842ed52
commit dedd712dd9
6 changed files with 21 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/mkosi.yml vendored
View File

@@ -59,36 +59,43 @@ jobs:
sanitizers: ""
llvm: 0
cflags: "-O2 -D_FORTIFY_SOURCE=3"
relabel: no
- distro: debian
release: testing
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
- distro: ubuntu
release: noble
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
- distro: fedora
release: "40"
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
- distro: fedora
release: rawhide
sanitizers: address,undefined
llvm: 1
cflags: "-Og"
relabel: yes
- distro: opensuse
release: tumbleweed
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: no
- distro: centos
release: "9"
sanitizers: ""
llvm: 0
cflags: "-Og"
relabel: yes
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
@@ -141,6 +148,8 @@ jobs:
MESON_OPTIONS=--werror
LLVM=${{ matrix.llvm }}
SELinuxRelabel=${{ matrix.relabel }}
[Host]
QemuMem=4G
# We build with debuginfo so there's no point in mounting the sources into the machine.
@@ -187,7 +196,7 @@ jobs:
-Dvmspawn=enabled
- name: Build image
run: meson compile -C build mkosi
run: sudo meson compile -C build mkosi
- name: Run integration tests
run: sudo --preserve-env meson test -C build --no-rebuild --suite integration-tests --print-errorlogs --no-stdsplit --num-processes "$(($(nproc) - 1))"