See
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/84/display/redirect>
------------------------------------------
[...truncated 5415 lines...]
:assert: Should return error code 19
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "inactusr"
nousrs = 3
log.info('\''AccountInactivityLimit set to 10. Account will be
inactivated if not accessed in 10 secs'\'')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('\''Sleep for 9 secs to check if account is not inactivated,
expected value 0'\'')
time.sleep(9)
log.info('\''Account should not be inactivated since
AccountInactivityLimit not exceeded'\'')
account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled")
log.info('\''Sleep for 2 more secs to check if account is
inactivated'\'')
time.sleep(2)
account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled")
log.info('\''Sleep +9 secs to check if account {}3 is
inactivated'\''.format(userid))
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled")
log.info('\''Add lastLoginTime attribute to all users and check if its
activated'\'')
add_time_attr(topology_st, suffix, subtree, userid, nousrs,
'\''lastLoginTime'\'')
> account_status(topology_st, suffix, subtree, userid, nousrs, 0,
> "Enabled")
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:883:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850>
suffix = '\''dc=example,dc=com'\'', subtree = '\''ou=people'\'', userid =
'\''inactusr'\''
nousrs = 3, ulimit = 0, tochck = '\''Enabled'\''
def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit,
tochck):
"""Check account status for the given suffix, subtree, userid and
nousrs"""
while (nousrs > ulimit):
usrrdn = '\''{}{}'\''.format(userid, nousrs)
userdn = '\''uid={},{},{}'\''.format(usrrdn, subtree, suffix)
if (tochck == "Enabled"):
try:
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
except ldap.LDAPError as e:
log.error('\''User {} failed to login, expected
0'\''.format(userdn))
> raise e
E CONSTRAINT_VIOLATION: {'\''info'\'': '\''Account inactivity
limit exceeded. Contact system administrator to reset.'\'', '\''desc'\'':
'\''Constraint violation'\''}
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:306:
CONSTRAINT_VIOLATION
---------------------------- Captured stderr setup -----------------------------
INFO:lib389.utils:Adding Local account policy plugin configuration entries
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:AccountInactivityLimit set to 10. Account will be inactivated
if not accessed in 10 secs
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree,
userid and nousrs
INFO:lib389.utils:Sleep for 9 secs to check if account is not inactivated,
expected value 0
INFO:lib389.utils:Account should not be inactivated since
AccountInactivityLimit not exceeded
INFO:lib389.utils:Sleep for 2 more secs to check if account is inactivated
INFO:lib389.utils:Sleep +9 secs to check if account inactusr3 is inactivated
INFO:lib389.utils:Add lastLoginTime attribute to all users and check if its
activated
INFO:lib389.utils:Enable account by replacing
lastLoginTime/createTimeStamp/ModifyTimeStamp attribute
ERROR:lib389.utils:User uid=inactusr3,ou=people,dc=example,dc=com failed to
login, expected 0
_____________________________ test_locinact_modrdn _____________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850>
accpol_local = None
def test_locinact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when moved from ou=groups to
ou=people subtree.
:ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1
:feature: Account Policy Plugin
:setup: Standalone instance, ou=people subtree configured for Local
account
policy plugin configuration, set accountInactivityLimit to few
secs.
:steps: 1. Add few users to ou=groups subtree in the default suffix
2. Plugin configured to ou=people subtree only.
3. Wait for few secs before it reaches accountInactivityLimit
and check users.
4. Run ldapsearch as normal user, expected 0
5. Wait till accountInactivityLimit exceeded
6. Move users from ou=groups subtree to ou=people subtree
7. Check if users are inactivated, expected error 19
:assert: Should return error code 0 and 19
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nolockusr"
nousrs = 1
log.info('\''Account should not be inactivated since the subtree is not
configured'\'')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:909:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:278:
in add_users
users.create(properties=user_properties)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py>:833:
in create
return co.create(rdn, properties, self._basedn)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py>:640:
in create
self._instance.add_s(e)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:158:
in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s
return self.result(msgid,all=1,timeout=self.timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:130:
in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all,timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f60926d58d0>
func = <built-in method result4 of LDAP object at 0x7f609f229260>
args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient '\''add'\'' privilege to
the '\''userPassword'\'' attribute", '\''desc'\'': '\''Insufficient
access'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient '\''add'\''
privilege to the '\''userPassword'\'' attribute", '\''desc'\'':
'\''Insufficient access'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:Account should not be inactivated since the subtree is not
configured
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree,
userid and nousrs
______________________________ test_locact_modrdn ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850>
accpol_local = None
def test_locact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when users moved from
ou=people to ou=groups subtree.
:ID: e821cbae-bfc3-40d3-947d-b228c809987f
:feature: Account Policy Plugin
:setup: Standalone instance, ou=people subtree configured for Local
account
policy plugin configuration, set accountInactivityLimit to few
secs.
:steps: 1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs and check if users not inactivated,
expected 0.
3. Move users from ou=people to ou=groups subtree
4. Wait till accountInactivityLimit is exceeded
5. Check if users are active in ou=groups subtree, expected 0
:assert: Should return error code 0
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "lockusr"
nousrs = 1
log.info('\''Account should be inactivated since the subtree is
configured'\'')
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:950:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py>:278:
in add_users
users.create(properties=user_properties)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py>:833:
in create
return co.create(rdn, properties, self._basedn)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py>:640:
in create
self._instance.add_s(e)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:158:
in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s
return self.result(msgid,all=1,timeout=self.timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:130:
in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all,timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f60926d58d0>
func = <built-in method result4 of LDAP object at 0x7f609f229260>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient '\''add'\'' privilege to
the '\''userPassword'\'' attribute", '\''desc'\'': '\''Insufficient
access'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient '\''add'\''
privilege to the '\''userPassword'\'' attribute", '\''desc'\'':
'\''Insufficient access'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:Account should be inactivated since the subtree is configured
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree,
userid and nousrs
============= 11 failed, 597 passed, 1 skipped in 12728.25 seconds
============='
+ '[' 1 -ne 0 ']'
+ echo CI Tests 'FAILED!'
CI Tests FAILED!
+ MSG=FAILED
+ RC=1
+ sudo /usr/sbin/sendmail mreyno...@redhat.com firsty...@redhat.com
+ sudo rm -rf /var/tmp/slapd.vg.124754 /var/tmp/slapd.vg.20629
/var/tmp/slapd.vg.20771 /var/tmp/slapd.vg.36027
+ exit 1
Build step 'Execute shell' marked build as failure
_______________________________________________
389-devel mailing list -- 389-devel@lists.fedoraproject.org
To unsubscribe send an email to 389-devel-le...@lists.fedoraproject.org
