URL: https://github.com/SSSD/sssd/pull/5880
Author: dparmar18
Title: #5880: Automation code for bug 2013294/1992973/2013379
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5880/head:pr5880
git checkout pr5880
From 24ca63bde9d377f070fe465800eb6bcdaab5d87f Mon Sep 17 00:00:00 2001
From: Dhairya Parmar <dpar...@dparmar.pnq.csb>
Date: Wed, 17 Nov 2021 15:18:14 +0530
Subject: [PATCH 1/2] added test_0007_getent_admproxy() in test_misc.py
---
src/tests/multihost/alltests/test_misc.py | 45 +++++++++++++++++++++++
1 file changed, 45 insertions(+)
diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index 3575799dce..48bdc1ca64 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -353,3 +353,48 @@ def test_0006_getent_group(self, multihost,
assert "group-2@example1:*:20002:user-2@example1," \
"user-4@example1,user-6@example1," \
"user-8@example1" in cmd.stdout_text
+
+ @pytest.mark.tier1
+ def test_0007_getent_admproxy(self, multihost, backupsssdconf):
+ """
+ :title: 'getent passwd adm@proxy' doesn't
+ return anything when 'cache_first = True' option is used with
+ nss i.e. lookup with the fully-qualified name of a user or
+ group will fail if the requested object is not already in the
+ cache.
+ :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
+ :id: 9ff64ee0-255d-46ac-bf0a-b022eaad463e
+ :customerscenario: false
+ :steps:
+ 1. Configure SSSD with nss having cache_first = True.
+ 2. restart SSSD with empty cache.
+ 3. Check 'getent passwd adm@proxy' output.
+ :expectedresults:
+ 1. Should succeed
+ 2. Should succeed
+ 3. 'getent passwd adm@proxy' should return identity lookup
+ of user adm.
+ """
+ getent_admproxy = "getent passwd adm@proxy"
+ tools = sssdTools(multihost.client[0])
+ section = "sssd"
+ section_params = {"domains": "proxy", "services": "nss"}
+ tools.sssd_conf(section, section_params, action="update")
+ section = "domain/proxy"
+ section_params = {"id_provider": "proxy", "proxy_lib_name": "files",
+ 'auth_provider': "none"}
+ tools.sssd_conf(section, section_params, action="update")
+ section = "nss"
+ section_params = {"cache_first": "True"}
+ tools.sssd_conf(section, section_params, action="update")
+ tools.clear_sssd_cache(start=True)
+ cache_first_true = multihost.client[0].run_command(getent_admproxy,
+ raiseonerr=False)
+ assert cache_first_true.returncode == 0, "Bug 2013294/1992973/2013379"
+ section = "nss"
+ section_params = {"cache_first": "True"}
+ tools.sssd_conf(section, section_params, action="delete")
+ tools.clear_sssd_cache(start=True)
+ cache_first_false = multihost.client[0].run_command(getent_admproxy,
+ raiseonerr=False)
+ assert cache_first_false.returncode == 0
From 60c0186c250844a4fc2d9d02c081d4d8072f8f0b Mon Sep 17 00:00:00 2001
From: Dhairya Parmar <dpar...@dparmar.pnq.csb>
Date: Thu, 18 Nov 2021 12:09:49 +0530
Subject: [PATCH 2/2] TEST: Lookup with fully-qualified name with 'cache_first
= True'
Explanation
- If the 'cache_first = True' option is used with the nss responder a lookup
with the fully-qualified name of a user or group will fail if the requested
object is not already in the cache.
- With earlier versions of sssd, using 'cache_first = True' in nss section of
sssd.conf, the lookup of a user or a group would return nothing, for e.g.
'getent passwd adm@proxy' would just return to bash prompt and 'echo $?'
would return exit code 2.
- The same works when 'cache_first = True' is not used.
- With latest rpm version sssd-2.6.1-1.el8, this issue has been fixed and
this test is intended to support it. Now, with 'cache_first = True' or
without 'cache_first = True', 'getent passwd adm@proxy' always returns
the indentity of adm.
Verifies
Issue: https://github.com/SSSD/sssd/issues/5744
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
---
src/tests/multihost/alltests/test_misc.py | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index 48bdc1ca64..f241800272 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -354,12 +354,12 @@ def test_0006_getent_group(self, multihost,
"user-4@example1,user-6@example1," \
"user-8@example1" in cmd.stdout_text
- @pytest.mark.tier1
+ @pytest.mark.tier1_2
def test_0007_getent_admproxy(self, multihost, backupsssdconf):
"""
- :title: 'getent passwd adm@proxy' doesn't
- return anything when 'cache_first = True' option is used with
- nss i.e. lookup with the fully-qualified name of a user or
+ :title: 'getent passwd adm@proxy' doesn't return anything when
+ 'cache_first = True' option is used with nss.
+ :description: Lookup with the fully-qualified name of a user or
group will fail if the requested object is not already in the
cache.
:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
@@ -373,7 +373,7 @@ def test_0007_getent_admproxy(self, multihost, backupsssdconf):
1. Should succeed
2. Should succeed
3. 'getent passwd adm@proxy' should return identity lookup
- of user adm.
+ of user adm.
"""
getent_admproxy = "getent passwd adm@proxy"
tools = sssdTools(multihost.client[0])
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
