system: Add CPU security mitigations dialog #11875
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This isn't supported by newer QEMU versions any more (as in Fedora 29). `check-networking-bridge TestNetworking.testBridge` was the only user of that. But as the second `add_iface()` call does not specify an existing VirtNetwork, this creates a new network anyway, and thus it's already an independent network. Cherry-picked from master commit 2615655.
This will allow us to use newer API such as `g_strv_contains()`. The oldest glib that we support is 2.56 (RHEL/CentOS 7), so this should be fine to bump. Drop g_type_init() calls, as they have been deprecated since glib 2.36. Cherry-picked from master commit 4cad596, so that the following cherry-pick works.
Most recent glib changes the hash table data structures, which changes iteration order. Stop making any assumptions about it, and instead compare items piecewise. https://bugzilla.redhat.com/show_bug.cgi?id=1666289 Cherry-picked from master commit 4d20f07.
|
Hmm, I did two backports to attempt to fix unit tests, but this will require a lot more to be able to build on Fedora 30. As we are not really interested in that for RHEL 8.0, I'm leaning towards ignoring the avocado/selenium tests here, and re-drop the glib bump and strv fix. I'll wait until the rhel-8-0 test finishes, though. |
Fix /http-stream/tls/authority-bad to supply a client certificate. Otherwise, glib-networking 2.59 (commit f72f792be8) would give an error "Server required TLS certificate" instead of "Unacceptable TLS certificate". The previous behaviour was arguably an error, as there was no client-side certificate in the first place. Cherry-picked from master commit 235715f.
`check-multi-machine TestMultiMachine.testTroubleshooting` and
`check-login TestLogin.testExpired` both test disabled/broken logins,
and thus can legitimately produce this message:
polkit-agent-helper-1: pam_authenticate failed: Authentication failure
Ignore these for these two tests.
Backported from master commit dcf5f7f.
…sible role Candlepin certificates are not located in /home/admin which is specified with candlepin_checkout variable in the ansible-role-candlepin. Cherry-picked from master commit dc0e9d2.
`TestAutoUpdates.testInstall` creates a fake dnf-automatic package that
ships dnf-automatic-install.timer without a corresponding .service. This
causes an unexpected journal message:
Job for dnf-automatic-install.timer failed.
To avoid that, let the timer start `-.mount` instead, which is always
present (and running, thus harmless).
Cherry-picked from master commit 605b837.
|
Some more backporteria, and I think I fixed the unit tests on Fedora 30 now. |
In latest Fedora 29, dbus.service got renamed to dbus-daemon.service. To keep the test running between RHEL/CentOS 7 and Fedora 29, move to dbus.service instead. Cherry-picked from master commit b6b5061.
|
Yet another backport to fully fix selenium. |
|
semaphore fail looks suspicious: avocado and rhel-8-0 both failed, but for both I am getting 404, which is weird. Avocado is most likely related to ee31728674e . |
|
@marusak: You can get the logs by moving from /log.html to /log. The HTML is a literal file with "404 not found", which is indeed confusing. The html wrapper doesn't work for backbranches just as it doesn't work for external projects -- yet another little thing to fix. I'll fix pyflakes/pep8 and avocado. I'll look at the testNegotiate failure, but I'll limit the time that I spend on it. testKdump is just a flake, it worked in a previous test run. |
When avocado starts its own browser it never closes it. Since avocado tests spawn this process and it does not get cleaned up, the main process holds stdout/err "busy" and therefore the test hangs indefinitely. Possibly related https://bugzilla.mindrot.org/show_bug.cgi?id=2071 Closes cockpit-project#11829
Seen in TestConnection.testBasic:
error shutting down io stream: Unable to shutdown socket: Transport endpoint is not connected
Closes cockpit-project#11725
Backported from upstream master.
Cherry-picked from master commits 16c7c8e, 2e82a20, and de2dc4f. https://bugzilla.redhat.com/show_bug.cgi?id=1678956 Closes cockpit-project#11875
larskarlitski
approved these changes
May 22, 2019
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Cherry-picked from master commits 16c7c8e, 2e82a20, and de2dc4f.
https://bugzilla.redhat.com/show_bug.cgi?id=1678956
(FIXME: use bug clone for 8.0.1)