Hi,

IPA sudo tests worked under the assumption that the clients that
are executing the sudo commands have their IPs assigned within
255.255.255.0 hostmask.

Removes this (invalid) assumption and adds a dynamic detection of
the hostmask of the IPA client.

https://fedorahosted.org/freeipa/ticket/5501
From e6f1846f0d7d17303e5b30b1643651ba739b2b6c Mon Sep 17 00:00:00 2001
From: Tomas Babej <tba...@redhat.com>
Date: Mon, 30 Nov 2015 12:53:39 +0100
Subject: [PATCH] tests: Add hostmask detection for sudo rules validating on
 hostmask

IPA sudo tests worked under the assumption that the clients that
are executing the sudo commands have their IPs assigned within
255.255.255.0 hostmask.

Removes this (invalid) assumption and adds a dynamic detection of
the hostmask of the IPA client.

https://fedorahosted.org/freeipa/ticket/5501
---
 ipatests/test_integration/test_sudo.py | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/ipatests/test_integration/test_sudo.py b/ipatests/test_integration/test_sudo.py
index 1dd4c5d73c9fa4288af4fc2708aa3abd51407217..d97771dfa1a7fd2938a0be20a1b79814b852b03e 100644
--- a/ipatests/test_integration/test_sudo.py
+++ b/ipatests/test_integration/test_sudo.py
@@ -17,6 +17,9 @@
 # You should have received a copy of the GNU General Public License
 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
+import pytest
+import re
+
 from ipatests.test_integration.base import IntegrationTest
 from ipatests.test_integration.tasks import clear_sssd_cache
 
@@ -269,13 +272,31 @@ class TestSudo(IntegrationTest):
                                  '--hostgroups', 'testhostgroup'])
 
     def test_sudo_rule_restricted_to_one_hostmask_setup(self):
-        # Add the client's /24 hostmask to the rule
+        # Add the client's hostmask to the rule
         ip = self.client.ip
+
+        # We need to detect the hostmask first
+        result = self.client.run_command(['ip', 'addr'])
+        full_ip_regex = r'(?P<full_ip>{0}/\d{0,1}) '.format(re.escape(ip))
+        match = re.search(full_ip_regex, result)
+
+        # Make a note for the next test, which needs to be skipped
+        # if hostmask detection failed
+        self.skip_hostmask_based = False
+
+        if not match:
+            self.skip_hostmask_based = True
+            raise pytest.skip("Hostmask could not be detected")
+
+        full_ip = match.group('full_ip')
         self.master.run_command(['ipa', '-n', 'sudorule-add-host',
                                  'testrule',
-                                 '--hostmask', '%s/24' % ip])
+                                 '--hostmask', full_ip])
 
     def test_sudo_rule_restricted_to_one_hostmask(self):
+        if self.skip_hostmask_based:
+            raise pytest.skip("Hostmask could not be detected")
+
         result1 = self.list_sudo_commands("testuser1")
         assert "(ALL : ALL) NOPASSWD: ALL" in result1.stdout_text
 
-- 
2.5.0

-- 
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to