Merge regression: fix test suite runs on older Ubuntu releases

This involves replacing `command -v` with `which` (again), since the `command` shell builtin isn't recognized by older versions of Make, as well as skipping tests that require the `linux/mount.h` header on older systems that lack it. Signed-off-by: Ryan Lee <ryan.lee@canonical.com> MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1578 Approved-by: Zygmunt Krynicki <me@zygoon.pl> Approved-by: John Johansen <john@jjmx.net> Merged-by: John Johansen <john@jjmx.net>
2025-08-22 10:07:12 +00:00 · 2025-03-22 01:06:48 +00:00 · 2025-03-22 01:06:48 +00:00 · 07eef2823f
commit 07eef2823f
parent eb5a4f8628 5edca7f64f
5 changed files with 31 additions and 8 deletions
--- a/.image-garden.mk
+++ b/.image-garden.mk
@ -79,6 +79,7 @@ packages:
 - python311
 - python311-devel
 - swig
+- which
 endef

 define FEDORA_CLOUD_INIT_USER_DATA_TEMPLATE
--- a/common/Make.rules
+++ b/common/Make.rules
@ -35,7 +35,7 @@ VERSION=$(shell cat $(COMMONDIR)/Version)
 pathsearch = $(firstword $(wildcard $(addsuffix /$(1),$(subst :, ,$(PATH)))))
 map = $(foreach a,$(2),$(call $(1),$(a)))

-AWK?=$(or $(shell command -v awk),$(error awk utility required for build but not available))
+AWK?=$(or $(shell which awk),$(error awk utility required for build but not available))

 define nl

--- a/tests/regression/apparmor/Makefile
+++ b/tests/regression/apparmor/Makefile
@ -27,7 +27,7 @@ manually, or build against in-tree libapparmor.${nl}\
  endif # LIBAPPARMOR not set
  LDLIBS += $(LIBAPPARMOR)

-  AA_EXEC = $(shell command -v aa-exec)
+  AA_EXEC = $(shell which aa-exec)
  ifeq ($(AA_EXEC),)
    AA_EXEC_ERROR_MESSAGE = $(error ${nl}\
 ************************************************************************${nl}\
@ -85,6 +85,9 @@ endif
 SYSCTL_INCLUDE="\#include <sys/sysctl.h>"
 USE_SYSCTL:=$(shell echo $(SYSCTL_INCLUDE) | cpp -dM >/dev/null 2>/dev/null && echo true)

+LINUX_MOUNT_INCLUDE="\#include <linux/mount.h>"
+HAVE_LINUX_MOUNT_H:=$(shell echo $(LINUX_MOUNT_INCLUDE) | cpp -dM >/dev/null 2>/dev/null && echo true)
+
 CFLAGS += -g -O0 $(EXTRA_WARNINGS)

 SRC=access.c \
@ -125,7 +128,6 @@ SRC=access.c \
    mmap.c \
    mkdir.c \
    mount.c \
-    move_mount.c \
    named_pipe.c \
    net_inet_rcv.c \
    net_inet_snd.c \
@ -174,6 +176,11 @@ ifneq (,$(findstring $(shell uname -i),i386 i486 i586 i686 x86 x86_64))
 SRC+=syscall_ioperm.c syscall_iopl.c
 endif

+#only do move_mount test if we have linux/mount.h
+ifeq ($(HAVE_LINUX_MOUNT_H),true)
+SRC+=move_mount.c
+endif
+
 #only do sysctl syscall test if defines installed and OR supported by the
 # kernel
 ifeq ($(USE_SYSCTL),true)
@ -181,7 +188,7 @@ SRC+=syscall_sysctl.c
 endif

 # Only do xattrs_profile test if we have the required setfattr binary
-ifneq (,$(shell command -v setfattr))
+ifneq (,$(shell which setfattr > /dev/null && echo TRUE))
 SRC+=xattrs_profile.c
 else
 $(warning ${nl}\
@ -192,7 +199,7 @@ Install attr or equivalent package to build and run this test${nl}\
 endif

 # Only do overlayfs_fuse test if we have the required fuse-overlayfs binary
-ifeq (,$(shell command -v fuse-overlayfs))
+ifeq (,$(shell which fuse-overlayfs > /dev/null && echo TRUE))
 $(warning ${nl}\
 ************************************************************************${nl}\
 No fuse-overlayfs skipping overlayfs_fuse tests ...${nl}\
@ -321,12 +328,12 @@ TESTS=aa_exec \
      nfs

 # Only do overlayfs_fuse test if we have the required fuse-overlayfs binary
-ifneq (,$(shell command -v fuse-overlayfs))
+ifneq (,$(shell which fuse-overlayfs > /dev/null && echo TRUE))
 TESTS+=overlayfs_fuse
 endif

 # Only do xattrs_profile test if we have the required setfattr binary
-ifneq (,$(shell command -v setfattr))
+ifneq (,$(shell which setfattr > /dev/null && echo TRUE))
 TESTS+=xattrs_profile
 endif

--- a/tests/regression/apparmor/complain.sh
+++ b/tests/regression/apparmor/complain.sh
@ -29,5 +29,5 @@ runchecktest "Complain mode profile (file exec no permission entry)" pass exec e

 # This test will fail on a kernel that doesn't have
 # https://lists.ubuntu.com/archives/apparmor/2024-August/013338.html applied
-genprofile -C $(command -v echo):cx
+genprofile -C $(which echo):cx
 runchecktest "Complain mode profile (file exec cx permission entry)" pass exec echo PASS
--- a/tests/regression/apparmor/mount.sh
+++ b/tests/regression/apparmor/mount.sh
@ -305,6 +305,11 @@ open_tree_tests() {
 	mnt_target=$2
 	fsname=$3
 	settest move_mount
+
+	if [ ! -f "$bin/move_mount" ]; then
+		echo "  WARNING: move_mount binary was not built, skipping open_tree_tests ..."
+		return
+	fi
 	# TODO: check for move_mount syscall support
 	# TODO: check that parser supports detached
 	# eg. move_mount tmpfs /tmp/move_mount_test tmpfs
@ -377,6 +382,11 @@ fsmount_tests() {
 	mnt_target=$2
 	fsname=$3
 	settest move_mount
+
+	if [ ! -f "$bin/move_mount" ]; then
+		echo "  WARNING: move_mount binary was not built, skipping fsmount_tests ..."
+		return
+	fi
 	# TODO: check for move_mount syscall support
 	# TODO: check that parser supports detached
 	# eg. move_mount tmpfs /tmp/move_mount_test tmpfs
@ -423,6 +433,11 @@ all_rule() {
 	runchecktest "MOUNT (confined allow all remount)" pass mount ${loop_device} ${mount_point} -o remount
 	remove_mnt

+	if [ ! -f "$bin/move_mount" ]; then
+		echo "  WARNING: move_mount binary was not built, skipping all_rule move_mount tests ..."
+		return
+	fi
+
 	settest move_mount
 	genprofile "all"