bce603586e
When `image-info` inspects ostree images, the `/usr/etc` is bind-mounted to `/etc`. This results in conflicting SELinux policy specification for these files and makes the outcome dependent on the `setfiles` build. All the files in `/etc` have mismatch in the expected vs. actual SELinux context. Exclude `/etc` from the check of SELinux ctx mismatches in case the analysed tree is from an ostree-based image. Sort the list returned `read_selinux_ctx_mismatch()` based on the item's `filename` key, to make the result consistent across runs. `image-info` can not read SELinux labels from the images, which are not known to the host. This makes the report content depend on the host environment. As a temporary workaround, relabel the image-info script with osbuild_exec_t label to allow it to read unknown SELinux labels. Modify documentation in `test/README.md` to explain the issue with `image-info` and unknown SELinux labels. Modify the `generate-all-test-cases` to relabel `image-info` before generating test cases. Modify the `image_tests.sh` to relabel `image-info` before running image test cases. Add 'tar' image for 'rhel-8' on 's390x' back to the matrix of generated test cases, as it was removed by mistake. Regenerate the image test case. Remove 'tar' image from 'rhel-84' on 's390x' from the matrix of generated test cases, as it is not supported. Regenerate all affected image test cases. Signed-off-by: Tomas Hozza <thozza@redhat.com> |
||
|---|---|---|
| .. | ||
| deploy | ||
| test-case-generators | ||
| clouddot_build_deploy.sh | ||
| define-compose-url.sh | ||
| deploy-openstack | ||
| deploy-qemu | ||
| gen-certs.sh | ||
| gen-user-data | ||
| image-info | ||
| koji-compose.py | ||
| libvirt_test.sh | ||
| prepare-source.sh | ||
| provision.sh | ||
| run-koji-container.sh | ||