diff mbox series

[ima-evm-utils,v2,8/9] Use in-place built fsverity binary instead of installing it

Message ID 20230112122426.3759938-9-roberto.sassu@huaweicloud.com (mailing list archive)
State New
Headers show
Series Support testing with UML kernel | expand

Commit Message

Roberto Sassu Jan. 12, 2023, 12:24 p.m. UTC 
From: Roberto Sassu <roberto.sassu@huawei.com>

Instead of making changes to the system, use in-place built fsverity binary
by adding ../fsverity-utils to the PATH variable, so that the binary can be
found with the 'which' command.

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 tests/fsverity.test       | 2 +-
 tests/install-fsverity.sh | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Stefan Berger Jan. 12, 2023, 4:11 p.m. UTC | #1 
On 1/12/23 07:24, Roberto Sassu wrote:
> From: Roberto Sassu <roberto.sassu@huawei.com>
> 
> Instead of making changes to the system, use in-place built fsverity binary
> by adding ../fsverity-utils to the PATH variable, so that the binary can be
> found with the 'which' command.
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>

> ---
>   tests/fsverity.test       | 2 +-
>   tests/install-fsverity.sh | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/tests/fsverity.test b/tests/fsverity.test
> index 84312aa08a30..e05978be7ea6 100755
> --- a/tests/fsverity.test
> +++ b/tests/fsverity.test
> @@ -30,7 +30,7 @@
>   # custom policy rules might take precedence.
>   
>   cd "$(dirname "$0")" || exit 1
> -PATH=../src:$PATH
> +PATH=../src:../fsverity-utils:$PATH
>   source ./functions.sh
>   
>   # Base VERBOSE on the environment variable, if set.
> diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
> index 418fc42f472b..d00674c0d3a2 100755
> --- a/tests/install-fsverity.sh
> +++ b/tests/install-fsverity.sh
> @@ -2,6 +2,6 @@
>   
>   git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
>   cd fsverity-utils
> -CC=gcc make -j$(nproc) && sudo make install
> +CC=gcc make -j$(nproc)
>   cd ..
>   rm -rf fsverity-utils
Roberto Sassu Jan. 12, 2023, 4:20 p.m. UTC | #2 
On Thu, 2023-01-12 at 11:11 -0500, Stefan Berger wrote:
> 
> On 1/12/23 07:24, Roberto Sassu wrote:
> > From: Roberto Sassu <roberto.sassu@huawei.com>
> > 
> > Instead of making changes to the system, use in-place built fsverity binary
> > by adding ../fsverity-utils to the PATH variable, so that the binary can be
> > found with the 'which' command.
> > 
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> 
> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
> 
> > ---
> >   tests/fsverity.test       | 2 +-
> >   tests/install-fsverity.sh | 2 +-
> >   2 files changed, 2 insertions(+), 2 deletions(-)
> > 
> > diff --git a/tests/fsverity.test b/tests/fsverity.test
> > index 84312aa08a30..e05978be7ea6 100755
> > --- a/tests/fsverity.test
> > +++ b/tests/fsverity.test
> > @@ -30,7 +30,7 @@
> >   # custom policy rules might take precedence.
> >   
> >   cd "$(dirname "$0")" || exit 1
> > -PATH=../src:$PATH
> > +PATH=../src:../fsverity-utils:$PATH
> >   source ./functions.sh
> >   
> >   # Base VERBOSE on the environment variable, if set.
> > diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
> > index 418fc42f472b..d00674c0d3a2 100755
> > --- a/tests/install-fsverity.sh
> > +++ b/tests/install-fsverity.sh
> > @@ -2,6 +2,6 @@
> >   
> >   git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
> >   cd fsverity-utils
> > -CC=gcc make -j$(nproc) && sudo make install
> > +CC=gcc make -j$(nproc)
> >   cd ..
> >   rm -rf fsverity-utils

Argh... same problem.

Will just delete the last two lines. It is just for CI.

Roberto
Stefan Berger Jan. 12, 2023, 4:26 p.m. UTC | #3 
On 1/12/23 11:20, Roberto Sassu wrote:
> On Thu, 2023-01-12 at 11:11 -0500, Stefan Berger wrote:
>>
>> On 1/12/23 07:24, Roberto Sassu wrote:
>>> From: Roberto Sassu <roberto.sassu@huawei.com>
>>>
>>> Instead of making changes to the system, use in-place built fsverity binary
>>> by adding ../fsverity-utils to the PATH variable, so that the binary can be
>>> found with the 'which' command.
>>>
>>> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
>>
>> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
>>
>>> ---
>>>    tests/fsverity.test       | 2 +-
>>>    tests/install-fsverity.sh | 2 +-
>>>    2 files changed, 2 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/tests/fsverity.test b/tests/fsverity.test
>>> index 84312aa08a30..e05978be7ea6 100755
>>> --- a/tests/fsverity.test
>>> +++ b/tests/fsverity.test
>>> @@ -30,7 +30,7 @@
>>>    # custom policy rules might take precedence.
>>>    
>>>    cd "$(dirname "$0")" || exit 1
>>> -PATH=../src:$PATH
>>> +PATH=../src:../fsverity-utils:$PATH
>>>    source ./functions.sh
>>>    
>>>    # Base VERBOSE on the environment variable, if set.
>>> diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
>>> index 418fc42f472b..d00674c0d3a2 100755
>>> --- a/tests/install-fsverity.sh
>>> +++ b/tests/install-fsverity.sh
>>> @@ -2,6 +2,6 @@
>>>    
>>>    git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
>>>    cd fsverity-utils
>>> -CC=gcc make -j$(nproc) && sudo make install
>>> +CC=gcc make -j$(nproc)
>>>    cd ..
>>>    rm -rf fsverity-utils
> 
> Argh... same problem.
> 
> Will just delete the last two lines. It is just for CI.

Must be skipping tests when the tool is not found

> 
> Roberto
>
Roberto Sassu Jan. 12, 2023, 4:28 p.m. UTC | #4 
On Thu, 2023-01-12 at 11:26 -0500, Stefan Berger wrote:
> 
> On 1/12/23 11:20, Roberto Sassu wrote:
> > On Thu, 2023-01-12 at 11:11 -0500, Stefan Berger wrote:
> > > On 1/12/23 07:24, Roberto Sassu wrote:
> > > > From: Roberto Sassu <roberto.sassu@huawei.com>
> > > > 
> > > > Instead of making changes to the system, use in-place built fsverity binary
> > > > by adding ../fsverity-utils to the PATH variable, so that the binary can be
> > > > found with the 'which' command.
> > > > 
> > > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > > 
> > > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
> > > 
> > > > ---
> > > >    tests/fsverity.test       | 2 +-
> > > >    tests/install-fsverity.sh | 2 +-
> > > >    2 files changed, 2 insertions(+), 2 deletions(-)
> > > > 
> > > > diff --git a/tests/fsverity.test b/tests/fsverity.test
> > > > index 84312aa08a30..e05978be7ea6 100755
> > > > --- a/tests/fsverity.test
> > > > +++ b/tests/fsverity.test
> > > > @@ -30,7 +30,7 @@
> > > >    # custom policy rules might take precedence.
> > > >    
> > > >    cd "$(dirname "$0")" || exit 1
> > > > -PATH=../src:$PATH
> > > > +PATH=../src:../fsverity-utils:$PATH
> > > >    source ./functions.sh
> > > >    
> > > >    # Base VERBOSE on the environment variable, if set.
> > > > diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
> > > > index 418fc42f472b..d00674c0d3a2 100755
> > > > --- a/tests/install-fsverity.sh
> > > > +++ b/tests/install-fsverity.sh
> > > > @@ -2,6 +2,6 @@
> > > >    
> > > >    git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
> > > >    cd fsverity-utils
> > > > -CC=gcc make -j$(nproc) && sudo make install
> > > > +CC=gcc make -j$(nproc)
> > > >    cd ..
> > > >    rm -rf fsverity-utils
> > 
> > Argh... same problem.
> > 
> > Will just delete the last two lines. It is just for CI.
> 
> Must be skipping tests when the tool is not found

Yes, it does:

SKIP: fsverity is not installed
PASS: 0 SKIP: 0 FAIL: 0

Roberto
Mimi Zohar Jan. 19, 2023, 11:51 a.m. UTC | #5 
On Thu, 2023-01-12 at 17:28 +0100, Roberto Sassu wrote:
> On Thu, 2023-01-12 at 11:26 -0500, Stefan Berger wrote:
> > 
> > On 1/12/23 11:20, Roberto Sassu wrote:
> > > On Thu, 2023-01-12 at 11:11 -0500, Stefan Berger wrote:
> > > > On 1/12/23 07:24, Roberto Sassu wrote:
> > > > > From: Roberto Sassu <roberto.sassu@huawei.com>
> > > > > 
> > > > > Instead of making changes to the system, use in-place built fsverity binary
> > > > > by adding ../fsverity-utils to the PATH variable, so that the binary can be
> > > > > found with the 'which' command.
> > > > > 
> > > > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > > > 
> > > > Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
> > > > 
> > > > > ---
> > > > >    tests/fsverity.test       | 2 +-
> > > > >    tests/install-fsverity.sh | 2 +-
> > > > >    2 files changed, 2 insertions(+), 2 deletions(-)
> > > > > 
> > > > > diff --git a/tests/fsverity.test b/tests/fsverity.test
> > > > > index 84312aa08a30..e05978be7ea6 100755
> > > > > --- a/tests/fsverity.test
> > > > > +++ b/tests/fsverity.test
> > > > > @@ -30,7 +30,7 @@
> > > > >    # custom policy rules might take precedence.
> > > > >    
> > > > >    cd "$(dirname "$0")" || exit 1
> > > > > -PATH=../src:$PATH
> > > > > +PATH=../src:../fsverity-utils:$PATH
> > > > >    source ./functions.sh
> > > > >    
> > > > >    # Base VERBOSE on the environment variable, if set.
> > > > > diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
> > > > > index 418fc42f472b..d00674c0d3a2 100755
> > > > > --- a/tests/install-fsverity.sh
> > > > > +++ b/tests/install-fsverity.sh
> > > > > @@ -2,6 +2,6 @@
> > > > >    
> > > > >    git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
> > > > >    cd fsverity-utils
> > > > > -CC=gcc make -j$(nproc) && sudo make install
> > > > > +CC=gcc make -j$(nproc)
> > > > >    cd ..
> > > > >    rm -rf fsverity-utils
> > > 
> > > Argh... same problem.
> > > 
> > > Will just delete the last two lines. It is just for CI.
> > 
> > Must be skipping tests when the tool is not found
> 
> Yes, it does:
> 
> SKIP: fsverity is not installed
> PASS: 0 SKIP: 0 FAIL: 0

RH doesn't have the fsverity-utils package.  tests/install-fsverity.sh
builds and installs it.  The script ci/fedora.sh builds and installs
it.

Mimi
diff mbox series

Patch

diff --git a/tests/fsverity.test b/tests/fsverity.test
index 84312aa08a30..e05978be7ea6 100755
--- a/tests/fsverity.test
+++ b/tests/fsverity.test
@@ -30,7 +30,7 @@ 
 # custom policy rules might take precedence.
 
 cd "$(dirname "$0")" || exit 1
-PATH=../src:$PATH
+PATH=../src:../fsverity-utils:$PATH
 source ./functions.sh
 
 # Base VERBOSE on the environment variable, if set.
diff --git a/tests/install-fsverity.sh b/tests/install-fsverity.sh
index 418fc42f472b..d00674c0d3a2 100755
--- a/tests/install-fsverity.sh
+++ b/tests/install-fsverity.sh
@@ -2,6 +2,6 @@ 
 
 git clone https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
 cd fsverity-utils
-CC=gcc make -j$(nproc) && sudo make install
+CC=gcc make -j$(nproc)
 cd ..
 rm -rf fsverity-utils