5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin# -*- mode: shell-script; indent-tabs-mode: nil; sh-basic-offset: 4; -*-
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin# ex: ts=8 sw=4 sts=4 et filetype=sh
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin# Requirements:
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin# selinux-policy-targeted
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin# selinux-policy-devel
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin [[ -f $TESTDIR/root/failed ]] && cp -a $TESTDIR/root/failed $TESTDIR
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cp -a $TESTDIR/root/var/log/journal $TESTDIR
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin [[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin test -s $TESTDIR/failed && ret=$(($ret+1))
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin # Create what will eventually be our root filesystem onto an overlay
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cat <<EOF >$initdir/etc/systemd/system/testsuite.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginDescription=Testsuite service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginAfter=multi-user.target
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginExecStart=/test-selinux-checks.sh
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cat <<EOF >$initdir/etc/systemd/system/hola.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginExecStart=/bin/echo Start Hola
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginExecReload=/bin/echo Reload Hola
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginExecStop=/bin/echo Stop Hola
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginRemainAfterExit=yes
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cat <<EOF >$initdir/etc/systemd/system/load-systemd-test-module.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginDescription=Load systemd-test module
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginDefaultDependencies=no
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginRequires=local-fs.target
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginConflicts=shutdown.target
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginAfter=local-fs.target
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginBefore=sysinit.target shutdown.target autorelabel.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginConditionSecurity=selinux
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginConditionPathExists=|/.load-systemd-test-module
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginExecStart=/bin/sh -x -c 'echo 0 >/sys/fs/selinux/enforce && cd /systemd-test-module && make -f /usr/share/selinux/devel/Makefile load && rm /.load-systemd-test-module'
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny VereshchaginRemainAfterExit=yes
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin touch $initdir/.load-systemd-test-module
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin mkdir -p $initdir/etc/systemd/system/basic.target.wants
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin ln -fs load-systemd-test-module.service $initdir/etc/systemd/system/basic.target.wants/load-systemd-test-module.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin if ! cp -ar $_modules_dir $initdir/$_modules_dir; then
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin local _policy_headers_dir=/usr/share/selinux/devel
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin if ! cp -ar $_policy_headers_dir $initdir/$_policy_headers_dir; then
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin dfatal "Failed to copy $_policy_headers_dir"
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cp systemd_test.te $initdir/systemd-test-module
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin cp systemd_test.if $initdir/systemd-test-module
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin dracut_install checkmodule semodule semodule_package m4 make /usr/libexec/selinux/hll/pp load_policy sefcontext_compile
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin # mask some services that we do not want to run in these tests
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin ln -s /dev/null $initdir/etc/systemd/system/systemd-hwdb-update.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin ln -s /dev/null $initdir/etc/systemd/system/systemd-journal-catalog-update.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.service
5c7290b1956453024fc14abba2385ea9e9bccf8cEvgeny Vereshchagin ln -s /dev/null $initdir/etc/systemd/system/systemd-networkd.socket