apparmor: fix service start failure due to StartLimitBurst
Since the setUp for each of the ApparmorTest tests tries to start
the apparmor service using systemctl, the StartLimitBurst and
StartLimitIntervalSec is quickly reached, leading to the following
failures:
Jan 11 21:05:42 ubuntu systemd[1]: apparmor.service: Start request repeated too quickly.
Jan 11 21:05:42 ubuntu systemd[1]: apparmor.service: Failed with result 'start-limit-hit'.
Jan 11 21:05:42 ubuntu systemd[1]: Failed to start Load AppArmor profiles.
This patch uses "reset-failed" to reset the start rate limit counter
to zero.
The earliest release we're going to publish openjdk updates for is
xenial, so this really ought to be converted to python3, but the
dependencies involved need to be fixed up.
Signed-off-by: Steve Beattie <email address hidden>
The test for CVE-2021-3800 is checking for the output of pkexec binary
(from policykit-1 package) to validate if GLib is patched correctly.
With a crafted charset alias, it should not print GLib errors.
test-docker.io.py: merge added CVE-2021-41092 regression test
* tests/dockerio-cve-2021-41092:
Replace shell /etc/hosts modification with testlib.config_replace()
Ensure certificate is added and add registry host to daemon.json conf
Update to dynamically generate cert/key each test run
Add python3-pexpect to QRT dependencies
Add test for CVE-2021-41092
[sbeattie - fixed up a couple of issues with the following commits:
test-docker.io.py: use ssl.PROTOCOL_TLSv1_2 in xenial and older
test-docker.io.py: fix QRT-Packages separator
and added to silence deprecation warnings:
test-docker.io.py: use testunit.assertRegex instead of assertRegexpMatches
]