Commit Graph

10 Commits

Author SHA1 Message Date
Nicolas Iooss 2b2b5bad06
Vagrantfile: remove older installed modules before "make install"
When testing issues in older versions of refpolicy (for example when
git-bisecting a regression), the newer policy modules are kept in
/usr/share/selinux/refpolicy/ and trigger errors when they fail to be
loaded by "semodule -s refpolicy -i /usr/share/selinux/refpolicy/*.pp".

Avoid this situation by removed old modules from
/usr/share/selinux/refpolicy/ before running "make install".

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2020-04-14 22:09:54 +02:00
Nicolas Iooss 653b8a223b Vagrantfile: allow unconfined and sysadm SSH login
Since commit 210b64f10a ("Remove shell automatic domain transitions to
unconfined_t from various pam login programs"), setting ssh_sysadm_login
is mandatory in order to allow vagrant user to use SSH while using
unconfined_u or sysadm_u.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2020-01-12 22:42:20 +01:00
Nicolas Iooss 7317bd64c0
Vagrantfile: add a specific SELinux policy module
When using Vagrant to run virtual machines with SELinux enabled, several
specific accesses need to be allowed. It does not make much sense to add
the needed rules to the refpolicy, as they are very specific to the use
of Vagrant to provision a virtual machine to test a policy. Therefore,
create a dedicated module to allow the required accesses.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-12-22 18:17:36 +01:00
Nicolas Iooss d1f92dae04
Vagrantfile: remove sudo
The provisioning scripts are already run as root.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-12-22 18:12:34 +01:00
Nicolas Iooss d82115ac48
Vagrantfile: fix configuration
"debian" needs to be used instead of "config" in the VM description.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-12-22 18:12:02 +01:00
Nicolas Iooss 82e7ff119f
Vagrantfile: add a Debian virtual machine
Configure a Debian 10 "buster" VM in order to use SELinux with
refpolicy.

This is useful in order to test refpolicy on a minimal Debian system,
for example to debug issues related to Debian patches such as the one
fixed in https://github.com/SELinuxProject/refpolicy/pull/78.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-01 18:58:29 +02:00
Nicolas Iooss ea8a79e36a
Vagrantfile: build and install refpolicy on Fedora VM
Add provisioning commands that set-up refpolicy with the required build
configuration for Fedora.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-01 18:58:11 +02:00
Nicolas Iooss 83797144d1
Vagrantfile: upgrade VM to Fedora 30
Use the official Fedora cloud image as a base for the virtual machine.

Allow defining other virual machines by putting the configuration of
Fedora's one into a sub-level.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-08-31 16:17:08 +02:00
Chris PeBenito ef6e79a082 Switch all remaining Python references to the Python 3 interpreter. 2018-05-31 17:41:59 -04:00
Naftuli Tzvi Kay 1810739c85
Add Vagrant box for development. 2016-08-30 12:18:24 -07:00