From de52680affdfc55be15cf3a99a01d14ee421b4bc Mon Sep 17 00:00:00 2001
From: Martin Pitt <mpitt@redhat.com>
Date: Tue, 14 Jan 2025 13:27:36 +0100
Subject: [PATCH] test: Check VM lifecycle with a sysadm_u user

By default, users are `unconfined_u`.

First step in https://bugzilla.redhat.com/show_bug.cgi?id=2328030
---
 test/check-machines-lifecycle | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/test/check-machines-lifecycle b/test/check-machines-lifecycle
index a31bb84d2..3776178e2 100755
--- a/test/check-machines-lifecycle
+++ b/test/check-machines-lifecycle
@@ -49,6 +49,13 @@ class TestMachinesLifecycle(machineslib.VirtualMachinesCase):
         user = self.createUser(user_group='libvirt')
         self._testBasic(user, superuser=False)
 
+    @testlib.skipImage("No SELinux", "debian-*", "ubuntu-*", "arch", "opensuse*")
+    def testBasicSysadmU(self):
+        user = self.createUser(user_group='libvirt')
+        self.machine.execute(f"semanage login -a -s sysadm_u {user}")
+        self.addCleanup(self.machine.execute, f"semanage login -d -s sysadm_u {user}")
+        self._testBasic(user, superuser=False)
+
     def testBasicAdminUser(self):
         # The group in debian based distro should be sudo
         if "ubuntu" in self.machine.image or "debian" in self.machine.image: