Tools » teuthology

Should have filed this earlier.

We want to start testing with SELinux enabled. Teuthology needs a way to set SELinux modes, and a way to scrape logs for errors which occured during job execution - and it needs to fail jobs when new entries are found.

When the job is finished, it should restore SELinux to the state it was in before the job started.

My work is effectively finished and is here:
https://github.com/ceph/teuthology/tree/wip-selinux

Currently this bug is blocked on #12003. The reason for this is:

• When the selinux task runs, it always ignore non-RPM-based remotes.
• In its default configuration, it puts SELinux in permissive mode. However, if the running kernel doesn't have SELinux enabled at all, the call to change modes will fail, thus failing the job.
• It would be infeasible to simply ignore the above error, because we'd potentially silently stop doing SELinux testing.