URL: https://github.com/freeipa/freeipa/pull/1461 Author: mrizwan93 Title: #1461: test for seocnd phase of ipa-server-install with --external-ca when dirsrv instance is stopped Action: opened
PR body: """ When the dirsrv service, which gets started during the first ipa-server-install --external-ca phase, is not running when the second phase is run with --external-cert-file options, the ipa-server-install command fail. This test checks if second phase installs successfully when dirsrv is stoped. related ticket: https://pagure.io/freeipa/issue/6611 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1461/head:pr1461 git checkout pr1461
From 2ccd75ebd4eafafb716441b1f7d6d9467913c9e5 Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan Yusuf <myu...@redhat.com> Date: Fri, 12 Jan 2018 16:58:12 +0530 Subject: [PATCH] When the dirsrv service, which gets started during the first ipa-server-install --external-ca phase, is not running when the second phase is run with --external-cert-file options, the ipa-server-install command fail. This test checks if second phase installs successfully when dirsrv is stoped. related ticket: https://pagure.io/freeipa/issue/6611 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> --- ipatests/test_integration/test_external_ca.py | 51 +++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) diff --git a/ipatests/test_integration/test_external_ca.py b/ipatests/test_integration/test_external_ca.py index 6d23f06de9..8ac8f6c6b4 100644 --- a/ipatests/test_integration/test_external_ca.py +++ b/ipatests/test_integration/test_external_ca.py @@ -17,6 +17,7 @@ import re import time +import string from ipatests.pytest_plugins.integration import tasks from ipatests.test_integration.base import IntegrationTest @@ -158,3 +159,53 @@ def test_switch_back_to_self_signed(self): result = self.master.run_command([paths.IPA_CERTUPDATE]) assert result.returncode == 0 + + +class TestExternalCAdirsrvStop(IntegrationTest): + """When the dirsrv service, which gets started during the first + ipa-server-install --external-ca phase, is not running when the + second phase is run with --external-cert-file options, the + ipa-server-install command fail. + + This test checks if second phase installs successfully when dirsrv + is stoped. + + related ticket: https://pagure.io/freeipa/issue/6611 + """ + @tasks.collect_logs + def test_external_ca_dirsrv_stop(self): + # Step 1 of ipa-server-install + self.master.run_command([ + 'ipa-server-install', '-U', + '-a', self.master.config.admin_password, + '-p', self.master.config.dirman_password, + '--setup-dns', '--no-forwarders', + '-n', self.master.domain.name, + '-r', self.master.domain.realm, + '--domain-level=%i' % self.master.config.domain_level, + '--external-ca' + ]) + + # stop dirsrv server + domain = self.master.domain.name.upper() + ds_instance = string.replace(domain, ".", "-") + dirsrv_service = "dirsrv@%s.service" % ds_instance + cmd = ['systemctl', 'stop', dirsrv_service] + + # Sign CA, transport it to the host and get ipa a root ca paths. + root_ca_fname, ipa_ca_fname = tasks.sign_ca_and_transport( + self.master, paths.ROOT_IPA_CSR, ROOT_CA, IPA_CA) + + # Step 2 of ipa-server-install + self.master.run_command([ + 'ipa-server-install', + '-a', self.master.config.admin_password, + '-p', self.master.config.dirman_password, + '--external-cert-file', ipa_ca_fname, + '--external-cert-file', root_ca_fname + ]) + + # Make sure IPA server is working properly + tasks.kinit_admin(self.master) + result = self.master.run_command(['ipa', 'user-show', 'admin']) + assert 'User login: admin' in result.stdout_text
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
