|
 |
6cf099 |
From aae797abf3bfcfda124f111d8b4e805e77bee691 Mon Sep 17 00:00:00 2001
|
|
|
6cf099 |
From: Lukas Slebodnik <lslebodn@redhat.com>
|
|
|
6cf099 |
Date: Tue, 4 Aug 2015 12:47:58 +0200
|
|
|
6cf099 |
Subject: [PATCH 47/47] test_memory_cache: Test invalidation with sss_cache
|
|
|
6cf099 |
MIME-Version: 1.0
|
|
|
6cf099 |
Content-Type: text/plain; charset=UTF-8
|
|
|
6cf099 |
Content-Transfer-Encoding: 8bit
|
|
|
6cf099 |
|
|
|
6cf099 |
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
|
|
6cf099 |
---
|
|
|
6cf099 |
src/tests/intg/test_memory_cache.py | 176 ++++++++++++++++++++++++++++++++++++
|
|
|
6cf099 |
1 file changed, 176 insertions(+)
|
|
|
6cf099 |
|
|
|
6cf099 |
diff --git a/src/tests/intg/test_memory_cache.py b/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
index c809a4b6daacfd04834db46d21bfb97ad025ada6..1fd577e652d278c35211b55c871797a3dee98b13 100644
|
|
|
6cf099 |
--- a/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
+++ b/src/tests/intg/test_memory_cache.py
|
|
|
6cf099 |
@@ -20,6 +20,7 @@ import os
|
|
|
6cf099 |
import stat
|
|
|
6cf099 |
import ent
|
|
|
6cf099 |
import grp
|
|
|
6cf099 |
+import pwd
|
|
|
6cf099 |
import config
|
|
|
6cf099 |
import signal
|
|
|
6cf099 |
import subprocess
|
|
|
6cf099 |
@@ -570,3 +571,178 @@ def test_initgroups_without_change_in_membership(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
|
|
|
6cf099 |
# everything should be in memory cache
|
|
|
6cf099 |
run_simple_test_with_initgroups()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def assert_mc_records_for_user1():
|
|
|
6cf099 |
+ ent.assert_passwd_by_name(
|
|
|
6cf099 |
+ 'user1',
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+ ent.assert_passwd_by_uid(
|
|
|
6cf099 |
+ 1001,
|
|
|
6cf099 |
+ dict(name='user1', passwd='*', uid=1001, gid=2001,
|
|
|
6cf099 |
+ gecos='1001', shell='/bin/bash'))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ ent.assert_group_by_name(
|
|
|
6cf099 |
+ "group1",
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user11", "user21")))
|
|
|
6cf099 |
+ ent.assert_group_by_gid(
|
|
|
6cf099 |
+ 2001,
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user11", "user21")))
|
|
|
6cf099 |
+ ent.assert_group_by_name(
|
|
|
6cf099 |
+ "group0x",
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user2", "user3")))
|
|
|
6cf099 |
+ ent.assert_group_by_gid(
|
|
|
6cf099 |
+ 2000,
|
|
|
6cf099 |
+ dict(mem=ent.contains_only("user1", "user2", "user3")))
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_initgroups_equal("user1", 2001, [2000, 2001])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def assert_missing_mc_records_for_user1():
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ pwd.getpwnam("user1")
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ pwd.getpwuid(1001)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ for gid in [2000, 2001]:
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ grp.getgrgid(gid)
|
|
|
6cf099 |
+ for group in ["group0x", "group1"]:
|
|
|
6cf099 |
+ with pytest.raises(KeyError):
|
|
|
6cf099 |
+ grp.getgrnam(group)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ (res, err, _) = sssd_id.call_sssd_initgroups("user1", 2001)
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.UNAVAIL, \
|
|
|
6cf099 |
+ "Initgroups should not find anything after invalidation of mc.\n" \
|
|
|
6cf099 |
+ "User %s, errno:%d" % (user, err)
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_user_before_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-u", "user1"])
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_user_after_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-u", "user1"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_users_before_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-U"])
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_users_after_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-U"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_group_before_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-g", "group1"])
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_group_after_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-g", "group1"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_groups_before_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-G"])
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_groups_after_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-G"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_everything_before_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-E"])
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+def test_invalidate_everything_after_stop(ldap_conn, sanity_rfc2307):
|
|
|
6cf099 |
+ # initialize cache with full ID
|
|
|
6cf099 |
+ (res, errno, _) = sssd_id.get_user_groups("user1")
|
|
|
6cf099 |
+ assert res == sssd_id.NssReturnCode.SUCCESS, \
|
|
|
6cf099 |
+ "Could not find groups for user1 %s, %d" % errno
|
|
|
6cf099 |
+ assert_mc_records_for_user1()
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ stop_sssd()
|
|
|
6cf099 |
+ subprocess.call(["sss_cache", "-E"])
|
|
|
6cf099 |
+
|
|
|
6cf099 |
+ assert_missing_mc_records_for_user1()
|
|
|
6cf099 |
--
|
|
|
6cf099 |
2.4.3
|
|
|
6cf099 |
|