* [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix @ 2023-02-14 21:00 Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 Petr Vorel ` (4 more replies) 0 siblings, 5 replies; 12+ messages in thread From: Petr Vorel @ 2023-02-14 21:00 UTC (permalink / raw) To: linux-integrity Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Petr Vorel, Mimi Zohar Tested: https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 Petr Vorel (3): tests/install-swtpm.sh: Update ibmswtpm2 to 1682 github: travis: Remove COMPILE_SSL from tumbleweed github: Put openSSL build into own section .github/workflows/ci.yml | 8 ++++++-- .travis.yml | 2 +- tests/install-swtpm.sh | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) -- 2.39.1 ^ permalink raw reply [flat|nested] 12+ messages in thread
* [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel @ 2023-02-14 21:00 ` Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 2/3] github: travis: Remove COMPILE_SSL from tumbleweed Petr Vorel ` (3 subsequent siblings) 4 siblings, 0 replies; 12+ messages in thread From: Petr Vorel @ 2023-02-14 21:00 UTC (permalink / raw) To: linux-integrity Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Petr Vorel, Mimi Zohar, Petr Vorel From: Petr Vorel <petr.vorel@gmail.com> At least on Tumbleweed build fails due openSSL 3.0.7 being installed from package. Signed-off-by: Petr Vorel <pvorel@suse.cz> --- Tested: https://github.com/pevik/ima-evm-utils/actions/runs/4177940689 tests/install-swtpm.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/install-swtpm.sh b/tests/install-swtpm.sh index 51aa377..de9b5c7 100755 --- a/tests/install-swtpm.sh +++ b/tests/install-swtpm.sh @@ -9,7 +9,7 @@ else SUDO=sudo fi -version=1637 +version=1682 wget --no-check-certificate https://sourceforge.net/projects/ibmswtpm2/files/ibmtpm${version}.tar.gz/download mkdir ibmtpm$version -- 2.39.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH ima-evm-utils 2/3] github: travis: Remove COMPILE_SSL from tumbleweed 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 Petr Vorel @ 2023-02-14 21:00 ` Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 3/3] github: Put openSSL build into own section Petr Vorel ` (2 subsequent siblings) 4 siblings, 0 replies; 12+ messages in thread From: Petr Vorel @ 2023-02-14 21:00 UTC (permalink / raw) To: linux-integrity Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Petr Vorel, Mimi Zohar, Petr Vorel From: Petr Vorel <petr.vorel@gmail.com> Distro has openSSL 3.0.7, no need to compile own openSSL 3.x. Signed-off-by: Petr Vorel <pvorel@suse.cz> --- Tested: https://github.com/pevik/ima-evm-utils/actions/runs/4177949788 .github/workflows/ci.yml | 1 - .travis.yml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 8b1eda8..c76c70a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -124,7 +124,6 @@ jobs: env: CC: clang TSS: ibmtss - COMPILE_SSL: openssl-3.0.5 - container: "opensuse/leap" env: diff --git a/.travis.yml b/.travis.yml index faaa4b5..00e9285 100644 --- a/.travis.yml +++ b/.travis.yml @@ -32,7 +32,7 @@ matrix: # glibc (gcc/clang) - os: linux - env: DISTRO=opensuse/tumbleweed TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host" COMPILE_SSL=openssl-3.0.5 + env: DISTRO=opensuse/tumbleweed TSS=ibmtss CONTAINER=podman CONTAINER_ARGS="--runtime=/usr/bin/crun --network=host" compiler: clang - os: linux -- 2.39.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* [PATCH ima-evm-utils 3/3] github: Put openSSL build into own section 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 2/3] github: travis: Remove COMPILE_SSL from tumbleweed Petr Vorel @ 2023-02-14 21:00 ` Petr Vorel 2023-02-14 21:01 ` [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel 2023-02-15 22:44 ` Petr Vorel 4 siblings, 0 replies; 12+ messages in thread From: Petr Vorel @ 2023-02-14 21:00 UTC (permalink / raw) To: linux-integrity Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Petr Vorel, Mimi Zohar, Petr Vorel From: Petr Vorel <petr.vorel@gmail.com> That helps readability when reviewing logs. Signed-off-by: Petr Vorel <pvorel@suse.cz> --- Tested: https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 .github/workflows/ci.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c76c70a..e3dcf3d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -192,7 +192,12 @@ jobs: INSTALL="${INSTALL%%/*}" if [ "$VARIANT" ]; then ARCH="$ARCH" ./ci/$INSTALL.$VARIANT.sh; fi ARCH="$ARCH" CC="$CC" TSS="$TSS" ./ci/$INSTALL.sh - if [ "$COMPILE_SSL" ]; then COMPILE_SSL="$COMPILE_SSL" VARIANT="$VARIANT" ./tests/install-openssl3.sh; fi + + - name: Build openSSL + run: | + if [ "$COMPILE_SSL" ]; then + COMPILE_SSL="$COMPILE_SSL" VARIANT="$VARIANT" ./tests/install-openssl3.sh; \ + fi - name: Build swtpm run: | -- 2.39.1 ^ permalink raw reply related [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel ` (2 preceding siblings ...) 2023-02-14 21:00 ` [PATCH ima-evm-utils 3/3] github: Put openSSL build into own section Petr Vorel @ 2023-02-14 21:01 ` Petr Vorel 2023-02-15 23:00 ` Mimi Zohar 2023-02-15 22:44 ` Petr Vorel 4 siblings, 1 reply; 12+ messages in thread From: Petr Vorel @ 2023-02-14 21:01 UTC (permalink / raw) To: linux-integrity; +Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Mimi Zohar > Tested: > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 NOTE: I cannot test this on Travis. Kind regards, Petr > Petr Vorel (3): > tests/install-swtpm.sh: Update ibmswtpm2 to 1682 > github: travis: Remove COMPILE_SSL from tumbleweed > github: Put openSSL build into own section > .github/workflows/ci.yml | 8 ++++++-- > .travis.yml | 2 +- > tests/install-swtpm.sh | 2 +- > 3 files changed, 8 insertions(+), 4 deletions(-) ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-14 21:01 ` [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel @ 2023-02-15 23:00 ` Mimi Zohar 0 siblings, 0 replies; 12+ messages in thread From: Mimi Zohar @ 2023-02-15 23:00 UTC (permalink / raw) To: Petr Vorel, linux-integrity; +Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu Hi Petr, On Tue, 2023-02-14 at 22:01 +0100, Petr Vorel wrote: > > Tested: > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > NOTE: I cannot test this on Travis. Thanks, it works on Travis. -- Mimi ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel ` (3 preceding siblings ...) 2023-02-14 21:01 ` [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel @ 2023-02-15 22:44 ` Petr Vorel 2023-02-15 23:19 ` Mimi Zohar 4 siblings, 1 reply; 12+ messages in thread From: Petr Vorel @ 2023-02-15 22:44 UTC (permalink / raw) To: linux-integrity; +Cc: dmitry.kasatkin, vt, stefanb, Roberto Sassu, Mimi Zohar Hi Mimi, > Tested: > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 Thanks for merging this. My test was working: https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 But the same code now fails for Fedora. I wonder what exactly is wrong now: https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 FAIL: fsverity ============== which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) dd is /usr/bin/dd mkfs is /usr/sbin/mkfs blkid is /usr/sbin/blkid e2fsck is /usr/sbin/e2fsck tune2fs is /usr/sbin/tune2fs evmctl is ../src/evmctl setfattr is /usr/bin/setfattr ./functions.sh: line 90: ../linux: No such file or directory ================================= Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup To stop after first failure ================================= PASS: 0 SKIP: 0 FAIL: 1 FAIL fsverity.test (exit status: 1) FAIL: portable_signatures ========================= evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl ./functions.sh: line 90: ../linux: No such file or directory ./functions.sh: line 90: ../linux: No such file or directory Kind regards, Petr > Petr Vorel (3): > tests/install-swtpm.sh: Update ibmswtpm2 to 1682 > github: travis: Remove COMPILE_SSL from tumbleweed > github: Put openSSL build into own section > .github/workflows/ci.yml | 8 ++++++-- > .travis.yml | 2 +- > tests/install-swtpm.sh | 2 +- > 3 files changed, 8 insertions(+), 4 deletions(-) ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-15 22:44 ` Petr Vorel @ 2023-02-15 23:19 ` Mimi Zohar 2023-02-16 8:16 ` Roberto Sassu 0 siblings, 1 reply; 12+ messages in thread From: Mimi Zohar @ 2023-02-15 23:19 UTC (permalink / raw) To: Petr Vorel, linux-integrity, Roberto Sassu; +Cc: dmitry.kasatkin, vt, stefanb Hi Petr, On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote: > Hi Mimi, > > > Tested: > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > Thanks for merging this. I actually pushed out the patches to "next-testing" to make sure it works. In doing so, I dropped a couple of Roberto's patches, which aren't quite ready and one of mine as well. In general, I'm not sure pushing patches out to "next-integrity" should be considered "merging" quite yet. In this case, your patches are fine. (Perhaps there needs to be a better work flow.) > > My test was working: > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 Yes, I saw. > > But the same code now fails for Fedora. > I wonder what exactly is wrong now: > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 The UML kernel built properly, but for some reason the fsverity and portable_signature tests aren't finding it. > > FAIL: fsverity > ============== > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) > dd is /usr/bin/dd > mkfs is /usr/sbin/mkfs > blkid is /usr/sbin/blkid > e2fsck is /usr/sbin/e2fsck > tune2fs is /usr/sbin/tune2fs > evmctl is ../src/evmctl > setfattr is /usr/bin/setfattr > ./functions.sh: line 90: ../linux: No such file or directory > ================================= > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup > To stop after first failure > ================================= > PASS: 0 SKIP: 0 FAIL: 1 > > FAIL fsverity.test (exit status: 1) > > FAIL: portable_signatures > ========================= > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl > ./functions.sh: line 90: ../linux: No such file or directory > ./functions.sh: line 90: ../linux: No such file or directory -- Mimi ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-15 23:19 ` Mimi Zohar @ 2023-02-16 8:16 ` Roberto Sassu 2023-02-16 15:29 ` Mimi Zohar 0 siblings, 1 reply; 12+ messages in thread From: Roberto Sassu @ 2023-02-16 8:16 UTC (permalink / raw) To: Mimi Zohar, Petr Vorel, linux-integrity, Roberto Sassu Cc: dmitry.kasatkin, vt, stefanb On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote: > Hi Petr, > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote: > > Hi Mimi, > > > > > Tested: > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > > > Thanks for merging this. > > I actually pushed out the patches to "next-testing" to make sure it > works. In doing so, I dropped a couple of Roberto's patches, which > aren't quite ready and one of mine as well. In general, I'm not sure > pushing patches out to "next-integrity" should be considered "merging" > quite yet. In this case, your patches are fine. (Perhaps there needs > to be a better work flow.) > > > My test was working: > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 > > Yes, I saw. > > > But the same code now fails for Fedora. > > I wonder what exactly is wrong now: > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 > > The UML kernel built properly, but for some reason the fsverity and > portable_signature tests aren't finding it. It could be this (in the logs): There exist one or more cache(s) with similar key but they have different version or scope. I would try: enableCrossOsArchive: true after: uses: actions/cache@v3 with: path: key: for every step using the cache. Cache version is a hash generated for a combination of compression tool used (Gzip, Zstd, etc. based on the runner OS) and the path of directories being cached. Maybe there was some change from the time the kernel and signing key were cached. Roberto > > FAIL: fsverity > > ============== > > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) > > dd is /usr/bin/dd > > mkfs is /usr/sbin/mkfs > > blkid is /usr/sbin/blkid > > e2fsck is /usr/sbin/e2fsck > > tune2fs is /usr/sbin/tune2fs > > evmctl is ../src/evmctl > > setfattr is /usr/bin/setfattr > > ./functions.sh: line 90: ../linux: No such file or directory > > ================================= > > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup > > To stop after first failure > > ================================= > > PASS: 0 SKIP: 0 FAIL: 1 > > > > FAIL fsverity.test (exit status: 1) > > > > FAIL: portable_signatures > > ========================= > > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl > > ./functions.sh: line 90: ../linux: No such file or directory > > ./functions.sh: line 90: ../linux: No such file or directory ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-16 8:16 ` Roberto Sassu @ 2023-02-16 15:29 ` Mimi Zohar 2023-02-20 13:17 ` Mimi Zohar 0 siblings, 1 reply; 12+ messages in thread From: Mimi Zohar @ 2023-02-16 15:29 UTC (permalink / raw) To: Roberto Sassu, Petr Vorel, linux-integrity, Roberto Sassu Cc: dmitry.kasatkin, vt, stefanb On Thu, 2023-02-16 at 09:16 +0100, Roberto Sassu wrote: > On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote: > > Hi Petr, > > > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote: > > > Hi Mimi, > > > > > > > Tested: > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > > > > > Thanks for merging this. > > > > I actually pushed out the patches to "next-testing" to make sure it > > works. In doing so, I dropped a couple of Roberto's patches, which > > aren't quite ready and one of mine as well. In general, I'm not sure > > pushing patches out to "next-integrity" should be considered "merging" > > quite yet. In this case, your patches are fine. (Perhaps there needs > > to be a better work flow.) > > > > > My test was working: > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 > > > > Yes, I saw. > > > > > But the same code now fails for Fedora. > > > I wonder what exactly is wrong now: > > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 > > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 > > > > The UML kernel built properly, but for some reason the fsverity and > > portable_signature tests aren't finding it. > > It could be this (in the logs): > > There exist one or more cache(s) with similar key but they have > different version or scope. > > I would try: > > enableCrossOsArchive: true > > after: > > uses: actions/cache@v3 > with: > path: > key: > > for every step using the cache. > > Cache version is a hash generated for a combination of compression tool > used (Gzip, Zstd, etc. based on the runner OS) and the path of > directories being cached. > > Maybe there was some change from the time the kernel and signing key > were cached. Adding "enableCrossOsArchive: true" didn't help, nor did clearing the cache. Mimi > > > > FAIL: fsverity > > > ============== > > > > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) > > > dd is /usr/bin/dd > > > mkfs is /usr/sbin/mkfs > > > blkid is /usr/sbin/blkid > > > e2fsck is /usr/sbin/e2fsck > > > tune2fs is /usr/sbin/tune2fs > > > evmctl is ../src/evmctl > > > setfattr is /usr/bin/setfattr > > > ./functions.sh: line 90: ../linux: No such file or directory > > > ================================= > > > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup > > > To stop after first failure > > > ================================= > > > PASS: 0 SKIP: 0 FAIL: 1 > > > > > > FAIL fsverity.test (exit status: 1) > > > > > > FAIL: portable_signatures > > > ========================= > > > > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl > > > ./functions.sh: line 90: ../linux: No such file or directory > > > ./functions.sh: line 90: ../linux: No such file or directory > ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-16 15:29 ` Mimi Zohar @ 2023-02-20 13:17 ` Mimi Zohar 2023-02-20 13:26 ` Roberto Sassu 0 siblings, 1 reply; 12+ messages in thread From: Mimi Zohar @ 2023-02-20 13:17 UTC (permalink / raw) To: Roberto Sassu, Petr Vorel, linux-integrity, Roberto Sassu Cc: dmitry.kasatkin, vt, stefanb On Thu, 2023-02-16 at 10:29 -0500, Mimi Zohar wrote: > On Thu, 2023-02-16 at 09:16 +0100, Roberto Sassu wrote: > > On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote: > > > Hi Petr, > > > > > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote: > > > > Hi Mimi, > > > > > > > > > Tested: > > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > > > > > > > Thanks for merging this. > > > > > > I actually pushed out the patches to "next-testing" to make sure it > > > works. In doing so, I dropped a couple of Roberto's patches, which > > > aren't quite ready and one of mine as well. In general, I'm not sure > > > pushing patches out to "next-integrity" should be considered "merging" > > > quite yet. In this case, your patches are fine. (Perhaps there needs > > > to be a better work flow.) > > > > > > > My test was working: > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 > > > > > > Yes, I saw. > > > > > > > But the same code now fails for Fedora. > > > > I wonder what exactly is wrong now: > > > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 > > > > > > The UML kernel built properly, but for some reason the fsverity and > > > portable_signature tests aren't finding it. > > > > It could be this (in the logs): > > > > There exist one or more cache(s) with similar key but they have > > different version or scope. > > > > I would try: > > > > enableCrossOsArchive: true > > > > after: > > > > uses: actions/cache@v3 > > with: > > path: > > key: > > > > for every step using the cache. > > > > Cache version is a hash generated for a combination of compression tool > > used (Gzip, Zstd, etc. based on the runner OS) and the path of > > directories being cached. > > > > Maybe there was some change from the time the kernel and signing key > > were cached. > > Adding "enableCrossOsArchive: true" didn't help, nor did clearing the > cache. FYI, with a clean cache, but without any changes, this seems to be working now. > > > > > > > > FAIL: fsverity > > > > ============== > > > > > > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) > > > > dd is /usr/bin/dd > > > > mkfs is /usr/sbin/mkfs > > > > blkid is /usr/sbin/blkid > > > > e2fsck is /usr/sbin/e2fsck > > > > tune2fs is /usr/sbin/tune2fs > > > > evmctl is ../src/evmctl > > > > setfattr is /usr/bin/setfattr > > > > ./functions.sh: line 90: ../linux: No such file or directory > > > > ================================= > > > > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup > > > > To stop after first failure > > > > ================================= > > > > PASS: 0 SKIP: 0 FAIL: 1 > > > > > > > > FAIL fsverity.test (exit status: 1) > > > > > > > > FAIL: portable_signatures > > > > ========================= > > > > > > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl > > > > ./functions.sh: line 90: ../linux: No such file or directory > > > > ./functions.sh: line 90: ../linux: No such file or directory > > > > ^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix 2023-02-20 13:17 ` Mimi Zohar @ 2023-02-20 13:26 ` Roberto Sassu 0 siblings, 0 replies; 12+ messages in thread From: Roberto Sassu @ 2023-02-20 13:26 UTC (permalink / raw) To: Mimi Zohar, Petr Vorel, linux-integrity, Roberto Sassu Cc: dmitry.kasatkin, vt, stefanb On Mon, 2023-02-20 at 08:17 -0500, Mimi Zohar wrote: > On Thu, 2023-02-16 at 10:29 -0500, Mimi Zohar wrote: > > On Thu, 2023-02-16 at 09:16 +0100, Roberto Sassu wrote: > > > On Wed, 2023-02-15 at 18:19 -0500, Mimi Zohar wrote: > > > > Hi Petr, > > > > > > > > On Wed, 2023-02-15 at 23:44 +0100, Petr Vorel wrote: > > > > > Hi Mimi, > > > > > > > > > > > Tested: > > > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359/jobs/7236222413 > > > > > > > > > > Thanks for merging this. > > > > > > > > I actually pushed out the patches to "next-testing" to make sure it > > > > works. In doing so, I dropped a couple of Roberto's patches, which > > > > aren't quite ready and one of mine as well. In general, I'm not sure > > > > pushing patches out to "next-integrity" should be considered "merging" > > > > quite yet. In this case, your patches are fine. (Perhaps there needs > > > > to be a better work flow.) > > > > > > > > > My test was working: > > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4177976359 > > > > > > > > Yes, I saw. > > > > > > > > > But the same code now fails for Fedora. > > > > > I wonder what exactly is wrong now: > > > > > https://github.com/mimizohar/ima-evm-utils/actions/runs/4188686859/jobs/7260231106 > > > > > https://github.com/pevik/ima-evm-utils/actions/runs/4188761663/jobs/7260289846 > > > > > > > > The UML kernel built properly, but for some reason the fsverity and > > > > portable_signature tests aren't finding it. > > > > > > It could be this (in the logs): > > > > > > There exist one or more cache(s) with similar key but they have > > > different version or scope. > > > > > > I would try: > > > > > > enableCrossOsArchive: true > > > > > > after: > > > > > > uses: actions/cache@v3 > > > with: > > > path: > > > key: > > > > > > for every step using the cache. > > > > > > Cache version is a hash generated for a combination of compression tool > > > used (Gzip, Zstd, etc. based on the runner OS) and the path of > > > directories being cached. > > > > > > Maybe there was some change from the time the kernel and signing key > > > were cached. > > > > Adding "enableCrossOsArchive: true" didn't help, nor did clearing the > > cache. > > FYI, with a clean cache, but without any changes, this seems to be > working now. Thanks. I expected that. However, we would need to fix it (once I get some time). Roberto > > > > > > > FAIL: fsverity > > > > > ============== > > > > > > > > > > which: no fsverity in (../src:../fsverity-utils:/github/home/ima-evm-utils-install/bin:/usr/local/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin) > > > > > dd is /usr/bin/dd > > > > > mkfs is /usr/sbin/mkfs > > > > > blkid is /usr/sbin/blkid > > > > > e2fsck is /usr/sbin/e2fsck > > > > > tune2fs is /usr/sbin/tune2fs > > > > > evmctl is ../src/evmctl > > > > > setfattr is /usr/bin/setfattr > > > > > ./functions.sh: line 90: ../linux: No such file or directory > > > > > ================================= > > > > > Run with FAILEARLY=1 ./fsverity.test _cleanup_env cleanup > > > > > To stop after first failure > > > > > ================================= > > > > > PASS: 0 SKIP: 0 FAIL: 1 > > > > > > > > > > FAIL fsverity.test (exit status: 1) > > > > > > > > > > FAIL: portable_signatures > > > > > ========================= > > > > > > > > > > evmctl is /__w/ima-evm-utils/ima-evm-utils/tests/../src/evmctl > > > > > ./functions.sh: line 90: ../linux: No such file or directory > > > > > ./functions.sh: line 90: ../linux: No such file or directory ^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2023-02-20 13:26 UTC | newest] Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2023-02-14 21:00 [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 1/3] tests/install-swtpm.sh: Update ibmswtpm2 to 1682 Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 2/3] github: travis: Remove COMPILE_SSL from tumbleweed Petr Vorel 2023-02-14 21:00 ` [PATCH ima-evm-utils 3/3] github: Put openSSL build into own section Petr Vorel 2023-02-14 21:01 ` [PATCH ima-evm-utils 0/3] CI: Tumbleweed openSSL fix Petr Vorel 2023-02-15 23:00 ` Mimi Zohar 2023-02-15 22:44 ` Petr Vorel 2023-02-15 23:19 ` Mimi Zohar 2023-02-16 8:16 ` Roberto Sassu 2023-02-16 15:29 ` Mimi Zohar 2023-02-20 13:17 ` Mimi Zohar 2023-02-20 13:26 ` Roberto Sassu
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.