URL: https://github.com/SSSD/sssd/pull/5880
Author: dparmar18
 Title: #5880: Automation code for bug 2013294/1992973/2013379
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5880/head:pr5880
git checkout pr5880
From 24ca63bde9d377f070fe465800eb6bcdaab5d87f Mon Sep 17 00:00:00 2001
From: Dhairya Parmar <dpar...@dparmar.pnq.csb>
Date: Wed, 17 Nov 2021 15:18:14 +0530
Subject: [PATCH 1/2] added test_0007_getent_admproxy() in test_misc.py

---
 src/tests/multihost/alltests/test_misc.py | 45 +++++++++++++++++++++++
 1 file changed, 45 insertions(+)

diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index 3575799dce..48bdc1ca64 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -353,3 +353,48 @@ def test_0006_getent_group(self, multihost,
         assert "group-2@example1:*:20002:user-2@example1," \
                "user-4@example1,user-6@example1," \
                "user-8@example1" in cmd.stdout_text
+
+    @pytest.mark.tier1
+    def test_0007_getent_admproxy(self, multihost, backupsssdconf):
+        """
+        :title: 'getent passwd adm@proxy' doesn't
+         return anything when 'cache_first = True' option is used with
+         nss i.e. lookup with the fully-qualified name of a user or
+         group will fail if the requested object is not already in the
+         cache.
+        :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
+        :id: 9ff64ee0-255d-46ac-bf0a-b022eaad463e
+        :customerscenario: false
+        :steps:
+            1. Configure SSSD with nss having cache_first = True.
+            2. restart SSSD with empty cache.
+            3. Check 'getent passwd adm@proxy' output.
+        :expectedresults:
+            1. Should succeed
+            2. Should succeed
+            3. 'getent passwd adm@proxy' should return identity lookup
+            of user adm.
+        """
+        getent_admproxy = "getent passwd adm@proxy"
+        tools = sssdTools(multihost.client[0])
+        section = "sssd"
+        section_params = {"domains": "proxy", "services": "nss"}
+        tools.sssd_conf(section, section_params, action="update")
+        section = "domain/proxy"
+        section_params = {"id_provider": "proxy", "proxy_lib_name": "files",
+                          'auth_provider': "none"}
+        tools.sssd_conf(section, section_params, action="update")
+        section = "nss"
+        section_params = {"cache_first": "True"}
+        tools.sssd_conf(section, section_params, action="update")
+        tools.clear_sssd_cache(start=True)
+        cache_first_true = multihost.client[0].run_command(getent_admproxy,
+                                                           raiseonerr=False)
+        assert cache_first_true.returncode == 0, "Bug 2013294/1992973/2013379"
+        section = "nss"
+        section_params = {"cache_first": "True"}
+        tools.sssd_conf(section, section_params, action="delete")
+        tools.clear_sssd_cache(start=True)
+        cache_first_false = multihost.client[0].run_command(getent_admproxy,
+                                                            raiseonerr=False)
+        assert cache_first_false.returncode == 0

From 60c0186c250844a4fc2d9d02c081d4d8072f8f0b Mon Sep 17 00:00:00 2001
From: Dhairya Parmar <dpar...@dparmar.pnq.csb>
Date: Thu, 18 Nov 2021 12:09:49 +0530
Subject: [PATCH 2/2] TEST: Lookup with fully-qualified name with 'cache_first
 = True'

Explanation
- If the 'cache_first = True' option is used with the nss responder a lookup
  with the fully-qualified name of a user or group will fail if the requested
  object is not already in the cache.
- With earlier versions of sssd, using 'cache_first = True' in nss section of
  sssd.conf, the lookup of a user or a group would return nothing, for e.g.
  'getent passwd adm@proxy' would just return to bash prompt and 'echo $?'
  would return exit code 2.
- The same works when 'cache_first = True' is not used.
- With latest rpm version sssd-2.6.1-1.el8, this issue has been fixed and
  this test is intended to support it. Now, with 'cache_first = True' or
  without 'cache_first = True', 'getent passwd adm@proxy' always returns
  the indentity of adm.

Verifies
  Issue: https://github.com/SSSD/sssd/issues/5744
  Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
---
 src/tests/multihost/alltests/test_misc.py | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index 48bdc1ca64..f241800272 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -354,12 +354,12 @@ def test_0006_getent_group(self, multihost,
                "user-4@example1,user-6@example1," \
                "user-8@example1" in cmd.stdout_text
 
-    @pytest.mark.tier1
+    @pytest.mark.tier1_2
     def test_0007_getent_admproxy(self, multihost, backupsssdconf):
         """
-        :title: 'getent passwd adm@proxy' doesn't
-         return anything when 'cache_first = True' option is used with
-         nss i.e. lookup with the fully-qualified name of a user or
+        :title: 'getent passwd adm@proxy' doesn't return anything when
+         'cache_first = True' option is used with nss.
+        :description: Lookup with the fully-qualified name of a user or
          group will fail if the requested object is not already in the
          cache.
         :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2013294
@@ -373,7 +373,7 @@ def test_0007_getent_admproxy(self, multihost, backupsssdconf):
             1. Should succeed
             2. Should succeed
             3. 'getent passwd adm@proxy' should return identity lookup
-            of user adm.
+               of user adm.
         """
         getent_admproxy = "getent passwd adm@proxy"
         tools = sssdTools(multihost.client[0])
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to