On (17/08/16 14:32), Petr Cech wrote:
>Hello list,
>
>there is attached patch set for intg. testing of ldap nested netgroups.
>
>I used last version of Lukas patch 'sssd_netgroup.py: Resolve nested
>netgroups'. I don't know if it is on list.
>
>It is still WIP. It is in state that it is possible to run it.
>But there are comments in code what is needed to fix.
>
>
>If I remove some netgroups (in test), it is updated on LDAP and in cache, but
>sssd_netgroup.get_sssd_netgroups() returns nothing.
>
Yes, I was too strict regarding to failures in resolving nested netgroups.
glibc(getent netgroup) does not fail if there is non-existing nested netgroup.
There is bunch of pep8 warnings. Please fix them.
sh$ pep8 src/tests/intg/test_netgroup.py | wc -l
29
>Date: Wed, 17 Aug 2016 13:58:30 +0200
>Subject: [PATCH 2/2] WIP: INTG: Tests for ldap nested netgroups
>
>This patch adds tests on reproducer of t2841.
>
>Resolves:
>https://fedorahosted.org/sssd/ticket/2841
>---
> src/tests/intg/Makefile.am | 1 +
> src/tests/intg/test_netgroup.py | 487 ++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 488 insertions(+)
> create mode 100644 src/tests/intg/test_netgroup.py
>
>diff --git a/src/tests/intg/Makefile.am b/src/tests/intg/Makefile.am
>index
>b8cc5c006845f911d8518df815925455482e9f6d..b3c553539d9e74dae986fa6551041544dd687c11
> 100644
>--- a/src/tests/intg/Makefile.am
>+++ b/src/tests/intg/Makefile.am
>@@ -14,6 +14,7 @@ dist_noinst_DATA = \
> util.py \
> test_memory_cache.py \
> test_ts_cache.py \
>+ test_netgroup.py \
> $(NULL)
>
> config.py: config.py.m4
>diff --git a/src/tests/intg/test_netgroup.py b/src/tests/intg/test_netgroup.py
>new file mode 100644
>index
>0000000000000000000000000000000000000000..4be2b1c7048f3d8dc4797557d6decf1367eea36d
>--- /dev/null
>+++ b/src/tests/intg/test_netgroup.py
>@@ -0,0 +1,487 @@
>+#
>+# Netgroup integration test
>+#
>+# Copyright (c) 2016 Red Hat, Inc.
>+# Author: Petr Cech <pc...@redhat.com>
>+#
>+# This is free software; you can redistribute it and/or modify it
>+# under the terms of the GNU General Public License as published by
>+# the Free Software Foundation; version 2 only
>+#
>+# This program is distributed in the hope that it will be useful, but
>+# WITHOUT ANY WARRANTY; without even the implied warranty of
>+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
>+# General Public License for more details.
>+#
>+# You should have received a copy of the GNU General Public License
>+# along with this program. If not, see <http://www.gnu.org/licenses/>.
>+#
>+
//snip
>+@pytest.fixture
>+def reproducer_t2841(request, ldap_conn):
>+ ent_list = ldap_ent.List(ldap_conn.ds_inst.base_dn)
>+
>+ ent_list.add_netgroup("t2841_netgroup1", ["(host1,user1,domain1)"])
>+ ent_list.add_netgroup("t2841_netgroup2", ["(host2,user2,domain2)"])
>+ ent_list.add_netgroup("t2841_netgroup3", [],
>+ ["t2841_netgroup1", "t2841_netgroup2"])
>+
>+ create_ldap_fixture(request, ldap_conn, ent_list)
>+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
>+ create_conf_fixture(request, conf)
>+ create_sssd_fixture(request)
>+ return (ldap_conn, ent_list)
>+
>+
>+def test_reproducer_t2841(reproducer_t2841):
>+ """
>+ Adding two nested netgroup.
>+ """
>+
>+ ldap_conn = reproducer_t2841[0]
>+ ent_list = reproducer_t2841[1]
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup1")
>+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
>+ assert netgroups == [('host1', 'user1', 'domain1')]
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup2")
>+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
>+ assert netgroups == [('host2', 'user2', 'domain2')]
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
>+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
>+ assert netgroups == [('host2', 'user2', 'domain2'),
>+ ('host1', 'user1', 'domain1')]
>+
>+ # removing of t2841_netgroup1
>+ ldap_conn.delete_s(ent_list[0][0])
>+ ent_list.remove(ent_list[0])
>+ if subprocess.call(["sss_cache", "-N"]) != 0:
>+ raise Exception("sssd_cache failed")
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup1")
>+ assert res == sssd_netgroup.NssReturnCode.NOTFOUND
>+ assert netgroups == []
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup2")
>+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
>+ assert netgroups == [('host2', 'user2', 'domain2')]
>+
>+ # FIX: This should be SUCCES
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
>+ assert res == sssd_netgroup.NssReturnCode.NOTFOUND
>+ assert netgroups == []
Please never write test which always passes.
Test must cover the test case and not be green in 100% cases.
Otherwise we cousl have "assert True" everywhere :-)
>+
>+ # point A
>+ # run_shell()
>+
>+ # removing of t2841_netgroup2
>+ ldap_conn.delete_s(ent_list[0][0])
>+ ent_list.remove(ent_list[0])
>+ if subprocess.call(["sss_cache", "-N"]) != 0:
>+ raise Exception("sssd_cache failed")
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup1")
>+ assert res == sssd_netgroup.NssReturnCode.NOTFOUND
>+ assert netgroups == []
>+
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup2")
>+ assert res == sssd_netgroup.NssReturnCode.NOTFOUND
>+ assert netgroups == []
>+
>+ # FIX: This should be SUCCES
>+ res, errno, netgroups =
>sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
>+ assert res == sssd_netgroup.NssReturnCode.NOTFOUND
>+ assert netgroups == []
>+
>+ # point B
>+ # run_shell()
I fixed the expected results(@see patch) and the test passes with latest
version of sssd_netgroup.py and git master. There are two possible explanations
a) we need to close ticket 2841 as works for me
b) the test test_reproducer_t2841 is testing something different.
BTW I tested the same test-case outside of cwrap with simple shell script.
sh# ldapadd -x -w Secret123 -D 'cn=admin,dc=example,dc=com' -h localhost:10389 \
-f netgroups.ldif
adding new entry "ou=Netgroups,dc=example,dc=com"
adding new entry "cn=t2841_netgroup1,ou=Netgroups,dc=example,dc=com"
adding new entry "cn=t2841_netgroup2,ou=Netgroups,dc=example,dc=com"
adding new entry "cn=t2841_netgroup3,ou=Netgroups,dc=example,dc=com"
sh# systemctl restart sssd
sh# systemctl restart sssd
sh# getent netgroup t2841_netgroup1 || echo FAILED
t2841_netgroup1 (host1,user1,domain1)
sh# getent netgroup t2841_netgroup2 || echo FAILED
t2841_netgroup2 (host2,user2,domain2)
sh# getent netgroup t2841_netgroup3 || echo FAILED
t2841_netgroup3 (host2,user2,domain2) (host1,user1,domain1)
sh# ldapdelete -x -w Secret123 -D 'cn=admin,dc=example,dc=com' -h
localhost:10389 cn=t2841_netgroup1,ou=Netgroups,dc=example,dc=com
sh# sss_cache -N
sh# getent netgroup t2841_netgroup1 || echo FAILED
FAILED
sh# getent netgroup t2841_netgroup2 || echo FAILED
t2841_netgroup2 (host2,user2,domain2)
sh# getent netgroup t2841_netgroup3 || echo FAILED
t2841_netgroup3 (host2,user2,domain2)
sh# ldapdelete -x -w Secret123 -D 'cn=admin,dc=example,dc=com' -h
localhost:10389 cn=t2841_netgroup2,ou=Netgroups,dc=example,dc=com
sh# sss_cache -N
sh# getent netgroup t2841_netgroup1 || echo FAILED
FAILED
sh# getent netgroup t2841_netgroup2 || echo FAILED
FAILED
sh# getent netgroup t2841_netgroup3 || echo FAILED
t2841_netgroup3
Could you explain it?
LS
# extended LDIF
#
# LDAPv3
# base <ou=Netgroups,dc=example,dc=com> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# Netgroups, example.com
dn: ou=Netgroups,dc=example,dc=com
objectClass: top
objectClass: organizationalUnit
ou: Netgroups
# t2841_netgroup1, Netgroups, example.com
dn: cn=t2841_netgroup1,ou=Netgroups,dc=example,dc=com
objectClass: top
objectClass: nisNetgroup
nisNetgroupTriple: (host1,user1,domain1)
cn: t2841_netgroup1
# t2841_netgroup2, Netgroups, example.com
dn: cn=t2841_netgroup2,ou=Netgroups,dc=example,dc=com
objectClass: top
objectClass: nisNetgroup
nisNetgroupTriple: (host2,user2,domain2)
cn: t2841_netgroup2
# t2841_netgroup3, Netgroups, example.com
dn: cn=t2841_netgroup3,ou=Netgroups,dc=example,dc=com
objectClass: top
objectClass: nisNetgroup
memberNisNetgroup: t2841_netgroup1
memberNisNetgroup: t2841_netgroup2
cn: t2841_netgroup3
# search result
search: 2
result: 0 Success
# numResponses: 5
# numEntries: 4
>From f79120bff36fe383abb9df4ecaef30d157a254cc Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lsleb...@redhat.com>
Date: Thu, 18 Aug 2016 12:06:45 +0200
Subject: [PATCH] test_netgroup_fixes
---
src/tests/intg/test_netgroup.py | 37 +++++++++++++------------------------
1 file changed, 13 insertions(+), 24 deletions(-)
diff --git a/src/tests/intg/test_netgroup.py b/src/tests/intg/test_netgroup.py
index
4be2b1c7048f3d8dc4797557d6decf1367eea36d..b3c272e8f305de9ca9d59bb4ce493178e2898756
100644
--- a/src/tests/intg/test_netgroup.py
+++ b/src/tests/intg/test_netgroup.py
@@ -200,7 +200,7 @@ def add_nested_netgroup(request, ldap_conn):
ent_list.add_netgroup("nested_netgroup")
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -224,7 +224,7 @@ def add_two_nested_netgroup(request, ldap_conn):
ent_list.add_netgroup("nested_netgroup2")
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -252,7 +252,7 @@ def add_tripled_netgroup(request, ldap_conn):
ent_list.add_netgroup("tripled_netgroup", ["(host,user,domain)"])
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -276,7 +276,7 @@ def add_advanced_tripled_netgroup(request, ldap_conn):
"(host2,user2,domain2)"])
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -301,7 +301,7 @@ def add_two_tripled_netgroup(request, ldap_conn):
ent_list.add_netgroup("tripled_netgroup2", ["(host2,user2,domain2)"])
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -351,7 +351,7 @@ def add_mixed_netgroup(request, ldap_conn):
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return None
@@ -415,7 +415,7 @@ def reproducer_t2841(request, ldap_conn):
["t2841_netgroup1", "t2841_netgroup2"])
create_ldap_fixture(request, ldap_conn, ent_list)
- conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=True)
+ conf = format_basic_conf(ldap_conn, SCHEMA_RFC2307_BIS, enum=False)
create_conf_fixture(request, conf)
create_sssd_fixture(request)
return (ldap_conn, ent_list)
@@ -439,8 +439,8 @@ def test_reproducer_t2841(reproducer_t2841):
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
assert res == sssd_netgroup.NssReturnCode.SUCCESS
- assert netgroups == [('host2', 'user2', 'domain2'),
- ('host1', 'user1', 'domain1')]
+ assert sorted(netgroups) == sorted([('host1', 'user1', 'domain1'),
+ ('host2', 'user2', 'domain2')])
# removing of t2841_netgroup1
ldap_conn.delete_s(ent_list[0][0])
@@ -450,19 +450,14 @@ def test_reproducer_t2841(reproducer_t2841):
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup1")
assert res == sssd_netgroup.NssReturnCode.NOTFOUND
- assert netgroups == []
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup2")
assert res == sssd_netgroup.NssReturnCode.SUCCESS
assert netgroups == [('host2', 'user2', 'domain2')]
- # FIX: This should be SUCCES
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
- assert res == sssd_netgroup.NssReturnCode.NOTFOUND
- assert netgroups == []
-
- # point A
- # run_shell()
+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
+ assert netgroups == [('host2', 'user2', 'domain2')]
# removing of t2841_netgroup2
ldap_conn.delete_s(ent_list[0][0])
@@ -472,16 +467,10 @@ def test_reproducer_t2841(reproducer_t2841):
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup1")
assert res == sssd_netgroup.NssReturnCode.NOTFOUND
- assert netgroups == []
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup2")
assert res == sssd_netgroup.NssReturnCode.NOTFOUND
- assert netgroups == []
- # FIX: This should be SUCCES
res, errno, netgroups = sssd_netgroup.get_sssd_netgroups("t2841_netgroup3")
- assert res == sssd_netgroup.NssReturnCode.NOTFOUND
- assert netgroups == []
-
- # point B
- # run_shell()
\ No newline at end of file
+ assert res == sssd_netgroup.NssReturnCode.SUCCESS
+ assert netgroups == []
--
2.9.3
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
