test: mask tmpfiles.d file shipped by selinux policy package in containers

This tmpfiles.d wants to write to sysfs, which is read-only in containers,
so systemd-tmpfiles --create fails in TEST-22-TMPFILES when ran in nspawn
if the selinux policy package is instealled. Mask it, as it's not our
config file, we don't need it in the test.

(cherry picked from commit 6fd3496cfd0d28808b5489ee87f826c2130f5f0b)

diff --git a/test/units/TEST-22-TMPFILES.sh b/test/units/TEST-22-TMPFILES.sh
index 9c2a033aa98d17ce1517bf42cf30c31c187ab0ea..85109a1ad5d72d1ac513fc91ccc0ef2a677419af 100755 (executable)
--- a/test/units/TEST-22-TMPFILES.sh
+++ b/test/units/TEST-22-TMPFILES.sh
@@ -6,6 +6,14 @@ set -o pipefail
 # shellcheck source=test/units/test-control.sh
 . "$(dirname "$0")"/test-control.sh
 
+if systemd-detect-virt --quiet --container; then
+    # This comes from the selinux package and tries to write
+    # some files under sysfs, which will be read-only in a container,
+    # so mask it. It's not our tmpfiles.d file anyway.
+    mkdir -p /run/tmpfiles.d/
+    ln -s /dev/null /run/tmpfiles.d/selinux-policy.conf
+fi
+
 run_subtests
 
 touch /testok