From bf596f9fa5439f4b0435b6a040c5ec948b22a0f1 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:07:21 -0800 Subject: [PATCH 01/26] Creating SMACK github actions test runner --- .github/workflows/gnu-smack-tests.yml | 157 ++++++++++++++++++++++++++ 1 file changed, 157 insertions(+) create mode 100644 .github/workflows/gnu-smack-tests.yml diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml new file mode 100644 index 00000000000..caf207ec223 --- /dev/null +++ b/.github/workflows/gnu-smack-tests.yml @@ -0,0 +1,157 @@ +name: GNU SMACK tests (redpesk) + +on: + push: + branches: [ main, master ] + pull_request: + branches: [ main, master ] + +jobs: + gnu-smack-tests: + runs-on: ubuntu-latest + timeout-minutes: 120 + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Install host dependencies (GNU harness + QEMU + OVMF + sshpass) + run: | + set -euo pipefail + sudo apt-get update + sudo apt-get install -y \ + build-essential \ + autoconf automake libtool \ + gettext texinfo \ + gawk bison \ + pkg-config \ + qemu-system-x86 \ + ovmf \ + sshpass + + - name: Build GNU test harness on host + run: | + set -euo pipefail + # This is the existing helper in uutils/coreutils + bash util/build-gnu.sh + + - name: Download redpesk SMACK minimal x86_64 image + working-directory: /tmp + run: | + set -euo pipefail + + mkdir -p redpeskimage + cd redpeskimage + + # Download a specific SMACK minimal x86_64 image (corn-3.0-update LTS) + # Directory listing shows image.raw.tar.xz and its checksum here: + # https://download.redpesk.bzh/redpesk-lts/corn-3.0-update/images/smack/minimal/x86_64/generic/ + wget -q \ + https://download.redpesk.bzh/redpesk-lts/corn-3.0-update/images/smack/minimal/x86_64/generic/redpesk-lts-corn-3.0-update-smack-minimal-x86_64-generic-2025_11_21_1557.tar.xz \ + https://download.redpesk.bzh/redpesk-lts/corn-3.0-update/images/smack/minimal/x86_64/generic/redpesk-lts-corn-3.0-update-smack-minimal-x86_64-generic-2025_11_21_1557.tar.xz.sha256 + + # Verify integrity + sha256sum -c redpesk-lts-corn-3.0-update-smack-minimal-x86_64-generic-2025_11_21_1557.tar.xz.sha256 + + # Extract; this drops a disk image, typically named Redpesk-OS.img + tar xJf redpesk-lts-corn-3.0-update-smack-minimal-x86_64-generic-2025_11_21_1557.tar.xz + + echo "Contents of redpeskimage:" + ls -lh + + - name: Launch redpesk SMACK QEMU guest + working-directory: /tmp/redpeskimage + run: | + set -euo pipefail + + # Locate the disk image (should be named Redpesk-OS.img according to docs) + DISK_IMAGE=$(ls Redpesk-OS*.img 2>/dev/null || ls *.img) + echo "Using disk image: $DISK_IMAGE" + + OVMF="/usr/share/qemu/OVMF.fd" + PORT_SSH=3333 + + # Start QEMU in the background, headless, with SSH port forwarded. + # redpesk SMACK images are built with SMACK enabled (smack/minimal). + qemu-system-x86_64 \ + -hda "$DISK_IMAGE" \ + -m 2048 \ + -smp 4 \ + -cpu qemu64 \ + -device virtio-rng-pci \ + -net nic \ + -net user,hostfwd=tcp::$PORT_SSH-:22 \ + -bios "$OVMF" \ + -nographic \ + > /tmp/qemu-smack.log 2>&1 & + + echo $! > /tmp/qemu-smack.pid + echo "QEMU started with PID $(cat /tmp/qemu-smack.pid)" + + - name: Wait for SSH in guest + run: | + set -euo pipefail + + PORT_SSH=3333 + SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" + + echo "Waiting for SSH to become available in the redpesk guest..." + for i in $(seq 1 60); do + if $SSH_BASE 'echo ready' >/dev/null 2>&1; then + echo "SSH is up." + exit 0 + fi + sleep 5 + done + + echo "ERROR: SSH did not become ready in time." + kill "$(cat /tmp/qemu-smack.pid)" || true + exit 1 + + - name: Copy repo with built harness into guest + run: | + set -euo pipefail + + PORT_SSH=3333 + SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" + + # Create target directory and untar from stdin + # We tar AFTER build-gnu.sh so the GNU harness artifacts are included. + tar cz . | $SSH_BASE 'mkdir -p /root/uutils && cd /root/uutils && tar xz' + + - name: Run SMACK GNU tests inside guest + run: | + set -euo pipefail + + PORT_SSH=3333 + SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" + + echo "Checking that SMACK is active in the guest..." + $SSH_BASE 'grep smackfs /proc/filesystems || (echo "smackfs not present"; exit 1)' + + echo "Running SMACK-related GNU tests (mkdir + id)..." + # These are the GNU tests that depend on SMACK support. + # util/run-gnu-test.sh is the existing script in uutils for running individual tests. + set +e + $SSH_BASE 'cd /root/uutils && bash util/run-gnu-test.sh tests/mkdir/smack-no-root.sh tests/mkdir/smack-root.sh tests/id/smack.sh' + RC=$? + set -e + + echo "SMACK GNU tests exit code: $RC" + + echo "Shutting down QEMU..." + if [ -f /tmp/qemu-smack.pid ]; then + kill "$(cat /tmp/qemu-smack.pid)" || true + fi + + exit $RC + + - name: Dump QEMU log on failure + if: failure() + run: | + echo "===== QEMU SMACK guest log =====" + if [ -f /tmp/qemu-smack.log ]; then + sed -n '1,400p' /tmp/qemu-smack.log || true + else + echo "No QEMU log file found." + fi From 70a9b59b06f8cd690b42a093d3c3b3ccadce49ac Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:16:19 -0800 Subject: [PATCH 02/26] Update gnu-smack-tests.yml Adding all of the GNU test libraries --- .github/workflows/gnu-smack-tests.yml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index caf207ec223..4e2d0e4614d 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -15,6 +15,31 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Checkout code (GNU coreutils) + uses: actions/checkout@v6 + with: + repository: 'coreutils/coreutils' + path: 'gnu' + ref: ${{ env.REPO_GNU_REF }} + submodules: false + persist-credentials: false + - name: Override submodule URL and initialize submodules + # Use github instead of upstream git server + run: | + git submodule sync --recursive + git config submodule.gnulib.url https://github.com/coreutils/gnulib.git + git submodule update --init --recursive --depth 1 + working-directory: gnu + + #### Build environment setup + - name: Install dependencies + shell: bash + run: | + ## Install dependencies + sudo apt-get update + ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima + sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt + - name: Install host dependencies (GNU harness + QEMU + OVMF + sshpass) run: | set -euo pipefail From 145fea357cd031799eb1ba569230a09a380b167f Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:24:45 -0800 Subject: [PATCH 03/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 4e2d0e4614d..42850d895ab 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -54,12 +54,14 @@ jobs: ovmf \ sshpass - - name: Build GNU test harness on host + - name: Build binaries + shell: bash run: | - set -euo pipefail - # This is the existing helper in uutils/coreutils - bash util/build-gnu.sh + ## Build binaries + cd 'uutils' + env PROFILE=release-small bash util/build-gnu.sh + - name: Download redpesk SMACK minimal x86_64 image working-directory: /tmp run: | From 6b117b035b446f42e9054b10dc8bff552d5c9bad Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:32:41 -0800 Subject: [PATCH 04/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 42850d895ab..b77b968cd28 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -58,7 +58,6 @@ jobs: shell: bash run: | ## Build binaries - cd 'uutils' env PROFILE=release-small bash util/build-gnu.sh From 2c6a543adb825f2da6f2cf70359dfaff5183b4a6 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:35:38 -0800 Subject: [PATCH 05/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index b77b968cd28..1d551fba24a 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -15,6 +15,17 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Extract GNU version from build-gnu.sh + id: gnu-version-selinux + run: | + GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) + if [ -z "$GNU_VERSION" ]; then + echo "Error: Failed to extract GNU version from build-gnu.sh" + exit 1 + fi + echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV + echo "Extracted GNU version: ${GNU_VERSION}" + - name: Checkout code (GNU coreutils) uses: actions/checkout@v6 with: @@ -30,6 +41,7 @@ jobs: git config submodule.gnulib.url https://github.com/coreutils/gnulib.git git submodule update --init --recursive --depth 1 working-directory: gnu + #### Build environment setup - name: Install dependencies @@ -58,6 +70,7 @@ jobs: shell: bash run: | ## Build binaries + cd uutils env PROFILE=release-small bash util/build-gnu.sh From 3eadf46f4d5ee4e35c5c49c198b6df3a89de405a Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 07:37:25 -0800 Subject: [PATCH 06/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 1d551fba24a..6ff539053d7 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -12,9 +12,11 @@ jobs: timeout-minutes: 120 steps: - - name: Checkout repository - uses: actions/checkout@v4 - + - name: Checkout code (uutils) + uses: actions/checkout@v6 + with: + path: 'uutils' + persist-credentials: false - name: Extract GNU version from build-gnu.sh id: gnu-version-selinux run: | From 6d2c073a4693e10c537e204846dd06bd70c400c7 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:06:18 -0800 Subject: [PATCH 07/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 120 +++++++++++++++----------- 1 file changed, 72 insertions(+), 48 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 6ff539053d7..6b74b97eb53 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -12,47 +12,47 @@ jobs: timeout-minutes: 120 steps: - - name: Checkout code (uutils) - uses: actions/checkout@v6 - with: - path: 'uutils' - persist-credentials: false - - name: Extract GNU version from build-gnu.sh - id: gnu-version-selinux - run: | - GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) - if [ -z "$GNU_VERSION" ]; then - echo "Error: Failed to extract GNU version from build-gnu.sh" - exit 1 - fi - echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV - echo "Extracted GNU version: ${GNU_VERSION}" - - - name: Checkout code (GNU coreutils) - uses: actions/checkout@v6 - with: - repository: 'coreutils/coreutils' - path: 'gnu' - ref: ${{ env.REPO_GNU_REF }} - submodules: false - persist-credentials: false - - name: Override submodule URL and initialize submodules - # Use github instead of upstream git server - run: | - git submodule sync --recursive - git config submodule.gnulib.url https://github.com/coreutils/gnulib.git - git submodule update --init --recursive --depth 1 - working-directory: gnu + # - name: Checkout code (uutils) + # uses: actions/checkout@v6 + # with: + # path: 'uutils' + # persist-credentials: false + # - name: Extract GNU version from build-gnu.sh + # id: gnu-version-selinux + # run: | + # GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) + # if [ -z "$GNU_VERSION" ]; then + # echo "Error: Failed to extract GNU version from build-gnu.sh" + # exit 1 + # fi + # echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV + # echo "Extracted GNU version: ${GNU_VERSION}" + + # - name: Checkout code (GNU coreutils) + # uses: actions/checkout@v6 + # with: + # repository: 'coreutils/coreutils' + # path: 'gnu' + # ref: ${{ env.REPO_GNU_REF }} + # submodules: false + # persist-credentials: false + # - name: Override submodule URL and initialize submodules + # # Use github instead of upstream git server + # run: | + # git submodule sync --recursive + # git config submodule.gnulib.url https://github.com/coreutils/gnulib.git + # git submodule update --init --recursive --depth 1 + # working-directory: gnu - #### Build environment setup - - name: Install dependencies - shell: bash - run: | - ## Install dependencies - sudo apt-get update - ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima - sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt + # #### Build environment setup + # - name: Install dependencies + # shell: bash + # run: | + # ## Install dependencies + # sudo apt-get update + # ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima + # sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt - name: Install host dependencies (GNU harness + QEMU + OVMF + sshpass) run: | @@ -68,12 +68,12 @@ jobs: ovmf \ sshpass - - name: Build binaries - shell: bash - run: | - ## Build binaries - cd uutils - env PROFILE=release-small bash util/build-gnu.sh + # - name: Build binaries + # shell: bash + # run: | + # ## Build binaries + # cd uutils + # env PROFILE=release-small bash util/build-gnu.sh - name: Download redpesk SMACK minimal x86_64 image @@ -136,19 +136,43 @@ jobs: PORT_SSH=3333 SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - echo "Waiting for SSH to become available in the redpesk guest..." + if [ ! -f /tmp/qemu-smack.pid ]; then + echo "ERROR: /tmp/qemu-smack.pid not found – QEMU did not start?" + exit 1 + fi + + QEMU_PID=$(cat /tmp/qemu-smack.pid) + echo "Waiting for SSH to become available in the redpesk guest (PID $QEMU_PID)..." + for i in $(seq 1 60); do + # If QEMU died, show why and bail out + if ! kill -0 "$QEMU_PID" 2>/dev/null; then + echo "ERROR: QEMU process $QEMU_PID is no longer running." + if [ -f /tmp/qemu-smack.log ]; then + echo "===== QEMU SMACK guest log (tail) =====" + tail -n 100 /tmp/qemu-smack.log || true + fi + exit 1 + fi + if $SSH_BASE 'echo ready' >/dev/null 2>&1; then echo "SSH is up." exit 0 fi + + echo "SSH not ready yet (attempt $i)..." sleep 5 done echo "ERROR: SSH did not become ready in time." - kill "$(cat /tmp/qemu-smack.pid)" || true - exit 1 + if [ -f /tmp/qemu-smack.log ]; then + echo "===== QEMU SMACK guest log (tail) =====" + tail -n 100 /tmp/qemu-smack.log || true + fi + kill "$QEMU_PID" || true + exit 1 + - name: Copy repo with built harness into guest run: | set -euo pipefail From 1384d1465b948ace9d0ad4b7c3862f5eb0d912b8 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:13:06 -0800 Subject: [PATCH 08/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 6b74b97eb53..27d6851441a 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -159,6 +159,13 @@ jobs: echo "SSH is up." exit 0 fi + # Inline QEMU log tail on each failed attempt + if [ -f /tmp/qemu-smack.log ]; then + echo "----- QEMU SMACK guest log tail (attempt $i) -----" + tail -n 20 /tmp/qemu-smack.log || true + echo "-----------------------------------------------" + fi + echo "SSH not ready yet (attempt $i)..." sleep 5 From a96643ff17526752b998748ccc920f8a8ef8e8b0 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:22:54 -0800 Subject: [PATCH 09/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 27 +++++++++++++++++++++------ 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 27d6851441a..e8d274f1328 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -6,6 +6,11 @@ on: pull_request: branches: [ main, master ] +# End the current execution if there is a new changeset in the PR. +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: ${{ github.ref != 'refs/heads/main' }} + jobs: gnu-smack-tests: runs-on: ubuntu-latest @@ -105,30 +110,40 @@ jobs: run: | set -euo pipefail - # Locate the disk image (should be named Redpesk-OS.img according to docs) DISK_IMAGE=$(ls Redpesk-OS*.img 2>/dev/null || ls *.img) echo "Using disk image: $DISK_IMAGE" OVMF="/usr/share/qemu/OVMF.fd" PORT_SSH=3333 - # Start QEMU in the background, headless, with SSH port forwarded. - # redpesk SMACK images are built with SMACK enabled (smack/minimal). + # Use a modern CPU model; enable KVM if available + EXTRA_FLAGS="" + if [ -e /dev/kvm ]; then + echo "Using KVM acceleration" + EXTRA_FLAGS="-enable-kvm -cpu kvm64 -cpu Skylake-Client-v4" + else + echo "No /dev/kvm, using TCG" + EXTRA_FLAGS="-cpu Skylake-Client-v4" + fi + qemu-system-x86_64 \ -hda "$DISK_IMAGE" \ -m 2048 \ -smp 4 \ - -cpu qemu64 \ + -vga virtio \ -device virtio-rng-pci \ + -serial mon:stdio \ + -serial null \ -net nic \ -net user,hostfwd=tcp::$PORT_SSH-:22 \ -bios "$OVMF" \ + $EXTRA_FLAGS \ -nographic \ > /tmp/qemu-smack.log 2>&1 & echo $! > /tmp/qemu-smack.pid echo "QEMU started with PID $(cat /tmp/qemu-smack.pid)" - + - name: Wait for SSH in guest run: | set -euo pipefail @@ -162,7 +177,7 @@ jobs: # Inline QEMU log tail on each failed attempt if [ -f /tmp/qemu-smack.log ]; then echo "----- QEMU SMACK guest log tail (attempt $i) -----" - tail -n 20 /tmp/qemu-smack.log || true + tail -n 80 /tmp/qemu-smack.log || true echo "-----------------------------------------------" fi From 01f36e7e66059ac250c73dc412efb1d2186a2ed8 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:28:50 -0800 Subject: [PATCH 10/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index e8d274f1328..e6a13afe10c 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -116,20 +116,14 @@ jobs: OVMF="/usr/share/qemu/OVMF.fd" PORT_SSH=3333 - # Use a modern CPU model; enable KVM if available - EXTRA_FLAGS="" - if [ -e /dev/kvm ]; then - echo "Using KVM acceleration" - EXTRA_FLAGS="-enable-kvm -cpu kvm64 -cpu Skylake-Client-v4" - else - echo "No /dev/kvm, using TCG" - EXTRA_FLAGS="-cpu Skylake-Client-v4" - fi + echo "Starting QEMU in TCG mode (no KVM)..." qemu-system-x86_64 \ - -hda "$DISK_IMAGE" \ + -machine accel=tcg \ + -drive file="$DISK_IMAGE",if=virtio,format=raw \ -m 2048 \ - -smp 4 \ + -smp 2 \ + -cpu Skylake-Client-v4 \ -vga virtio \ -device virtio-rng-pci \ -serial mon:stdio \ @@ -137,7 +131,6 @@ jobs: -net nic \ -net user,hostfwd=tcp::$PORT_SSH-:22 \ -bios "$OVMF" \ - $EXTRA_FLAGS \ -nographic \ > /tmp/qemu-smack.log 2>&1 & From dc9327e76a224487f6eb5181acf1838306c27547 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:37:47 -0800 Subject: [PATCH 11/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 90 +++++++++++++-------------- 1 file changed, 45 insertions(+), 45 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index e6a13afe10c..5bf234552f5 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -17,47 +17,47 @@ jobs: timeout-minutes: 120 steps: - # - name: Checkout code (uutils) - # uses: actions/checkout@v6 - # with: - # path: 'uutils' - # persist-credentials: false - # - name: Extract GNU version from build-gnu.sh - # id: gnu-version-selinux - # run: | - # GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) - # if [ -z "$GNU_VERSION" ]; then - # echo "Error: Failed to extract GNU version from build-gnu.sh" - # exit 1 - # fi - # echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV - # echo "Extracted GNU version: ${GNU_VERSION}" - - # - name: Checkout code (GNU coreutils) - # uses: actions/checkout@v6 - # with: - # repository: 'coreutils/coreutils' - # path: 'gnu' - # ref: ${{ env.REPO_GNU_REF }} - # submodules: false - # persist-credentials: false - # - name: Override submodule URL and initialize submodules - # # Use github instead of upstream git server - # run: | - # git submodule sync --recursive - # git config submodule.gnulib.url https://github.com/coreutils/gnulib.git - # git submodule update --init --recursive --depth 1 - # working-directory: gnu + - name: Checkout code (uutils) + uses: actions/checkout@v6 + with: + path: 'uutils' + persist-credentials: false + - name: Extract GNU version from build-gnu.sh + id: gnu-version-selinux + run: | + GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) + if [ -z "$GNU_VERSION" ]; then + echo "Error: Failed to extract GNU version from build-gnu.sh" + exit 1 + fi + echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV + echo "Extracted GNU version: ${GNU_VERSION}" + + - name: Checkout code (GNU coreutils) + uses: actions/checkout@v6 + with: + repository: 'coreutils/coreutils' + path: 'gnu' + ref: ${{ env.REPO_GNU_REF }} + submodules: false + persist-credentials: false + - name: Override submodule URL and initialize submodules + # Use github instead of upstream git server + run: | + git submodule sync --recursive + git config submodule.gnulib.url https://github.com/coreutils/gnulib.git + git submodule update --init --recursive --depth 1 + working-directory: gnu - # #### Build environment setup - # - name: Install dependencies - # shell: bash - # run: | - # ## Install dependencies - # sudo apt-get update - # ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima - # sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt + #### Build environment setup + - name: Install dependencies + shell: bash + run: | + ## Install dependencies + sudo apt-get update + ## Check that build-gnu.sh works on the non SELinux system by installing libselinux only on lima + sudo apt-get install -y autopoint gperf gdb python3-pyinotify valgrind libexpect-perl libacl1-dev libattr1-dev libcap-dev attr quilt - name: Install host dependencies (GNU harness + QEMU + OVMF + sshpass) run: | @@ -73,12 +73,12 @@ jobs: ovmf \ sshpass - # - name: Build binaries - # shell: bash - # run: | - # ## Build binaries - # cd uutils - # env PROFILE=release-small bash util/build-gnu.sh + - name: Build binaries + shell: bash + run: | + ## Build binaries + cd uutils + env PROFILE=release-small bash util/build-gnu.sh - name: Download redpesk SMACK minimal x86_64 image From 799adec3a3811ab4f6c5438b613385161815971c Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 08:57:21 -0800 Subject: [PATCH 12/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 5bf234552f5..8b3f5243222 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -195,10 +195,14 @@ jobs: PORT_SSH=3333 SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - # Create target directory and untar from stdin - # We tar AFTER build-gnu.sh so the GNU harness artifacts are included. - tar cz . | $SSH_BASE 'mkdir -p /root/uutils && cd /root/uutils && tar xz' + echo "Copying repo (with util/ and tests/) into guest at /root/uutils ..." + # github.workspace is the repo root (where util/ and tests/ live) + cd "$GITHUB_WORKSPACE" + tar cz . | $SSH_BASE 'rm -rf /root/uutils && mkdir -p /root/uutils && cd /root/uutils && tar xz' + # Quick sanity check: list util/ inside the guest + $SSH_BASE 'cd /root/uutils && ls && ls util' + - name: Run SMACK GNU tests inside guest run: | set -euo pipefail @@ -210,10 +214,17 @@ jobs: $SSH_BASE 'grep smackfs /proc/filesystems || (echo "smackfs not present"; exit 1)' echo "Running SMACK-related GNU tests (mkdir + id)..." - # These are the GNU tests that depend on SMACK support. - # util/run-gnu-test.sh is the existing script in uutils for running individual tests. set +e - $SSH_BASE 'cd /root/uutils && bash util/run-gnu-test.sh tests/mkdir/smack-no-root.sh tests/mkdir/smack-root.sh tests/id/smack.sh' + $SSH_BASE ' + set -e + cd /root/uutils + echo "PWD: $PWD" + ls util + bash util/run-gnu-test.sh \ + tests/mkdir/smack-no-root.sh \ + tests/mkdir/smack-root.sh \ + tests/id/smack.sh + ' RC=$? set -e @@ -225,7 +236,6 @@ jobs: fi exit $RC - - name: Dump QEMU log on failure if: failure() run: | From 192df414662578a90cbd2da685e86b47c74be860 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 09:14:01 -0800 Subject: [PATCH 13/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 47 +++++++++++++++++++++++---- 1 file changed, 40 insertions(+), 7 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 8b3f5243222..6915dde4a71 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -195,13 +195,46 @@ jobs: PORT_SSH=3333 SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - echo "Copying repo (with util/ and tests/) into guest at /root/uutils ..." - # github.workspace is the repo root (where util/ and tests/ live) - cd "$GITHUB_WORKSPACE" - tar cz . | $SSH_BASE 'rm -rf /root/uutils && mkdir -p /root/uutils && cd /root/uutils && tar xz' + echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" + echo "Host layout:" + ls -1 "$GITHUB_WORKSPACE" + + # Detect uutils repo root + if [ -d "$GITHUB_WORKSPACE/util" ]; then + UU_ROOT="$GITHUB_WORKSPACE" + elif [ -d "$GITHUB_WORKSPACE/uutils/util" ]; then + UU_ROOT="$GITHUB_WORKSPACE/uutils" + else + echo "Could not find uutils repo root (no util/)." + ls -R "$GITHUB_WORKSPACE" + exit 1 + fi + + # Detect GNU coreutils clone + if [ -d "$GITHUB_WORKSPACE/gnu" ]; then + GNU_ROOT="$GITHUB_WORKSPACE/gnu" + elif [ -d "$UU_ROOT/../gnu" ]; then + GNU_ROOT="$(readlink -fm "$UU_ROOT/../gnu")" + else + echo "Could not find gnu coreutils directory." + ls -R "$GITHUB_WORKSPACE" + exit 1 + fi + + echo "Host UU_ROOT=$UU_ROOT" + echo "Host GNU_ROOT=$GNU_ROOT" + + echo "Copying uutils into guest at /root/uutils ..." + tar -C "$UU_ROOT" -cz . \ + | $SSH_BASE 'rm -rf /root/uutils && mkdir -p /root/uutils && cd /root/uutils && tar xz' + + echo "Copying GNU coreutils into guest at /root/gnu ..." + tar -C "$GNU_ROOT" -cz . \ + | $SSH_BASE 'rm -rf /root/gnu && mkdir -p /root/gnu && cd /root/gnu && tar xz' - # Quick sanity check: list util/ inside the guest - $SSH_BASE 'cd /root/uutils && ls && ls util' + echo "Sanity check inside guest:" + $SSH_BASE 'cd /root/uutils && echo "PWD: $PWD" && ls && ls util' + $SSH_BASE 'cd /root/gnu && echo "PWD: $PWD" && ls src tests || ls' - name: Run SMACK GNU tests inside guest run: | @@ -218,7 +251,7 @@ jobs: $SSH_BASE ' set -e cd /root/uutils - echo "PWD: $PWD" + echo "In guest, PWD: $PWD" ls util bash util/run-gnu-test.sh \ tests/mkdir/smack-no-root.sh \ From 09ab6460b4c9999d0c5f6413e5ae632e186440e2 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 09:37:23 -0800 Subject: [PATCH 14/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 6915dde4a71..aa8751297e0 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -235,6 +235,21 @@ jobs: echo "Sanity check inside guest:" $SSH_BASE 'cd /root/uutils && echo "PWD: $PWD" && ls && ls util' $SSH_BASE 'cd /root/gnu && echo "PWD: $PWD" && ls src tests || ls' + + - name: Install make inside SMACK guest + run: | + set -euo pipefail + + PORT_SSH=3333 + SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" + + echo "Installing make inside guest (needed for util/run-gnu-test.sh)..." + # redpesk is rpm-based and uses dnf + $SSH_BASE 'command -v dnf || { echo "dnf not found in guest"; exit 1; }' + $SSH_BASE 'dnf -y install make' + + echo "make in guest:" + $SSH_BASE 'command -v make && make --version | head -n1' - name: Run SMACK GNU tests inside guest run: | From 336a67e5e9ea179dc7b0f74755663cfb2bf1bfed Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 10:01:34 -0800 Subject: [PATCH 15/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index aa8751297e0..9324d7c9867 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -250,6 +250,20 @@ jobs: echo "make in guest:" $SSH_BASE 'command -v make && make --version | head -n1' + + - name: Prepare GNU harness inside guest + run: | + set -euo pipefail + + PORT_SSH=3333 + SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" + + # Install build deps inside redpesk (uses dnf) + $SSH_BASE 'dnf -y install gcc make autoconf automake libtool gettext texinfo gawk bison pkg-config git rust cargo' + + # Build GNU+uutils harness in the same layout util/run-gnu-test.sh expects: + # /root/uutils (uutils) and /root/gnu (GNU coreutils). + $SSH_BASE 'cd /root/uutils && bash util/build-gnu.sh' - name: Run SMACK GNU tests inside guest run: | From 82b24bc5e8f0206822086cad478b76d00204b2b1 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Sun, 23 Nov 2025 11:30:21 -0800 Subject: [PATCH 16/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 45 ++++++++++++++++++--------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 9324d7c9867..6afcf53887c 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -72,14 +72,6 @@ jobs: qemu-system-x86 \ ovmf \ sshpass - - - name: Build binaries - shell: bash - run: | - ## Build binaries - cd uutils - env PROFILE=release-small bash util/build-gnu.sh - - name: Download redpesk SMACK minimal x86_64 image working-directory: /tmp @@ -258,13 +250,38 @@ jobs: PORT_SSH=3333 SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - # Install build deps inside redpesk (uses dnf) - $SSH_BASE 'dnf -y install gcc make autoconf automake libtool gettext texinfo gawk bison pkg-config git rust cargo' + # 1) Install build deps + curl inside redpesk + $SSH_BASE ' + set -euo pipefail + dnf -y install \ + gcc make autoconf automake libtool \ + gettext texinfo \ + gawk bison \ + pkg-config \ + git \ + curl + ' - # Build GNU+uutils harness in the same layout util/run-gnu-test.sh expects: - # /root/uutils (uutils) and /root/gnu (GNU coreutils). - $SSH_BASE 'cd /root/uutils && bash util/build-gnu.sh' - + # 2) Install latest Rust (stable) via rustup in the guest + $SSH_BASE ' + set -euo pipefail + + if ! command -v rustup >/dev/null 2>&1; then + curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs \ + | sh -s -- -y --profile minimal --default-toolchain stable + fi + + . "$HOME/.cargo/env" + + # Ensure this directory uses the rustup toolchain, not system cargo + cd /root/uutils + rustup override set stable + + # 3) Build GNU+uutils harness with the latest Rust + PATH="$HOME/.cargo/bin:$PATH" \ + PROFILE=release-small \ + bash util/build-gnu.sh + ' - name: Run SMACK GNU tests inside guest run: | set -euo pipefail From cfd72d2a7a5f3ada6314a09f0057fc813ba5d703 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Mon, 24 Nov 2025 12:01:12 -0800 Subject: [PATCH 17/26] Building tests outside of container --- .github/workflows/gnu-smack-tests.yml | 65 +++++++++++++++------------ 1 file changed, 36 insertions(+), 29 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 6afcf53887c..ef1b2c04548 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -128,6 +128,39 @@ jobs: echo $! > /tmp/qemu-smack.pid echo "QEMU started with PID $(cat /tmp/qemu-smack.pid)" + + - name: Build GNU harness on host (uutils + GNU) + run: | + set -euo pipefail + + # Detect repo roots on host + if [ -d "$GITHUB_WORKSPACE/uutils/util" ]; then + UU_ROOT="$GITHUB_WORKSPACE/uutils" + else + echo "Could not find uutils repo root." + ls -R "$GITHUB_WORKSPACE" + exit 1 + fi + + if [ -d "$GITHUB_WORKSPACE/gnu" ]; then + GNU_ROOT="$GITHUB_WORKSPACE/gnu" + else + echo "Could not find gnu coreutils directory." + ls -R "$GITHUB_WORKSPACE" + exit 1 + fi + + echo "Host UU_ROOT=${UU_ROOT}" + echo "Host GNU_ROOT=${GNU_ROOT}" + + export path_UUTILS="$UU_ROOT" + export path_GNU="$GNU_ROOT" + + # Build uutils + GNU harness once on the host + # UU_MAKE_PROFILE selects Rust profile; keep it small but realistic + SELINUX_ENABLED=1 \ + UU_MAKE_PROFILE=release-small \ + bash "$UU_ROOT/util/build-gnu.sh" - name: Wait for SSH in guest run: | @@ -179,7 +212,8 @@ jobs: kill "$QEMU_PID" || true exit 1 - + + - name: Copy repo with built harness into guest run: | set -euo pipefail @@ -191,7 +225,6 @@ jobs: echo "Host layout:" ls -1 "$GITHUB_WORKSPACE" - # Detect uutils repo root if [ -d "$GITHUB_WORKSPACE/util" ]; then UU_ROOT="$GITHUB_WORKSPACE" elif [ -d "$GITHUB_WORKSPACE/uutils/util" ]; then @@ -202,7 +235,6 @@ jobs: exit 1 fi - # Detect GNU coreutils clone if [ -d "$GITHUB_WORKSPACE/gnu" ]; then GNU_ROOT="$GITHUB_WORKSPACE/gnu" elif [ -d "$UU_ROOT/../gnu" ]; then @@ -224,10 +256,7 @@ jobs: tar -C "$GNU_ROOT" -cz . \ | $SSH_BASE 'rm -rf /root/gnu && mkdir -p /root/gnu && cd /root/gnu && tar xz' - echo "Sanity check inside guest:" - $SSH_BASE 'cd /root/uutils && echo "PWD: $PWD" && ls && ls util' - $SSH_BASE 'cd /root/gnu && echo "PWD: $PWD" && ls src tests || ls' - + - name: Install make inside SMACK guest run: | set -euo pipefail @@ -261,27 +290,6 @@ jobs: git \ curl ' - - # 2) Install latest Rust (stable) via rustup in the guest - $SSH_BASE ' - set -euo pipefail - - if ! command -v rustup >/dev/null 2>&1; then - curl --proto "=https" --tlsv1.2 -sSf https://sh.rustup.rs \ - | sh -s -- -y --profile minimal --default-toolchain stable - fi - - . "$HOME/.cargo/env" - - # Ensure this directory uses the rustup toolchain, not system cargo - cd /root/uutils - rustup override set stable - - # 3) Build GNU+uutils harness with the latest Rust - PATH="$HOME/.cargo/bin:$PATH" \ - PROFILE=release-small \ - bash util/build-gnu.sh - ' - name: Run SMACK GNU tests inside guest run: | set -euo pipefail @@ -306,7 +314,6 @@ jobs: ' RC=$? set -e - echo "SMACK GNU tests exit code: $RC" echo "Shutting down QEMU..." From 3fd12c09a5cee16e04447a8660320d0b6adacf87 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Mon, 24 Nov 2025 12:04:27 -0800 Subject: [PATCH 18/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index ef1b2c04548..f13e4a0b17a 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -158,7 +158,6 @@ jobs: # Build uutils + GNU harness once on the host # UU_MAKE_PROFILE selects Rust profile; keep it small but realistic - SELINUX_ENABLED=1 \ UU_MAKE_PROFILE=release-small \ bash "$UU_ROOT/util/build-gnu.sh" From 359d780f2730fc35d6324993c3488d71b7669f16 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Mon, 24 Nov 2025 12:25:48 -0800 Subject: [PATCH 19/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index f13e4a0b17a..49deac09030 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -160,6 +160,11 @@ jobs: # UU_MAKE_PROFILE selects Rust profile; keep it small but realistic UU_MAKE_PROFILE=release-small \ bash "$UU_ROOT/util/build-gnu.sh" + rm -rf "$UU_ROOT/target"/{debug,release}/incremental + rm -rf "$UU_ROOT/target"/{debug,release}/build + rm -rf "$UU_ROOT/target"/{debug,release}/deps + + - name: Wait for SSH in guest run: | From c77a7dcecd756572f852b2a9195a1491c7548dbf Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Mon, 24 Nov 2025 12:44:36 -0800 Subject: [PATCH 20/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 49deac09030..2f32f044cc5 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -163,6 +163,7 @@ jobs: rm -rf "$UU_ROOT/target"/{debug,release}/incremental rm -rf "$UU_ROOT/target"/{debug,release}/build rm -rf "$UU_ROOT/target"/{debug,release}/deps + find "$UU_ROOT/target" -type f -name '*.rlib' -delete From 982e499143019d550902d27f7d00b0adfa7d22ad Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Mon, 24 Nov 2025 13:10:47 -0800 Subject: [PATCH 21/26] Update gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 37 +++++++++++++++++++++++++++ 1 file changed, 37 insertions(+) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 2f32f044cc5..ca76fc56f75 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -160,10 +160,47 @@ jobs: # UU_MAKE_PROFILE selects Rust profile; keep it small but realistic UU_MAKE_PROFILE=release-small \ bash "$UU_ROOT/util/build-gnu.sh" + rm -rf "$UU_ROOT/.git rm -rf "$UU_ROOT/target"/{debug,release}/incremental rm -rf "$UU_ROOT/target"/{debug,release}/build + rm -rf "$UU_ROOT/target"/{debug,release}/.fingerprint rm -rf "$UU_ROOT/target"/{debug,release}/deps find "$UU_ROOT/target" -type f -name '*.rlib' -delete + cd "$BUILD_DIR" + + # List of binaries needed for the SMACK tests + KEEP_BINS=" + coreutils + id + mkdir + mknod + mkfifo + ls + cut + grep + cat + env + rm + chmod + " + + # Normalize to one-line, space-separated + KEEP_BINS_ONE_LINE="$(echo $KEEP_BINS)" + + for f in *; do + # Skip non-regular files (dirs, symlinks, etc.) + [ -f "$f" ] || continue + + case " $KEEP_BINS_ONE_LINE " in + *" $f "*) + # keep + ;; + *) + # delete everything else + rm -f -- "$f" + ;; + esac + done From 1fd487e6656cba64010aff92655ebe81b9a69210 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Thu, 4 Dec 2025 10:07:34 -0800 Subject: [PATCH 22/26] Testing running the tests directly for SMACK-FS Removed steps for checking out code and building GNU harness in the workflow. --- .github/workflows/gnu-smack-tests.yml | 199 ++------------------------ 1 file changed, 8 insertions(+), 191 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index ca76fc56f75..a2aa358b742 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -16,40 +16,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 120 - steps: - - name: Checkout code (uutils) - uses: actions/checkout@v6 - with: - path: 'uutils' - persist-credentials: false - - name: Extract GNU version from build-gnu.sh - id: gnu-version-selinux - run: | - GNU_VERSION=$(grep '^release_tag_GNU=' uutils/util/build-gnu.sh | cut -d'"' -f2) - if [ -z "$GNU_VERSION" ]; then - echo "Error: Failed to extract GNU version from build-gnu.sh" - exit 1 - fi - echo "REPO_GNU_REF=${GNU_VERSION}" >> $GITHUB_ENV - echo "Extracted GNU version: ${GNU_VERSION}" - - - name: Checkout code (GNU coreutils) - uses: actions/checkout@v6 - with: - repository: 'coreutils/coreutils' - path: 'gnu' - ref: ${{ env.REPO_GNU_REF }} - submodules: false - persist-credentials: false - - name: Override submodule URL and initialize submodules - # Use github instead of upstream git server - run: | - git submodule sync --recursive - git config submodule.gnulib.url https://github.com/coreutils/gnulib.git - git submodule update --init --recursive --depth 1 - working-directory: gnu - - + steps: #### Build environment setup - name: Install dependencies shell: bash @@ -129,80 +96,6 @@ jobs: echo $! > /tmp/qemu-smack.pid echo "QEMU started with PID $(cat /tmp/qemu-smack.pid)" - - name: Build GNU harness on host (uutils + GNU) - run: | - set -euo pipefail - - # Detect repo roots on host - if [ -d "$GITHUB_WORKSPACE/uutils/util" ]; then - UU_ROOT="$GITHUB_WORKSPACE/uutils" - else - echo "Could not find uutils repo root." - ls -R "$GITHUB_WORKSPACE" - exit 1 - fi - - if [ -d "$GITHUB_WORKSPACE/gnu" ]; then - GNU_ROOT="$GITHUB_WORKSPACE/gnu" - else - echo "Could not find gnu coreutils directory." - ls -R "$GITHUB_WORKSPACE" - exit 1 - fi - - echo "Host UU_ROOT=${UU_ROOT}" - echo "Host GNU_ROOT=${GNU_ROOT}" - - export path_UUTILS="$UU_ROOT" - export path_GNU="$GNU_ROOT" - - # Build uutils + GNU harness once on the host - # UU_MAKE_PROFILE selects Rust profile; keep it small but realistic - UU_MAKE_PROFILE=release-small \ - bash "$UU_ROOT/util/build-gnu.sh" - rm -rf "$UU_ROOT/.git - rm -rf "$UU_ROOT/target"/{debug,release}/incremental - rm -rf "$UU_ROOT/target"/{debug,release}/build - rm -rf "$UU_ROOT/target"/{debug,release}/.fingerprint - rm -rf "$UU_ROOT/target"/{debug,release}/deps - find "$UU_ROOT/target" -type f -name '*.rlib' -delete - cd "$BUILD_DIR" - - # List of binaries needed for the SMACK tests - KEEP_BINS=" - coreutils - id - mkdir - mknod - mkfifo - ls - cut - grep - cat - env - rm - chmod - " - - # Normalize to one-line, space-separated - KEEP_BINS_ONE_LINE="$(echo $KEEP_BINS)" - - for f in *; do - # Skip non-regular files (dirs, symlinks, etc.) - [ -f "$f" ] || continue - - case " $KEEP_BINS_ONE_LINE " in - *" $f "*) - # keep - ;; - *) - # delete everything else - rm -f -- "$f" - ;; - esac - done - - - name: Wait for SSH in guest run: | @@ -256,82 +149,7 @@ jobs: exit 1 - - name: Copy repo with built harness into guest - run: | - set -euo pipefail - - PORT_SSH=3333 - SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - - echo "GITHUB_WORKSPACE=$GITHUB_WORKSPACE" - echo "Host layout:" - ls -1 "$GITHUB_WORKSPACE" - - if [ -d "$GITHUB_WORKSPACE/util" ]; then - UU_ROOT="$GITHUB_WORKSPACE" - elif [ -d "$GITHUB_WORKSPACE/uutils/util" ]; then - UU_ROOT="$GITHUB_WORKSPACE/uutils" - else - echo "Could not find uutils repo root (no util/)." - ls -R "$GITHUB_WORKSPACE" - exit 1 - fi - - if [ -d "$GITHUB_WORKSPACE/gnu" ]; then - GNU_ROOT="$GITHUB_WORKSPACE/gnu" - elif [ -d "$UU_ROOT/../gnu" ]; then - GNU_ROOT="$(readlink -fm "$UU_ROOT/../gnu")" - else - echo "Could not find gnu coreutils directory." - ls -R "$GITHUB_WORKSPACE" - exit 1 - fi - - echo "Host UU_ROOT=$UU_ROOT" - echo "Host GNU_ROOT=$GNU_ROOT" - - echo "Copying uutils into guest at /root/uutils ..." - tar -C "$UU_ROOT" -cz . \ - | $SSH_BASE 'rm -rf /root/uutils && mkdir -p /root/uutils && cd /root/uutils && tar xz' - - echo "Copying GNU coreutils into guest at /root/gnu ..." - tar -C "$GNU_ROOT" -cz . \ - | $SSH_BASE 'rm -rf /root/gnu && mkdir -p /root/gnu && cd /root/gnu && tar xz' - - - name: Install make inside SMACK guest - run: | - set -euo pipefail - - PORT_SSH=3333 - SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - - echo "Installing make inside guest (needed for util/run-gnu-test.sh)..." - # redpesk is rpm-based and uses dnf - $SSH_BASE 'command -v dnf || { echo "dnf not found in guest"; exit 1; }' - $SSH_BASE 'dnf -y install make' - - echo "make in guest:" - $SSH_BASE 'command -v make && make --version | head -n1' - - - name: Prepare GNU harness inside guest - run: | - set -euo pipefail - - PORT_SSH=3333 - SSH_BASE="sshpass -p root ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -p $PORT_SSH root@localhost" - - # 1) Install build deps + curl inside redpesk - $SSH_BASE ' - set -euo pipefail - dnf -y install \ - gcc make autoconf automake libtool \ - gettext texinfo \ - gawk bison \ - pkg-config \ - git \ - curl - ' - name: Run SMACK GNU tests inside guest run: | set -euo pipefail @@ -345,14 +163,13 @@ jobs: echo "Running SMACK-related GNU tests (mkdir + id)..." set +e $SSH_BASE ' - set -e - cd /root/uutils - echo "In guest, PWD: $PWD" - ls util - bash util/run-gnu-test.sh \ - tests/mkdir/smack-no-root.sh \ - tests/mkdir/smack-root.sh \ - tests/id/smack.sh + c=arbitrary-smack-label + for cmd in 'mkdir dir' 'mknod b p' 'mkfifo f'; do + $cmd --context="$c" || { fail=1; continue; } + set -- $cmd + ls -dZ $2 > out || fail=1 + test "$(cut -f1 -d' ' out)" = "$c" || { cat out; fail=1; } + done ' RC=$? set -e From 6987a17ea6059580bf0905d1ba673c77f72fc549 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Thu, 4 Dec 2025 10:28:27 -0800 Subject: [PATCH 23/26] Modify QEMU settings and install coreutils Updated QEMU configuration and added installation of coreutils. --- .github/workflows/gnu-smack-tests.yml | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index a2aa358b742..f8dfb0623ae 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -79,14 +79,14 @@ jobs: qemu-system-x86_64 \ -machine accel=tcg \ + -accel tcg,thread=multi \ -drive file="$DISK_IMAGE",if=virtio,format=raw \ -m 2048 \ -smp 2 \ - -cpu Skylake-Client-v4 \ - -vga virtio \ + -cpu max \ + -display none -device virtio-rng-pci \ -serial mon:stdio \ - -serial null \ -net nic \ -net user,hostfwd=tcp::$PORT_SSH-:22 \ -bios "$OVMF" \ @@ -163,6 +163,8 @@ jobs: echo "Running SMACK-related GNU tests (mkdir + id)..." set +e $SSH_BASE ' + dnf -y install coreutils + mkdir --version c=arbitrary-smack-label for cmd in 'mkdir dir' 'mknod b p' 'mkfifo f'; do $cmd --context="$c" || { fail=1; continue; } From b2ffbfc7b7137aa97e5f050b100f4b2dfa55bd68 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Thu, 4 Dec 2025 10:30:30 -0800 Subject: [PATCH 24/26] Remove redundant machine acceleration option in QEMU --- .github/workflows/gnu-smack-tests.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index f8dfb0623ae..fb980f6be98 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -78,7 +78,6 @@ jobs: echo "Starting QEMU in TCG mode (no KVM)..." qemu-system-x86_64 \ - -machine accel=tcg \ -accel tcg,thread=multi \ -drive file="$DISK_IMAGE",if=virtio,format=raw \ -m 2048 \ From 6b642a20d24cf8911d2179d79a7fd29518dfec7d Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Thu, 4 Dec 2025 10:35:49 -0800 Subject: [PATCH 25/26] Update QEMU options in gnu-smack-tests.yml --- .github/workflows/gnu-smack-tests.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index fb980f6be98..4a6416a9e9b 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -78,20 +78,20 @@ jobs: echo "Starting QEMU in TCG mode (no KVM)..." qemu-system-x86_64 \ - -accel tcg,thread=multi \ + -machine accel=tcg \ -drive file="$DISK_IMAGE",if=virtio,format=raw \ -m 2048 \ -smp 2 \ - -cpu max \ - -display none + -cpu Skylake-Client-v4 \ + -vga virtio \ -device virtio-rng-pci \ -serial mon:stdio \ + -serial null \ -net nic \ -net user,hostfwd=tcp::$PORT_SSH-:22 \ -bios "$OVMF" \ -nographic \ > /tmp/qemu-smack.log 2>&1 & - echo $! > /tmp/qemu-smack.pid echo "QEMU started with PID $(cat /tmp/qemu-smack.pid)" From b47d5cb813bd06bdde0677c37ff7b362cbee53a8 Mon Sep 17 00:00:00 2001 From: Chris Dryden Date: Thu, 4 Dec 2025 10:44:48 -0800 Subject: [PATCH 26/26] Refactor SMACK GNU tests in workflow file Refactor SMACK-related GNU tests to use a bash heredoc for better readability and error handling. --- .github/workflows/gnu-smack-tests.yml | 32 +++++++++++++++------------ 1 file changed, 18 insertions(+), 14 deletions(-) diff --git a/.github/workflows/gnu-smack-tests.yml b/.github/workflows/gnu-smack-tests.yml index 4a6416a9e9b..4272198a2b1 100644 --- a/.github/workflows/gnu-smack-tests.yml +++ b/.github/workflows/gnu-smack-tests.yml @@ -161,20 +161,24 @@ jobs: echo "Running SMACK-related GNU tests (mkdir + id)..." set +e - $SSH_BASE ' - dnf -y install coreutils - mkdir --version - c=arbitrary-smack-label - for cmd in 'mkdir dir' 'mknod b p' 'mkfifo f'; do - $cmd --context="$c" || { fail=1; continue; } - set -- $cmd - ls -dZ $2 > out || fail=1 - test "$(cut -f1 -d' ' out)" = "$c" || { cat out; fail=1; } - done - ' - RC=$? - set -e - echo "SMACK GNU tests exit code: $RC" + $SSH_BASE 'bash -s' <<'EOF' + set -euo pipefail + dnf -y install coreutils + mkdir --version + + c=arbitrary-smack-label + fail=0 + + for cmd in 'mkdir dir' 'mknod b p' 'mkfifo f'; do + $cmd --context="$c" || { fail=1; continue; } + set -- $cmd + ls -dZ "$2" > out || fail=1 + test "$(cut -f1 -d' ' out)" = "$c" || { cat out; fail=1; } + done + + exit "$fail" + EOF + echo "SMACK GNU tests exit code: $?" echo "Shutting down QEMU..." if [ -f /tmp/qemu-smack.pid ]; then