URL: https://github.com/freeipa/freeipa/pull/3250
Author: amore17
Title: #3250: Temp commit
Action: opened
PR body:
"""
"""
To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/3250/head:pr3250
git checkout pr3250
From da5bdb836440ad8939351f0603bfc3becbd46c10 Mon Sep 17 00:00:00 2001
From: Anuja More <am...@redhat.com>
Date: Tue, 11 Jun 2019 13:00:01 +0530
Subject: [PATCH] Temp test_ad
Signed-off-by: Anuja More <am...@redhat.com>
---
ipatests/prci_definitions/temp_commit.yaml | 14 ++-
ipatests/test_integration/test_trust.py | 105 ++++++++-------------
2 files changed, 49 insertions(+), 70 deletions(-)
diff --git a/ipatests/prci_definitions/temp_commit.yaml b/ipatests/prci_definitions/temp_commit.yaml
index 14db67c5ee..b6cca3ac73 100644
--- a/ipatests/prci_definitions/temp_commit.yaml
+++ b/ipatests/prci_definitions/temp_commit.yaml
@@ -29,6 +29,10 @@ topologies:
name: master_3repl_1client
cpu: 6
memory: 12900
+ ad: &ad
+ name: ad
+ cpu: 4
+ memory: 12000
jobs:
fedora-29/build:
@@ -45,14 +49,14 @@ jobs:
timeout: 1800
topology: *build
- fedora-29/temp_commit:
+ fedora-29/test_trust:
requires: [fedora-29/build]
priority: 50
job:
- class: RunPytest
+ class: RunADTests
args:
build_url: '{fedora-29/build_url}'
- test_suite: test_integration/test_REPLACEME.py
+ test_suite: test_integration/test_trust.py
template: *ci-master-f29
- timeout: 3600
- topology: *master_1repl_1client
+ timeout: 12000
+ topology: *ad
\ No newline at end of file
diff --git a/ipatests/test_integration/test_trust.py b/ipatests/test_integration/test_trust.py
index 51fc666ef1..46b4085f35 100644
--- a/ipatests/test_integration/test_trust.py
+++ b/ipatests/test_integration/test_trust.py
@@ -7,14 +7,12 @@
from ipatests.test_integration.base import IntegrationTest
from ipatests.pytest_ipa.integration import tasks
+from ipaplatform.paths import paths
class TestTrust(IntegrationTest):
topology = 'line'
num_ad_domains = 1
- num_ad_subdomains = 1
- num_ad_treedomains = 1
-
upn_suffix = 'UPNsuffix.com'
upn_username = 'upnuser'
upn_name = 'UPN User'
@@ -34,18 +32,6 @@ def install(cls, mh):
tasks.install_adtrust(cls.master)
cls.check_sid_generation()
- cls.child_ad = cls.ad_subdomains[0] # pylint: disable=no-member
- cls.ad_subdomain = cls.child_ad.domain.name
- cls.tree_ad = cls.ad_treedomains[0] # pylint: disable=no-member
- cls.ad_treedomain = cls.tree_ad.domain.name
-
- # values used in workaround for
- # https://bugzilla.redhat.com/show_bug.cgi?id=1711958
- cls.srv_gc_record_name = \
- '_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs'
- cls.srv_gc_record_value = '0 100 389 {}.'.format(cls.master.hostname)
-
-
@classmethod
def check_sid_generation(cls):
command = ['ipa', 'user-show', 'admin', '--all', '--raw']
@@ -98,7 +84,7 @@ def test_establish_nonposix_trust(self):
def test_trustdomains_found_in_nonposix_trust(self):
self.check_trustdomains(
- self.ad_domain, [self.ad_domain, self.ad_subdomain])
+ self.ad_domain, [self.ad_domain])
def test_range_properties_in_nonposix_trust(self):
self.check_range_properties(self.ad_domain, 'ipa-ad-trust', 200000)
@@ -180,7 +166,7 @@ def test_establish_posix_trust(self):
def test_trustdomains_found_in_posix_trust(self):
"""Tests that all trustdomains can be found."""
self.check_trustdomains(
- self.ad_domain, [self.ad_domain, self.ad_subdomain])
+ self.ad_domain, [self.ad_domain])
def test_range_properties_in_posix_trust(self):
"""Check the properties of the created range"""
@@ -242,54 +228,6 @@ def test_invalid_range_types(self):
finally:
tasks.unconfigure_dns_for_trust(self.master, self.ad)
- # Tests for external trust with AD subdomain
-
- def test_establish_external_subdomain_trust(self):
- self.configure_dns_and_time(self.child_ad)
- tasks.establish_trust_with_ad(
- self.master, self.ad_subdomain,
- extra_args=['--range-type', 'ipa-ad-trust', '--external=True'])
-
- def test_trustdomains_found_in_external_subdomain_trust(self):
- self.check_trustdomains(
- self.ad_subdomain, [self.ad_subdomain])
-
- def test_user_gid_uid_resolution_in_external_subdomain_trust(self):
- """Check that user has SID-generated UID"""
- testuser = 'subdomaintestuser@{0}'.format(self.ad_subdomain)
- result = self.master.run_command(['getent', 'passwd', testuser])
-
- testuser_regex = (r"^subdomaintestuser@{0}:\*:(?!10142)(\d+):"
- r"(?!10147)(\d+):Subdomaintest User:"
- r"/home/{1}/subdomaintestuser:/bin/sh$".format(
- re.escape(self.ad_subdomain),
- re.escape(self.ad_subdomain)))
-
- assert re.search(testuser_regex, result.stdout_text)
-
- def test_remove_external_subdomain_trust(self):
- self.remove_trust(self.child_ad)
-
- # Tests for non-external trust with AD subdomain
-
- def test_establish_nonexternal_subdomain_trust(self):
- self.configure_dns_and_time(self.child_ad)
- try:
- tasks.kinit_admin(self.master)
-
- result = self.master.run_command([
- 'ipa', 'trust-add', '--type', 'ad', self.ad_subdomain,
- '--admin',
- 'Administrator', '--password', '--range-type', 'ipa-ad-trust'
- ], stdin_text=self.master.config.ad_admin_password,
- raiseonerr=False)
-
- assert result != 0
- assert ("Domain '{0}' is not a root domain".format(
- self.ad_subdomain) in result.stderr_text)
- finally:
- tasks.unconfigure_dns_for_trust(self.master, self.child_ad)
-
# Tests for external trust with tree domain
def test_establish_external_treedomain_trust(self):
@@ -463,6 +401,43 @@ def test_user_uid_resolution_in_external_trust_with_shared_secret(self):
assert re.search(
testuser_regex, result.stdout_text), result.stdout_text
+ def test_override_homedir(self):
+ """
+ https://pagure.io/SSSD/sssd/issue/2474
+ POSIX attributes, such as shell or home directory, should not be overwritten or missing.
+ """
+ self.remove_trust(self.ad)
+ tasks.establish_trust_with_ad(self.master, self.ad_domain,
+ extra_args=['--range-type', 'ipa-ad-trust'])
+
+ domain_line = "[domain/{0}]\n".format(self.master.domain.name)
+ tasks.backup_file(self.master, paths.SSSD_CONF)
+ assert not re.search("override_homedir", paths.SSSD_CONF)
+
+ with open(paths.SSSD_CONF, "r") as in_file:
+ buf = in_file.readlines()
+ with open(paths.SSSD_CONF, "w") as out_file:
+ for line in buf:
+ if line == domain_line:
+ line = line + "subdomain_homedir = %o\n"
+ out_file.write(line)
+ tasks.clear_sssd_cache(self.master)
+
+ testuser = 'testuser@%s' % self.ad_domain
+ run_cmd = '"import os; os.initgroups({0}, 1234)"' .format(testuser)
+ self.master.run_command(['python', '-c', run_cmd])
+
+ testuser = 'testuser@%s' % self.ad_domain
+ result = self.master.run_command(['getent', 'passwd', testuser])
+
+ assert "/home/testuser" in result.stdout_text
+
+ log_file = "/var/log/sssd/sssd_{0}.log" .format(self.master.domain.name)
+ assert not re.search("get_subdomain_homedir_of_user failed", log_file)
+
+ tasks.restore_files(self.master)
+ tasks.clear_sssd_cache(self.master)
+
def test_remove_external_trust_with_shared_secret(self):
self.ad.run_command(
['netdom.exe', 'trust', self.master.domain.name,
_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org
