From 7a13200fd8b92dd90ebc4b6416ef25659df8aa71 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 16 Jul 2021 12:59:47 -0400
Subject: [PATCH] ipatests: test ipa-getkeytab server option
Test various usages of the -s/--server option:
* -s is defined, use it as the server
* no -s, use the host value from /etc/ipa/default.conf
* -s is '_srv_', do DNS discovery
https://pagure.io/freeipa/issue/8478
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
---
ipatests/test_integration/test_commands.py | 58 ++++++++++++++++++++++
1 file changed, 58 insertions(+)
diff --git a/ipatests/test_integration/test_commands.py b/ipatests/test_integration/test_commands.py
index d64519eb7..2035ced56 100644
--- a/ipatests/test_integration/test_commands.py
+++ b/ipatests/test_integration/test_commands.py
@@ -1467,6 +1467,64 @@ class TestIPACommand(IntegrationTest):
assert 'This account is currently not available' in \
result.stdout_text
+ def test_ipa_getkeytab_server(self):
+ """
+ Exercise the ipa-getkeytab server options
+
+ This relies on the behavior that without a TGT
+ ipa-getkeytab will quit and not do much of anything.
+
+ A bogus keytab and principal are passed in to satisfy the
+ minimum requirements.
+ """
+ tasks.kdestroy_all(self.master)
+
+ # Pass in a server name to use
+ result = self.master.run_command(
+ [
+ paths.IPA_GETKEYTAB,
+ "-k",
+ "/tmp/keytab",
+ "-p",
+ "foo",
+ "-s",
+ self.master.hostname,
+ "-v",
+ ], raiseonerr=False).stderr_text
+
+ assert 'Using provided server %s' % self.master.hostname in result
+
+ # Don't pass in a name, should use /etc/ipa/default.conf
+ result = self.master.run_command(
+ [
+ paths.IPA_GETKEYTAB,
+ "-k",
+ "/tmp/keytab",
+ "-p",
+ "foo",
+ "-v",
+ ], raiseonerr=False).stderr_text
+
+ assert (
+ 'Using server from config %s' % self.master.hostname
+ in result
+ )
+
+ # Use DNS SRV lookup
+ result = self.master.run_command(
+ [
+ paths.IPA_GETKEYTAB,
+ "-k",
+ "/tmp/keytab",
+ "-p",
+ "foo",
+ "-s",
+ "_srv_",
+ "-v",
+ ], raiseonerr=False).stderr_text
+
+ assert 'Discovered server %s' % self.master.hostname in result
+
class TestIPACommandWithoutReplica(IntegrationTest):
"""
--
2.31.1