forked from SELinuxProject/selinux-testsuite
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathVagrantfile
102 lines (94 loc) · 2.71 KB
/
Vagrantfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
# -*- mode: ruby -*-
# vi: set ft=ruby :
# Vagrant configuration file which creates a virtual machine that can run the
# test suite.
#
# To create a new virtual machine:
#
# FEDORA_VERSION=33 vagrant up
#
# To launch tests (for example after modifications have been made):
#
# vagrant rsync && vagrant ssh -- sudo make -C /root/testsuite test
#
# To destroy the virtual machine (for example to start again from a clean environment):
#
# vagrant destroy
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure("2") do |config|
config.vm.box = "fedora/#{ENV['FEDORA_VERSION']}-cloud-base"
config.vm.synced_folder ".", "/vagrant", disabled: true
config.vm.synced_folder ".", "/root/testsuite", type: "rsync",
# need to disable '--copy-links', which is in rsync__args by default
rsync__args: ["-vzra", "--delete"]
config.vm.provider "virtualbox" do |v|
v.memory = 4096
end
config.vm.provider "libvirt" do |v|
v.memory = 4096
end
case ENV['KERNEL_TYPE']
when 'default'
dnf_opts = ''
kernel_pkgs = 'kernel-devel-"$(uname -r)" kernel-modules-"$(uname -r)"'
when 'latest'
dnf_opts = ''
kernel_pkgs = 'kernel-devel kernel-modules'
when 'secnext'
dnf_opts = '--nogpgcheck --releasever rawhide --repofrompath kernel-secnext,https://repo.paul-moore.com/rawhide/x86_64'
kernel_pkgs = 'kernel-devel kernel-modules'
else
print("Invalid KERNEL_TYPE '#{ENV['KERNEL_TYPE']}'")
abort
end
extra_commands = ''
case ENV['ROOT_DOMAIN']
when 'unconfined_t'
when 'sysadm_t'
extra_commands = <<EOF
semanage boolean --modify --on ssh_sysadm_login
semanage login --modify -s sysadm_u root
semanage login --add -s sysadm_u -r s0-s0:c0.c1023 vagrant
EOF
else
print("Invalid ROOT_DOMAIN '#{ENV['ROOT_DOMAIN']}'")
abort
end
config.vm.provision :shell, inline: <<SCRIPT
dnf install -y #{dnf_opts} \
--allowerasing \
--skip-broken \
git-core \
make \
perl-Test \
perl-Test-Harness \
perl-Test-Simple \
perl-lib \
selinux-policy-devel \
gcc \
libselinux-devel \
net-tools \
netlabel_tools \
nftables \
iptables \
lksctp-tools-devel \
attr \
libbpf-devel \
keyutils-libs-devel \
quota \
xfsprogs-devel \
libuuid-devel \
e2fsprogs \
jfsutils \
dosfstools \
rdma-core-devel \
#{kernel_pkgs}
#{extra_commands}
# for secretmem test
grubby --update-kernel=ALL --args=secretmem.enable=1
reboot
SCRIPT
end