From a39af6b7228d8ba85b9e97aa5decbc056d081c77 Mon Sep 17 00:00:00 2001
From: Sudhir Menon <sumenon@redhat.com>
Date: Thu, 23 Jun 2022 16:14:39 +0530
Subject: [PATCH] ipatests: ipa-client-install --subid adds entry in
nsswitch.conf
This testcase checks that when ipa-client-install command
is run with --subid option, /etc/nsswitch.conf file is updated
with the below entry
subid: nss
Related: https://pagure.io/freeipa/issue/9159
Since the newly added testsuite required client
system, hence modified the below yaml files to change the topology
from *master_1repl to *master_1repl_1client in the below files
gating.yaml
nightly_latest.yaml
nightly_rawhide.yaml
Signed-off-by: Sudhir Menon <sumenon@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Michal Polovka <mpolovka@redhat.com>
Reviewed-By: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
Signed-off-by: Sudhir Menon <sumenon@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Michal Polovka <mpolovka@redhat.com>
Reviewed-By: Stanislav Levin <slev@altlinux.org>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
---
ipatests/prci_definitions/gating.yaml | 2 +-
.../nightly_ipa-4-10_latest.yaml | 2 +-
.../nightly_ipa-4-10_latest_selinux.yaml | 2 +-
.../nightly_ipa-4-10_previous.yaml | 2 +-
ipatests/test_integration/test_subids.py | 38 +++++++++++++++++++
5 files changed, 42 insertions(+), 4 deletions(-)
diff --git a/ipatests/prci_definitions/gating.yaml b/ipatests/prci_definitions/gating.yaml
index 4083c650a17ce76bdefa243f1a7c5924039ff0bb..db4875dcfae8676287ef771805b34d988330bb40 100644
--- a/ipatests/prci_definitions/gating.yaml
+++ b/ipatests/prci_definitions/gating.yaml
@@ -309,4 +309,4 @@ jobs:
test_suite: test_integration/test_subids.py
template: *ci-ipa-4-10-latest
timeout: 3600
- topology: *master_1repl
+ topology: *master_1repl_1client
diff --git a/ipatests/prci_definitions/nightly_ipa-4-10_latest.yaml b/ipatests/prci_definitions/nightly_ipa-4-10_latest.yaml
index 24aa6e7cf29e448ba9d838d1cb98169213ea63ef..027b2a5b6c0b7ec3c3b5784ec4569661a06d4ed7 100644
--- a/ipatests/prci_definitions/nightly_ipa-4-10_latest.yaml
+++ b/ipatests/prci_definitions/nightly_ipa-4-10_latest.yaml
@@ -1748,7 +1748,7 @@ jobs:
test_suite: test_integration/test_subids.py
template: *ci-ipa-4-10-latest
timeout: 3600
- topology: *master_1repl
+ topology: *master_1repl_1client
fedora-latest-ipa-4-10/test_custom_plugins:
requires: [fedora-latest-ipa-4-10/build]
diff --git a/ipatests/prci_definitions/nightly_ipa-4-10_latest_selinux.yaml b/ipatests/prci_definitions/nightly_ipa-4-10_latest_selinux.yaml
index f22cc08384b3d50e49278d38e73bf93cd7804e80..bcc17bef935666735bfb2c2e51209362a374b511 100644
--- a/ipatests/prci_definitions/nightly_ipa-4-10_latest_selinux.yaml
+++ b/ipatests/prci_definitions/nightly_ipa-4-10_latest_selinux.yaml
@@ -1887,7 +1887,7 @@ jobs:
test_suite: test_integration/test_subids.py
template: *ci-ipa-4-10-latest
timeout: 3600
- topology: *master_1repl
+ topology: *master_1repl_1client
fedora-latest-ipa-4-10/test_custom_plugins:
requires: [fedora-latest-ipa-4-10/build]
diff --git a/ipatests/prci_definitions/nightly_ipa-4-10_previous.yaml b/ipatests/prci_definitions/nightly_ipa-4-10_previous.yaml
index df98a66871fd90daaebd83f063e48f1580675049..37d38762e696a6394ef146a0e2b68bbc8ced515d 100644
--- a/ipatests/prci_definitions/nightly_ipa-4-10_previous.yaml
+++ b/ipatests/prci_definitions/nightly_ipa-4-10_previous.yaml
@@ -1748,7 +1748,7 @@ jobs:
test_suite: test_integration/test_subids.py
template: *ci-ipa-4-10-previous
timeout: 3600
- topology: *master_1repl
+ topology: *master_1repl_1client
fedora-previous-ipa-4-10/test_custom_plugins:
requires: [fedora-previous-ipa-4-10/build]
diff --git a/ipatests/test_integration/test_subids.py b/ipatests/test_integration/test_subids.py
index f6d8607f237bf03358baae008dd2a6ad819751c0..8158499e1a2b71bdc1a308dec0939fd0d491599d 100644
--- a/ipatests/test_integration/test_subids.py
+++ b/ipatests/test_integration/test_subids.py
@@ -17,6 +17,7 @@ from ipatests.test_integration.base import IntegrationTest
class TestSubordinateId(IntegrationTest):
num_replicas = 0
+ num_clients = 1
topology = "star"
def _parse_result(self, result):
@@ -268,3 +269,40 @@ class TestSubordinateId(IntegrationTest):
f"--subuid={subuid}"])
owner = self._parse_result(result)["owner"]
assert owner == uid
+
+ def test_nsswitch_doesnot_contain_subid_entry(self):
+ """
+ This testcase checks that when ipa-client-install
+ is installed without subid option, the nsswitch.conf
+ does not contain subid entry or does not use sss as
+ source for subid
+ """
+ cmd = self.clients[0].run_command(
+ ["grep", "^subid", "/etc/nsswitch.conf"],
+ raiseonerr=False
+ )
+ # a source is defined for the subid database.
+ # Ensure it is not "sss"
+ if cmd.returncode == 0:
+ assert 'sss' not in cmd.stdout_text
+ else:
+ # grep command returncode 1 means no matching line
+ # was found = no source is defined for the subid database,
+ # which is valid other return codes would
+ # mean an error occurred
+ assert cmd.returncode == 1
+
+ def test_nsswitch_is_updated_with_subid_entry(self):
+ """
+ This test case checks that when ipa-client-install
+ is installed with --subid option, the nsswitch.conf
+ file is modified with the entry 'subid: sss'
+ """
+ tasks.uninstall_client(self.clients[0])
+ tasks.install_client(self.master, self.clients[0],
+ extra_args=['--subid'])
+ cmd = self.clients[0].run_command(
+ ["grep", "^subid", "/etc/nsswitch.conf"]
+ )
+ subid = cmd.stdout_text.split()
+ assert ['subid:', 'sss'] == subid
--
2.37.2