[autobackport: sssd-2-10] Tests: Handle SELinux in proxy provider tests

[sssd-bot]

This is an automatic backport of PR#8348 Tests: Handle SELinux in proxy provider tests to branch sssd-2-10, created by @aborah-sudo.

Please make sure this backport is correct.

Note

The commits were cherry-picked without conflicts.

You can push changes to this pull request

git remote add sssd-bot [email protected]:sssd-bot/sssd.git
git fetch sssd-bot refs/heads/SSSD-sssd-backport-pr8348-to-sssd-2-10
git checkout SSSD-sssd-backport-pr8348-to-sssd-2-10
git push sssd-bot SSSD-sssd-backport-pr8348-to-sssd-2-10 --force

---

Original commits
8b0071c - Tests: Handle SELinux in proxy provider tests

Backported commits

• 77e8806 - Tests: Handle SELinux in proxy provider tests

---

Original Pull Request Body

Tests using nslcd fail under SELinux enforcing due to missing policies for test-only nss-pam-ldapd configuration. Add context manager to temporarily set permissive mode for affected tests.

[gemini-code-assist]

Code Review

This pull request backports a change to handle SELinux in proxy provider tests by temporarily setting SELinux to permissive mode. The change wraps the body of several tests in a with client.host.selinux_permissive_for_test(): context manager. While this is a correct fix, it introduces code duplication across multiple tests. My review includes a suggestion to refactor this using a pytest fixture to improve maintainability and adhere to common testing patterns.

[gemini-code-assist]

This with statement is repeated in 6 tests in this file. To improve maintainability and reduce code duplication, consider using a pytest fixture to apply this context.

Example:

1. Define fixture:

   @pytest.fixture
   def selinux_permissive(client: Client):
       with client.host.selinux_permissive_for_test():
           yield

2. Use fixture:

   @pytest.mark.usefixtures("selinux_permissive")
   def test_proxy__lookup_and_authenticate_user_using_pam_ldap_and_nslcd(...):
       # ... test body without the 'with' statement

This would centralize the logic and make the tests cleaner. This could be applied to all tests modified in this PR. Since this is a backport, this refactoring could be addressed in a follow-up.

[sssd-bot]

The pull request was accepted by @jakub-vavra-cz with the following PR CI status:

---

🟢 CodeQL (success)
🟢 rpm-build:centos-stream-10-x86_64:upstream (success)
🟢 ci / prepare (success)
🟢 ci / system (centos-10) (success)
🟢 Static code analysis / codeql (success)
🟢 Static code analysis / pre-commit (success)
🟢 Static code analysis / python-system-tests (success)

---

There are unsuccessful or unfinished checks. Make sure that the failures are not related to this pull request before merging.