Merge remote-tracking branch 'origin/master' into security_proposal

dzedro · Feb 22, 2021 · e57f4eb · e57f4eb
2 parents 4549640 + dfd4755
commit e57f4eb
Show file tree

Hide file tree

Showing 10 changed files with 325 additions and 126 deletions.
diff --git a/doc/control-file.md b/doc/control-file.md
diff --git a/package/yast2-installation.changes b/package/yast2-installation.changes
@@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Thu Feb 18 21:34:23 UTC 2021 - Josef Reidinger <[email protected]>
+
+- Adapted unit test to recent changes in Yast::Report (related to
+  bsc#1179893).
+- 4.3.26
+
+-------------------------------------------------------------------
+Wed Feb 10 08:01:33 UTC 2021 - Imobach Gonzalez Sosa <[email protected]>
+
+- Do not crash when it is not possible to create a snapshot after
+  installing or upgrading the system (bsc#1180142).
+- 4.3.25
+
 -------------------------------------------------------------------
 Mon Dec  7 09:27:38 UTC 2020 - Ladislav Slezák <[email protected]>
 

diff --git a/package/yast2-installation.spec b/package/yast2-installation.spec
@@ -16,7 +16,7 @@
 #
 
 Name:           yast2-installation
-Version:        4.3.24
+Version:        4.3.26
 Release:        0
 Group:          System/YaST
 License:        GPL-2.0-only
@@ -35,8 +35,8 @@ BuildRequires:  yast2-ruby-bindings >= 4.0.6
 BuildRequires:  yast2-xml
 BuildRequires:  rubygem(%{rb_default_ruby_abi}:rspec)
 BuildRequires:  rubygem(%{rb_default_ruby_abi}:yast-rake)
-# Yast::OSRelease.ReleaseVersionHumanReadable
-BuildRequires:  yast2 >= 4.2.56
+# Yast2::FsSnapshotStore::IOError
+BuildRequires:  yast2 >= 4.3.53
 # Y2Packager::MediumType
 BuildRequires:  yast2-packager >= 4.2.27
 # CIOIgnore
@@ -78,8 +78,8 @@ Requires:       yast2-proxy
 # Systemd default target and services. This version supports
 # writing settings in the first installation stage.
 Requires:       yast2-services-manager >= 3.2.1
-# UI::Wizards::Layout
-Requires:       yast2 >= 4.3.16
+# Yast2::FsSnapshotStore::IOError
+Requires:       yast2 >= 4.3.53
 # Y2Network::NtpServer
 Requires:       yast2-network >= 4.2.55
 # for AbortException and handle direct abort

diff --git a/src/lib/installation/dialogs/security.rb b/src/lib/installation/dialogs/security.rb
@@ -104,23 +104,23 @@ def selinux_configurable?
 
       def firewall_frame
         frame(
-            _("Firewall and SSH service"),
-            Y2Firewall::Widgets::FirewallSSHProposal.new(@settings)
-          )
+          _("Firewall and SSH service"),
+          Y2Firewall::Widgets::FirewallSSHProposal.new(@settings)
+        )
       end
 
       def polkit_frame
         frame(
-            _("PolicyKit),
-            PolkitDefaultPriv.new(@settings)
-          )
+          _("PolicyKit"),
+          PolkitDefaultPriv.new(@settings)
+        )
       end
 
       def cpu_frame
         frame(
-            _("CPU),
-::Bootloader::Grub2Widget::CpuMitigationsWidget.new)
-          )
+          _("CPU"),
+          ::Bootloader::CpuMitigationsWidget.new
+        )
       end
 
       def selinux_frame
@@ -131,7 +131,8 @@ def selinux_frame
       end
 
       def frame(label, widget)
-Left(Frame(
+        Left(
+          Frame(
             label,
             HSquash(
               MarginBox(
@@ -140,7 +141,8 @@ def frame(label, widget)
                 widget
               )
             )
-          ))
+          )
+        )
       end
     end
 

diff --git a/src/lib/installation/security_settings.rb b/src/lib/installation/security_settings.rb
@@ -40,6 +40,8 @@ class SecuritySettings
     # [String, nil] Setting for policy kit default priviledges
     # For more info see /etc/sysconfig/security#POLKIT_DEFAULT_PRIVS
     attr_accessor :polkit_default_proviledges
+    # [Y2Security::Selinux] selinux configuration
+    attr_accessor :selinux_config
 
     # Constructor
     def initialize
@@ -152,6 +154,15 @@ def human_polkit_priviledges
       }
     end
 
+    # Returns a SELinux configuration handler
+    #
+    # @return [Y2Security::Selinux] the SELinux config handler
+    def selinux_config
+      require "y2security/selinux"
+
+      @selinux_config ||= Y2Security::Selinux.new
+    end
+
   private
 
     def load_feature(feature, to, source: global_section)

diff --git a/src/lib/installation/snapshots_finish.rb b/src/lib/installation/snapshots_finish.rb
@@ -12,6 +12,7 @@ def initialize
 
       Yast.import "Mode"
       Yast.import "InstFunctions"
+      Yast.import "Report"
       Yast.include self, "installation/misc.rb"
     end
 
@@ -52,12 +53,20 @@ def create_post_snapshot
       Yast2::FsSnapshot.create_post("after update", pre_number, cleanup: :number, important: true)
       Yast2::FsSnapshotStore.clean("update")
       true
+    rescue Yast2::SnapshotCreationFailed, Yast2::FsSnapshotStore::IOError => error
+      log.error("Error creating a post-update snapshot: #{error}")
+      Yast::Report.Error(_("Could not create a post-update snapshot."))
+      false
     end
 
     def create_single_snapshot
       # as of bsc #1092757 snapshot descriptions are not translated
       Yast2::FsSnapshot.create_single("after installation", cleanup: :number, important: true)
       true
+    rescue Yast2::SnapshotCreationFailed => error
+      log.error("Error creating a post-installation snapshot: #{error}")
+      Yast::Report.Error(_("Could not create a post-installation snapshot."))
+      false
     end
 
     def snapper_config

diff --git a/test/cio_ignore_test.rb b/test/cio_ignore_test.rb
@@ -4,7 +4,13 @@
 
 require "installation/cio_ignore"
 
+Yast.import "Bootloader"
+
 describe ::Installation::CIOIgnore do
+  before do
+    allow(Yast::Bootloader).to receive(:kernel_param).with(:common, "rd.zdev")
+  end
+
   describe "cio_ignore enable/disable" do
     it "take AutoYaST cio_ignore setting" do
       allow(Yast::Mode).to receive(:autoinst).and_return(true)
@@ -27,6 +33,7 @@
   subject { ::Installation::CIOIgnoreProposal.new }
 
   before(:each) do
+    allow(Yast::Bootloader).to receive(:kernel_param).with(:common, "rd.zdev")
     ::Installation::CIOIgnore.instance.reset
   end
 

diff --git a/test/image_installation_test.rb b/test/image_installation_test.rb
@@ -79,8 +79,9 @@
       expect(subject.FindImageSet([])).to eq true
     end
 
-    it "returns false if xml is not valid" do
+    it "returns false and reports error if xml is not valid" do
       allow(Yast::XML).to receive(:XMLToYCPFile).and_raise(Yast::XMLDeserializationError)
+      expect(Yast::Report).to receive(:Error)
 
       expect(subject.FindImageSet([])).to eq false
     end

diff --git a/test/inst_update_installer_test.rb b/test/inst_update_installer_test.rb
@@ -147,7 +147,7 @@
 
       context "when the update cannot be fetched from a user defined repository" do
         it "shows an error and returns :next" do
-          expect(Yast::Popup).to receive(:Error)
+          expect(Yast::Report).to receive(:Error)
           expect(manager).to receive(:add_repository)
             .and_raise(::Installation::UpdatesManager::CouldNotFetchUpdateFromRepo)
           expect(subject.main).to eq(:next)

diff --git a/test/snapshots_finish_test.rb b/test/snapshots_finish_test.rb
@@ -98,14 +98,30 @@
         context "when updating" do
           before do
             allow(Yast::Mode).to receive(:update).and_return(true)
+            allow(Yast2::FsSnapshotStore).to receive(:load).with("update").and_return(1)
+            allow(Yast2::FsSnapshotStore).to receive(:clean).with("update")
           end
 
           it "creates a snapshot of type 'post' with 'after update' as description and paired with 'pre' snapshot" do
-            expect(Yast2::FsSnapshotStore).to receive(:load).with("update").and_return(1)
-            expect(Yast2::FsSnapshotStore).to receive(:clean).with("update")
             expect(Yast2::FsSnapshot).to receive(:create_post).with("after update", 1, cleanup: :number, important: true).and_return(true)
             expect(subject.write).to eq(true)
           end
+
+          context "and could not create the snapshot" do
+            before do
+              allow(Yast2::FsSnapshot).to receive(:create_post).and_raise(Yast2::SnapshotCreationFailed)
+              allow(Yast::Report).to receive(:Error)
+            end
+
+            it "returns false" do
+              expect(subject.write).to eq(false)
+            end
+
+            it "reports the problem to the user" do
+              expect(Yast::Report).to receive(:Error).with(/snapshot/)
+              subject.write
+            end
+          end
         end
 
         context "when installing" do
@@ -117,6 +133,22 @@
             expect(Yast2::FsSnapshot).to receive(:create_single).with("after installation", cleanup: :number, important: true).and_return(true)
             expect(subject.write).to eq(true)
           end
+
+          context "and could not create the snapshot" do
+            before do
+              allow(Yast2::FsSnapshot).to receive(:create_single).and_raise(Yast2::SnapshotCreationFailed)
+              allow(Yast::Report).to receive(:Error)
+            end
+
+            it "returns false" do
+              expect(subject.write).to eq(false)
+            end
+
+            it "reports the problem to the user" do
+              expect(Yast::Report).to receive(:Error).with(/snapshot/)
+              subject.write
+            end
+          end
         end
       end