URL:
https://github.com/freeipa/freeipa/pull/5812
Author: flo-renaud
Title: #5812: ipatests: set selinux context for fips mode
Action: opened
PR body:
"""
In order to test FIPS mode, the test is faking a user-space
FIPS environment by creating a file /var/tmp/userspace-fips
and bind-mounting this file as /proc/sys/crypto/fips_enabled
The security context needs to be properly set otherwise
/proc/sys/crypto/fips_enabled inherits the security context
unconfined_u:object_r:user_tmp_t:s0 and cannot be read,
resulting in the test seeing fips_mode=false.
Fixes:
https://pagure.io/freeipa/issue/8868
"""
To pull the PR as Git branch:
git remote add ghfreeipa
https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/5812/head:pr5812
git checkout pr5812