|
 |
6cf099 |
From 2d4478e11739f3934d788a9c47c8d990e41afd67 Mon Sep 17 00:00:00 2001
|
|
|
6cf099 |
From: Lukas Slebodnik <lslebodn@redhat.com>
|
|
|
6cf099 |
Date: Tue, 4 Aug 2015 11:59:35 +0200
|
|
|
6cf099 |
Subject: [PATCH 46/47] test_memory_cache: Test mmap cache after initgroups
|
|
|
6cf099 |
MIME-Version: 1.0
|
|
|
6cf099 |
Content-Type: text/plain; charset=UTF-8
|
|
|
6cf099 |
Content-Transfer-Encoding: 8bit
|
|
|
6cf099 |
|
|
|
6cf099 |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
|
|
6cf099 |
---
|
|
|
6cf099 |
src/tests/intg/test_memory_cache.py | 89 +++++++++++++++++++++++++++++++++++++
|
|
|
6cf099 |
1 file changed, 89 insertions(+)
|
|
|
6cf099 |
|
|
|
6cf099 |
diff --git a/src/tests/intg/test_memory_cache.py b/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
index 12ce3c5054fe76560e31137d88043baf20641d3a..c809a4b6daacfd04834db46d21bfb97ad025ada6 100644
|
|
|
6cf099 |
--- a/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
+++ b/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
@@ -19,6 +19,7 @@
|
|
|
6cf099 |
import os
|
|
|
6cf099 |
import stat
|
|
|
6cf099 |
import ent
|
|
|
6cf099 |
+import grp
|
|
|
6cf099 |
import config
|
|
|
6cf099 |
import signal
|
|
|
6cf099 |
import subprocess
|
|
|
6cf099 |
@@ -481,3 +482,91 @@ def test_initgroups_case_insensitive_with_mc3(ldap_conn,
|
|
|
6cf099 |
|
|
|
6cf099 |
assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last,
|
|
|
6cf099 |
primary_gid, expected_gids)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def run_simple_test_with_initgroups():
|
|
|
6cf099 |
+ ent.assert_passwd_by_name(
|
|
|
6cf099 |
+ 'user1',
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+ ent.assert_passwd_by_uid(
|
|
|
6cf099 |
+ 1001,
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ ent.assert_group_by_name(
|
|
|
6cf099 |
+ "group1",
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user11", "user21")))
|
|
|
6cf099 |
+ ent.assert_group_by_gid(
|
|
|
6cf099 |
+ 2001,
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user11", "user21")))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # unrelated group to user1
|
|
|
6cf099 |
+ ent.assert_group_by_name(
|
|
|
6cf099 |
+ "group2",
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user2", "user12", "user22")))
|
|
|
6cf099 |
+ ent.assert_group_by_gid(
|
|
|
6cf099 |
+ 2002,
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user2", "user12", "user22")))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_initgroups_equal("user1", 2001, [2000, 2001])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidation_of_gids_after_initgroups(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # the sssd cache was empty and not all user's group were
|
|
|
6cf099 |
+ # resolved with getgr{nm,gid}. Therefore there is a change in
|
|
|
6cf099 |
+ # group membership => user groups should be invalidated
|
|
|
6cf099 |
+ run_simple_test_with_initgroups()
|
|
|
6cf099 |
+ assert_initgroups_equal("user1", 2001, [2000, 2001])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ ent.assert_passwd_by_name(
|
|
|
6cf099 |
+ 'user1',
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+ ent.assert_passwd_by_uid(
|
|
|
6cf099 |
+ 1001,
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # unrelated group to user1 must be returned
|
|
|
6cf099 |
+ ent.assert_group_by_name(
|
|
|
6cf099 |
+ "group2",
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user2", "user12", "user22")))
|
|
|
6cf099 |
+ ent.assert_group_by_gid(
|
|
|
6cf099 |
+ 2002,
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user2", "user12", "user22")))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_initgroups_equal("user1", 2001, [2000, 2001])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # user groups must be invalidated
|
|
|
6cf099 |
+ for group in ["group1", "group0x"]:
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ grp.getgrnam(group)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ for gid in [2000, 2001]:
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ grp.getgrgid(gid)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_initgroups_without_change_in_membership(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # the sssd cache was empty and not all user's group were
|
|
|
6cf099 |
+ # resolved with getgr{nm,gid}. Therefore there is a change in
|
|
|
6cf099 |
+ # group membership => user groups should be invalidated
|
|
|
6cf099 |
+ run_simple_test_with_initgroups()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # invalidate cache
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-E"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # all users and groups will be just refreshed from LDAP
|
|
|
6cf099 |
+ # but there will not be a change in group membership
|
|
|
6cf099 |
+ # user groups should not be invlaidated
|
|
|
6cf099 |
+ run_simple_test_with_initgroups()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ # everything should be in memory cache
|
|
|
6cf099 |
+ run_simple_test_with_initgroups()
|
|
|
6cf099 |
--
|
|
|
6cf099 |
2.4.3
|
|
|
6cf099 |
|