DSP_test

Created 21 days ago
Maintained by vmojzis
Sanity check of custom SELinux policy
Members 1
Vit Mojzis committed 9 hours ago
Place a copy of "tests-DSP.yml" into the resulting package distgit "tests" repository to test for potentially dangerous policy issues (we recommend leaving the name at "tests-DSP.yml", but anything that fits "tests*.yml" will work). The environment section needs to be configured to your package and the package also needs to be added to required_packages.

Example environment configurations:

-------------------------------------------------------------------------------
Zabbix - policy sources are placed directly in distgit (hence POLICY_TAR: '' )
https://src.fedoraproject.org/rpms/zabbix/pull-request/4

TEST_RPM: zabbix-selinux
TEST_POLICY: zabbix
POLICY_TAR: ''
POLICY_PATH: .

-------------------------------------------------------------------------------
Freeipa - policy sources live in freeipa upstream (in 'selinux' directory)
https://src.fedoraproject.org/rpms/freeipa/tree/master

TEST_RPM: freeipa-selinux
TEST_POLICY: ipa
POLICY_TAR: 'freeipa-*.tar.gz'
POLICY_PATH: 'freeipa-*/selinux'

-------------------------------------------------------------------------------
USBGuard - policy sources are stored in separate repository (separate tar.gz)
https://src.fedoraproject.org/rpms/usbguard/tree/master

TEST_RPM: usbguard-selinux
TEST_POLICY: usbguard
POLICY_TAR: 'usbguard-selinux*.tar.gz'
POLICY_PATH: 'usbguard-selinux*'