URL: https://github.com/freeipa/freeipa/pull/1562 Author: slaykovsky Title: #1562: [Backport][ipa-4-5] Enable and start oddjobd after ipa-restore Action: opened
PR body: """ If after ipa-restore the service oddjobd is not running, domain-level1 replica installation will fail during ipa-replica-conncheck because this step is using oddjob to start the process ipa-replica-conncheck on the master. This patch fixes it. Also added regression test. https://pagure.io/freeipa/issue/7234 https://github.com/freeipa/freeipa/pull/1472 Reviewed-By: Christian Heimes <chei...@redhat.com> Reviewed-By: Florence Blanc-Renaud <f...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1562/head:pr1562 git checkout pr1562
From f559cf46ef82ee14c7f3d5329e014508e48aea6a Mon Sep 17 00:00:00 2001 From: Aleksei Slaikovskii <aslai...@redhat.com> Date: Tue, 16 Jan 2018 10:24:30 +0100 Subject: [PATCH] [Backport][ipa-4-5] Enable and start oddjobd after ipa-restore If after ipa-restore the service oddjobd is not running, domain-level1 replica installation will fail during ipa-replica-conncheck because this step is using oddjob to start the process ipa-replica-conncheck on the master. This patch fixes it. Also added regression test. https://pagure.io/freeipa/issue/7234 https://github.com/freeipa/freeipa/pull/1472 Reviewed-By: Christian Heimes <chei...@redhat.com> Reviewed-By: Florence Blanc-Renaud <f...@redhat.com> --- ipaserver/install/ipa_restore.py | 6 +++ .../test_integration/test_backup_and_restore.py | 56 +++++++++++++++++++++ .../test_integration/test_simple_replication.py | 58 ++++++++++++---------- 3 files changed, 93 insertions(+), 27 deletions(-) diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py index a3824df230..0a99580283 100644 --- a/ipaserver/install/ipa_restore.py +++ b/ipaserver/install/ipa_restore.py @@ -409,6 +409,12 @@ def run(self): self.log.info('Restarting SSSD') sssd = services.service('sssd', api) sssd.restart() + self.log.info('Restarting oddjobd') + oddjobd = services.service('oddjobd', api) + if not oddjobd.is_enabled(): + self.log.info("Enabling oddjobd") + oddjobd.enable() + oddjobd.start() http.remove_httpd_ccaches() # have the daemons pick up their restored configs run([paths.SYSTEMCTL, "--system", "daemon-reload"]) diff --git a/ipatests/test_integration/test_backup_and_restore.py b/ipatests/test_integration/test_backup_and_restore.py index 833baed366..d534a58a6d 100644 --- a/ipatests/test_integration/test_backup_and_restore.py +++ b/ipatests/test_integration/test_backup_and_restore.py @@ -29,6 +29,7 @@ from ipatests.test_integration.base import IntegrationTest from ipatests.pytest_plugins.integration import tasks from ipatests.test_integration.test_dnssec import wait_until_record_is_signed +from ipatests.test_integration.test_simple_replication import check_replication from ipatests.util import assert_deepequal log = log_mgr.get_logger(__name__) @@ -412,3 +413,58 @@ class TestBackupReinstallRestoreWithKRA(BaseBackupAndRestoreWithKRA): def test_full_backup_reinstall_restore_with_vault(self): """backup, uninstall, reinstall, restore""" self._full_backup_restore_with_vault(reinstall=True) + + +class TestBackupAndRestoreWithReplica(IntegrationTest): + """Regression test for https://pagure.io/freeipa/issue/7234""" + num_replicas = 1 + topology = "star" + + @classmethod + def install(cls, mh): + if cls.domain_level is None: + domain_level = cls.master.config.domain_level + else: + domain_level = cls.domain_level + + if cls.topology is None: + return + else: + tasks.install_topo( + cls.topology, cls.master, [], + cls.clients, domain_level + ) + + def test_full_backup_and_restore_with_replica(self): + replica = self.replicas[0] + + with restore_checker(self.master): + backup_path = backup(self.master) + + log.info("Backup path for %s is %s", self.master, backup_path) + + self.master.run_command([ + "ipa-server-install", "--uninstall", "-U" + ]) + + log.info("Stopping and disabling oddjobd service") + self.master.run_command([ + "systemctl", "stop", "oddjobd" + ]) + self.master.run_command([ + "systemctl", "disable", "oddjobd" + ]) + + dirman_password = self.master.config.dirman_password + self.master.run_command( + ["ipa-restore", backup_path], + stdin_text=dirman_password + '\nyes' + ) + + status = self.master.run_command([ + "systemctl", "status", "oddjobd" + ]) + assert "active (running)" in status.stdout_text + + tasks.install_replica(self.master, replica) + check_replication(self.master, replica, "testuser1") diff --git a/ipatests/test_integration/test_simple_replication.py b/ipatests/test_integration/test_simple_replication.py index fa21d75e6b..6265f3fc5c 100644 --- a/ipatests/test_integration/test_simple_replication.py +++ b/ipatests/test_integration/test_simple_replication.py @@ -22,8 +22,36 @@ import pytest from ipapython.dn import DN -from ipatests.test_integration.base import IntegrationTest from ipatests.pytest_plugins.integration import tasks +from ipatests.test_integration.base import IntegrationTest + + +def check_replication(source_host, dest_host, login): + source_host.run_command([ + "ipa", "user-add", login, + "--first", "test", + "--last", "user" + ]) + + source_ldap = source_host.ldap_connect() + tasks.wait_for_replication(source_ldap) + + ldap = dest_host.ldap_connect() + tasks.wait_for_replication(ldap) + + # Check using LDAP + basedn = dest_host.domain.basedn + user_dn = DN( + ("uid", login), ("cn", "users"), + ("cn", "accounts"), basedn + ) + entry = ldap.get_entry(user_dn) + assert entry.dn == user_dn + assert entry["uid"] == [login] + + # Check using CLI + result = dest_host.run_command(['ipa', 'user-show', login]) + assert "User login: {}".format(login) in result.stdout_text @pytest.mark.ds_acceptance @@ -36,37 +64,13 @@ class TestSimpleReplication(IntegrationTest): num_replicas = 1 topology = 'star' - def check_replication(self, source_host, dest_host, login): - source_host.run_command(['ipa', 'user-add', login, - '--first', 'test', - '--last', 'user']) - - source_ldap = source_host.ldap_connect() - tasks.wait_for_replication(source_ldap) - - ldap = dest_host.ldap_connect() - tasks.wait_for_replication(ldap) - - # Check using LDAP - basedn = dest_host.domain.basedn - user_dn = DN(('uid', login), ('cn', 'users'), ('cn', 'accounts'), - basedn) - entry = ldap.get_entry(user_dn) - print(entry) - assert entry.dn == user_dn - assert entry['uid'] == [login] - - # Check using CLI - result = dest_host.run_command(['ipa', 'user-show', login]) - assert 'User login: %s' % login in result.stdout_text - def test_user_replication_to_replica(self): """Test user replication master -> replica""" - self.check_replication(self.master, self.replicas[0], 'testuser1') + check_replication(self.master, self.replicas[0], 'testuser1') def test_user_replication_to_master(self): """Test user replication replica -> master""" - self.check_replication(self.replicas[0], self.master, 'testuser2') + check_replication(self.replicas[0], self.master, 'testuser2') def test_replica_removal(self): """Test replica removal"""
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org