URL: https://github.com/SSSD/sssd/pull/5835
Author: jakub-vavra-cz
Title: #5835: Tests: Add test for bz1636002.
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5835/head:pr5835
git checkout pr5835
From c2f399cbd9f54fae24eb2f4cff3e188df7e16b23 Mon Sep 17 00:00:00 2001
From: Jakub Vavra <jva...@redhat.com>
Date: Tue, 19 Oct 2021 11:00:41 +0200
Subject: [PATCH 1/2] Tests: Add test for bz1636002.
---
src/tests/multihost/alltests/test_misc.py | 68 +++++++++++++++++++++++
1 file changed, 68 insertions(+)
diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index 3575799dce..c4e6abc525 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -353,3 +353,71 @@ def test_0006_getent_group(self, multihost,
assert "group-2@example1:*:20002:user-2@example1," \
"user-4@example1,user-6@example1," \
"user-8@example1" in cmd.stdout_text
+
+ @staticmethod
+ @pytest.mark.tier1
+ def test_0007_1636002(multihost, backupsssdconf):
+ """
+ :title: IDM-SSSD-TC: ldap_provider: socket-activated services start as
+ the sssd user and then are unable to read the confdb
+ :id: 7a33729a-ab74-4d9e-9d75-e952deaa7bd2
+ :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1636002
+ :customerscenario: true
+ :steps:
+ 1. Switch to socket activated services, restart sssd
+ 2. Check 'getent passwd <user> output.
+ 3. Check log for error messages related to opening
+ /var/lib/sss/db/config.ldb
+ :expectedresults:
+ 1. No issue switching and sssd has started.
+ 2. It should succeed.
+ 3. The error messages are not present.
+ :teardown:
+ 1. Undo socket activation.
+ 2. Restore sssd.conf
+ """
+ client = sssdTools(multihost.client[0])
+ client.clear_sssd_cache()
+
+ domain_name = client.get_domain_section_name()
+ user = f'foo1@{domain_name}'
+
+ # Configure socket activation
+ sssd_params = {'services': ''}
+ client.sssd_conf('sssd', sssd_params)
+ client.clear_sssd_cache()
+ enable_cmd = "systemctl enable sssd-nss.socket sssd-pam.socket" \
+ " sssd-pam-priv.socket"
+ multihost.client[0].run_command(enable_cmd)
+ multihost.client[0].service_sssd('restart')
+
+ # Show the sssd config
+ multihost.client[0].run_command(
+ 'cat /etc/sssd/sssd.conf', raiseonerr=False)
+
+ # Run getent passwd
+ usr_cmd = multihost.client[0].run_command(
+ f'getent passwd {user}', raiseonerr=False)
+
+ # Print pam log for debug purposes
+ multihost.client[0].run_command(
+ f'cat /var/log/sssd/sssd_pam.log', raiseonerr=False)
+
+ # Download sssd pam log
+ log_str = multihost.client[0].get_file_contents(
+ "/var/log/sssd/sssd_pam.log"). \
+ decode('utf-8')
+
+ # Disable socket activation
+ multihost.client[0].run_command(
+ "systemctl disable sssd-nss.socket sssd-pam.socket"
+ " sssd-pam-priv.socket", raiseonerr=False)
+
+ # Evaluate test results
+ assert usr_cmd.returncode == 0, f"User {user} was not found."
+ assert "CONFDB: /var/lib/sss/db/config.ldb" in log_str
+ assert "Unable to open tdb '/var/lib/sss/db/config.ldb': " \
+ "Permission denied" not in log_str
+ assert "Failed to connect to '/var/lib/sss/db/config.ldb'" \
+ not in log_str
+ assert "The confdb initialization failed" not in log_str
From 8a348c0b11bda483db2d8683ec2874d269d81b18 Mon Sep 17 00:00:00 2001
From: Jakub Vavra <jva...@redhat.com>
Date: Tue, 16 Nov 2021 08:54:27 +0100
Subject: [PATCH 2/2] test debug
---
src/tests/multihost/alltests/test_misc.py | 26 +++++++++++++++++++++++
1 file changed, 26 insertions(+)
diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index c4e6abc525..011bc85b38 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -382,6 +382,18 @@ def test_0007_1636002(multihost, backupsssdconf):
domain_name = client.get_domain_section_name()
user = f'foo1@{domain_name}'
+ # Try ssh before socket activation is configured
+ # ssh_client = pexpect_ssh(multihost.client[0].sys_hostname, user,
+ # 'Secret123', debug=False)
+ # try:
+ # ssh_client.login(login_timeout=30,
+ # sync_multiplier=5, auto_prompt_reset=False)
+ # except SSHLoginException:
+ # ssh1_result = False
+ # else:
+ # ssh1_result = True
+ # ssh_client.logout()
+
# Configure socket activation
sssd_params = {'services': ''}
client.sssd_conf('sssd', sssd_params)
@@ -399,6 +411,20 @@ def test_0007_1636002(multihost, backupsssdconf):
usr_cmd = multihost.client[0].run_command(
f'getent passwd {user}', raiseonerr=False)
+ time.sleep(30)
+
+ # Try ssh after socket activation is configured
+ # ssh_client = pexpect_ssh(multihost.client[0].sys_hostname, user,
+ # 'Secret123', debug=False)
+ # try:
+ # ssh_client.login(login_timeout=30,
+ # sync_multiplier=5, auto_prompt_reset=False)
+ # except SSHLoginException:
+ # ssh2_result = False
+ # else:
+ # ssh2_result = True
+ # ssh_client.logout()
+
# Print pam log for debug purposes
multihost.client[0].run_command(
f'cat /var/log/sssd/sssd_pam.log', raiseonerr=False)
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
