diff --git a/src/tests/multihost/alltests/test_sssctl_local.py b/src/tests/multihost/alltests/test_sssctl_local.py index d1cf2ed6584..ed36711c8dc 100644 --- a/src/tests/multihost/alltests/test_sssctl_local.py +++ b/src/tests/multihost/alltests/test_sssctl_local.py @@ -6,7 +6,6 @@ :upstream: yes :status: approved """ - from __future__ import print_function import pytest from sssd.testlib.common.utils import sssdTools @@ -18,17 +17,17 @@ def client_version(multihost): return True -@pytest.mark.usefixtures("default_sssd") +@pytest.mark.usefixtures('default_sssd') @pytest.mark.sssctl class Testsssctl(object): """ This is test case class for sssctl suite """ - @pytest.mark.converted( - "test_sssctl.py", "test_sssctl__user_show_cache_expiration_time" - ) + @pytest.mark.converted('test_sssctl.py', 'test_sssctl__user_show_cache_expiration_time') @pytest.mark.tier1_2 - def test_0001_bz1640576(self, multihost, backupsssdconf, localusers): + def test_0001_bz1640576(self, multihost, + backupsssdconf, + localusers): """ :title: IDM-SSSD-TC: sssctl: sssctl reports incorrect information about local user's cache entry expiration time @@ -38,22 +37,27 @@ def test_0001_bz1640576(self, multihost, backupsssdconf, localusers): pytest.skip("Files Provider support isn't available, skipping") users = localusers tools = sssdTools(multihost.client[0]) - multihost.client[0].service_sssd("stop") - tools.remove_sss_cache("/var/lib/sss/db") - tools.remove_sss_cache("/var/log/sssd") - sssd_param = {"domains": "local"} - tools.sssd_conf("sssd", sssd_param) - param = {"id_provider": "files", "passwd_files": "/etc/passwd"} - tools.sssd_conf("domain/local", param) - multihost.client[0].service_sssd("start") + multihost.client[0].service_sssd('stop') + tools.remove_sss_cache('/var/lib/sss/db') + tools.remove_sss_cache('/var/log/sssd') + sssd_param = {'domains': 'local'} + tools.sssd_conf('sssd', sssd_param) + param = {'id_provider': 'files', + 'passwd_files': '/etc/passwd'} + tools.sssd_conf('domain/local', param) + multihost.client[0].service_sssd('start') for user in users.keys(): - sssctl_cmd = "sssctl user-show %s" % user - cmd = multihost.client[0].run_command(sssctl_cmd, raiseonerr=False) - assert "Cache entry expiration time: Never" in cmd.stdout_text + sssctl_cmd = 'sssctl user-show %s' % user + cmd = multihost.client[0].run_command(sssctl_cmd, + raiseonerr=False) + assert 'Cache entry expiration time: Never'\ + in cmd.stdout_text - @pytest.mark.converted("test_sssctl.py", "test_sssctl__handle_implicit_domain") + @pytest.mark.converted('test_sssctl.py', 'test_sssctl__handle_implicit_domain') @pytest.mark.tier1_2 - def test_0002_bz1599207(self, multihost, backupsssdconf, localusers): + def test_0002_bz1599207(self, multihost, + backupsssdconf, + localusers): """ :title: IDM-SSSD-TC: sssctl: sssd tools do not handle the implicit domain @@ -63,27 +67,28 @@ def test_0002_bz1599207(self, multihost, backupsssdconf, localusers): pytest.skip("Files Provider support isn't available, skipping") users = localusers tools = sssdTools(multihost.client[0]) - multihost.client[0].service_sssd("stop") - tools.remove_sss_cache("/var/lib/sss/db") - tools.remove_sss_cache("/var/log/sssd") - tools.sssd_conf("sssd", {"enable_files_domain": "true"}, action="update") - multihost.client[0].service_sssd("start") + multihost.client[0].service_sssd('stop') + tools.remove_sss_cache('/var/lib/sss/db') + tools.remove_sss_cache('/var/log/sssd') + tools.sssd_conf("sssd", + {'enable_files_domain': 'true'}, + action='update') + multihost.client[0].service_sssd('start') for user in users.keys(): - cmd = multihost.client[0].run_command( - "getent" - " -s sss" - " passwd %s " - "&& sssctl " - "user-show %s" % (user, user), - raiseonerr=False, - ) - assert ( - "Cache entry creation date" in cmd.stdout_text and cmd.returncode == 0 - ) + cmd = multihost.client[0].run_command('getent' + ' -s sss' + ' passwd %s ' + '&& sssctl ' + 'user-show %s' % + (user, user), + raiseonerr=False) + assert 'Cache entry creation date' in \ + cmd.stdout_text and cmd.returncode == 0 - @pytest.mark.converted("test_cache.py", "test_sss_cache__cache_expire_message") + @pytest.mark.converted('test_sss_cache.py', 'test_sss_cache__cache_expire_message') @pytest.mark.tier1_2 - def test_0003_bz1661182(self, multihost, backupsssdconf): + def test_0003_bz1661182(self, multihost, + backupsssdconf): """ :title: sss_cache prints spurious error messages when invoked from shadow-utils on package install @@ -106,24 +111,24 @@ def test_0003_bz1661182(self, multihost, backupsssdconf): if not multihost.client[0].detect_files_provider(): pytest.skip("Files Provider support isn't available, skipping") tools = sssdTools(multihost.client[0]) - ldap_params = {"enable_files_domain": "false"} - tools.sssd_conf("sssd", ldap_params) + ldap_params = {'enable_files_domain': 'false'} + tools.sssd_conf('sssd', ldap_params) with pytest.raises(SSSDException): - multihost.client[0].service_sssd("restart") + multihost.client[0].service_sssd('restart') ps_cmd = "> /var/log/sssd/sssd.log" multihost.client[0].run_command(ps_cmd) ps_cmd = "useradd user1_test" multihost.client[0].run_command(ps_cmd, raiseonerr=False) ps_cmd = "usermod -a -G wheel user1_test" cmd = multihost.client[0].run_command(ps_cmd) - assert "No domains configured, fatal error!" not in cmd.stdout_text + assert 'No domains configured, fatal error!' \ + not in cmd.stdout_text ps_cmd = "userdel user1_test" multihost.client[0].run_command(ps_cmd) - for ps_cmd in ( - "sss_cache -U", - "sss_cache -G", - "sss_cache -E", - "sss_cache -u non-existinguser", - ): + for ps_cmd in ('sss_cache -U', + 'sss_cache -G', + 'sss_cache -E', + 'sss_cache -u non-existinguser'): cmd = multihost.client[0].run_command(ps_cmd) - assert "No domains configured, fatal error!" not in cmd.stdout_text + assert 'No domains configured, fatal error!' \ + not in cmd.stdout_text diff --git a/src/tests/system/tests/test_cache.py b/src/tests/system/tests/test_cache.py index 9b6b7805c1a..4bd7c958230 100644 --- a/src/tests/system/tests/test_cache.py +++ b/src/tests/system/tests/test_cache.py @@ -86,6 +86,7 @@ def test_cache__is_refreshed_as_configured(client: Client, provider: GenericProv assert last_update[s] <= (int(y[1][0])), f"{s} lastUpdate value is greater than expected!" +@pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) def test_cache__search_for_user_in_ldb_databases(client: Client, provider: GenericProvider): """ @@ -118,6 +119,7 @@ def test_cache__search_for_user_in_ldb_databases(client: Client, provider: Gener assert ldb2 != {}, f"ldbsearch failed to find user1 in {timestamps}" +@pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) def test_cache__search_for_user_using_fully_qualified_name_in_ldb_databases(client: Client, provider: GenericProvider): """ @@ -150,6 +152,7 @@ def test_cache__search_for_user_using_fully_qualified_name_in_ldb_databases(clie assert ldb2 != {}, f"ldbsearch failed to find user1@test in {timestamps}" +@pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) def test_cache__check_ldb_database_for_latest_user_changes_when_modified_and_deleted( client: Client, provider: GenericProvider @@ -164,7 +167,6 @@ def test_cache__check_ldb_database_for_latest_user_changes_when_modified_and_del 1. Login as users 2. Modify 'user-modify' shell and delete 'user-delete' and clear cache 3. Login as users -<<<<<<< HEAD 4. Lookup user 'user-delete' 5. Lookup user 'user-modify' :expectedresults: @@ -173,14 +175,6 @@ def test_cache__check_ldb_database_for_latest_user_changes_when_modified_and_del 3. User 'user-modify' logged in 4. User 'user-delete' is not found 5. User 'user-modify' is found and shell was updated -======= - 4. Lookup user 'user-modify' - :expectedresults: - 1. Users logged in - 2. User is modified and user is deleted - 3. User 'user-modify' logged in - 4. User's shell was updated ->>>>>>> 6ed7dd4a4 (tests: housekeeping - test_cache.py) :customerscenario: False """ provider.user("user-modify").add(shell="/bin/bash") @@ -200,10 +194,105 @@ def test_cache__check_ldb_database_for_latest_user_changes_when_modified_and_del assert client.auth.ssh.password("user-modify", "Secret123"), "Login failed!" assert not client.auth.ssh.password("user-delete", "Secret123"), "Login successful!" -<<<<<<< HEAD result = client.tools.getent.passwd("user-modify") assert result is not None, "User not found!" assert result.shell == "/bin/sh", "User shell did not update!" -======= - assert client.tools.getent.passwd("user-modify").shell == "/bin/sh", "User shell did not update!" ->>>>>>> 6ed7dd4a4 (tests: housekeeping - test_cache.py) + + +@pytest.mark.importance("medium") +@pytest.mark.ticket(gh=6652, bz=2162552) +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_cache__netgroups_add_remove_netgroup_triple(client: Client, provider: GenericProvider): + """ + :title: Netgroup triple is correctly removed from cached record + :setup: + 1. Create local user "user-1" + 2. Create netgroup "ng-1" + 3. Add "(-,user-1,)" triple to the netgroup + 4. Start SSSD + :steps: + 1. Run "getent netgroup ng-1" + 2. Remove "(-,user-1,)" triple from "ng-1" + 3. Invalidate netgroup in cache "sssctl cache-expire -n ng-1" + 4. Run "getent netgroup ng-1" + :expectedresults: + 1. "(-,user-1,)" is present in the netgroup + 2. Triple was removed from the netgroup + 3. Cached record was invalidated + 4. "(-,user-1,)" is not present in the netgroup + :customerscenario: True + :requirement: netgroup + """ + user = provider.user("user-1").add() + ng = provider.netgroup("ng-1").add().add_member(user=user) + + client.sssd.start() + + result = client.tools.getent.netgroup("ng-1") + assert result is not None, "Netgroup not found!" + assert result.name == "ng-1", f"Netgroup 'ng-1' name doesn't match {result.name}!" + assert len(result.members) == 1, "Wrong number of netgroup members!" + assert "(-, user-1)" in result.members, "user-1 not in netgroup triple!" + + ng.remove_member(user=user) + client.sssctl.cache_expire(netgroups=True) + + result = client.tools.getent.netgroup("ng-1") + assert result is not None, "Netgroup not found!" + assert result.name == "ng-1", f"Netgroup 'ng-1' name doesn't match {result.name}!" + assert len(result.members) == 0, "Wrong number of netgroup members!" + + +@pytest.mark.importance("medium") +@pytest.mark.ticket(gh=6652, bz=2162552) +@pytest.mark.topology(KnownTopologyGroup.AnyProvider) +def test_cache__netgroups_add_remove_netgroup_member(client: Client, provider: GenericProvider): + """ + :title: Netgroup member is correctly removed from cached record + :setup: + 1. Create local user "user-1" + 2. Create local user "user-2" + 3. Create netgroup "ng-1" + 4. Create netgroup "ng-2" + 5. Add "(-,user-1,)" triple to the netgroup "ng-1" + 6. Add "(-,user-2,)" triple to the netgroup "ng-2" + 7. Add "ng-1" as a member to "ng-2" + 8. Start SSSD + :steps: + 1. Run "getent netgroup ng-2" + 2. Remove "ng-1" from "ng-2" + 3. Invalidate netgroup "ng-2" in cache "sssctl cache-expire -n ng-2" + 4. Run "getent netgroup ng-2" + :expectedresults: + 1. "(-,user-1,)", "(-,user-2,)" is present in the netgroup + 2. Netgroup member was removed from the netgroup + 3. Cached record was invalidated + 4. "(-,user-1,)" is not present in the netgroup, only "(-,user-2,)" + :customerscenario: True + :requirement: netgroup + """ + u1 = provider.user("user-1").add() + u2 = provider.user("user-2").add() + + ng1 = provider.netgroup("ng-1").add().add_member(user=u1) + ng2 = provider.netgroup("ng-2").add().add_member(user=u2, ng=ng1) + + client.sssd.start() + + result = client.tools.getent.netgroup("ng-2") + assert result is not None, "Netgroup 'ng-2' not found!" + assert result.name == "ng-2", f"Netgroup 'ng-2' name doesn't match {result.name}!" + assert len(result.members) == 2, "Wrong number of netgroup members!" + assert "(-, user-1)" in result.members, "user-1 not in netgroup triple!" + assert "(-, user-2)" in result.members, "user-2 not in netgroup triple!" + + ng2.remove_member(ng=ng1) + client.sssctl.cache_expire(netgroups=True) + + result = client.tools.getent.netgroup("ng-2") + assert result is not None, "Netgroup 'ng-2' not found!" + assert result.name == "ng-2", f"Netgroup 'ng-2' name doesn't match {result.name}!" + assert len(result.members) == 1, "Wrong number of netgroup members!" + assert "(-, user-1)" not in result.members, "user-1 in netgroup triple!" + assert "(-, user-2)" in result.members, "user-2 not in netgroup triple!" +>>>>>>> c0d7d0d39 (tests: housekeeping - netgroups) diff --git a/src/tests/system/tests/test_netgroups.py b/src/tests/system/tests/test_netgroups.py deleted file mode 100644 index 87ebafd21f2..00000000000 --- a/src/tests/system/tests/test_netgroups.py +++ /dev/null @@ -1,110 +0,0 @@ -""" -Netgroup tests. - -:requirement: netgroup -""" - -from __future__ import annotations - -import pytest -from sssd_test_framework.roles.client import Client -from sssd_test_framework.roles.generic import GenericProvider -from sssd_test_framework.topology import KnownTopologyGroup - - -@pytest.mark.importance("medium") -@pytest.mark.cache -@pytest.mark.ticket(gh=6652, bz=2162552) -@pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_netgroups__add_remove_netgroup_triple(client: Client, provider: GenericProvider): - """ - :title: Netgroup triple is correctly removed from cached record - :setup: - 1. Create local user "user-1" - 2. Create netgroup "ng-1" - 3. Add "(-,user-1,)" triple to the netgroup - 4. Start SSSD - :steps: - 1. Run "getent netgroup ng-1" - 2. Remove "(-,user-1,)" triple from "ng-1" - 3. Invalidate netgroup in cache "sssctl cache-expire -n ng-1" - 4. Run "getent netgroup ng-1" - :expectedresults: - 1. "(-,user-1,)" is present in the netgroup - 2. Triple was removed from the netgroup - 3. Cached record was invalidated - 4. "(-,user-1,)" is not present in the netgroup - :customerscenario: True - """ - user = provider.user("user-1").add() - ng = provider.netgroup("ng-1").add().add_member(user=user) - - client.sssd.start() - - result = client.tools.getent.netgroup("ng-1") - assert result is not None - assert result.name == "ng-1" - assert len(result.members) == 1 - assert "(-, user-1)" in result.members - - ng.remove_member(user=user) - client.sssctl.cache_expire(netgroups=True) - - result = client.tools.getent.netgroup("ng-1") - assert result is not None - assert result.name == "ng-1" - assert len(result.members) == 0 - - -@pytest.mark.importance("medium") -@pytest.mark.cache -@pytest.mark.ticket(gh=6652, bz=2162552) -@pytest.mark.topology(KnownTopologyGroup.AnyProvider) -def test_netgroups__add_remove_netgroup_member(client: Client, provider: GenericProvider): - """ - :title: Netgroup member is correctly removed from cached record - :setup: - 1. Create local user "user-1" - 2. Create local user "user-2" - 3. Create netgroup "ng-1" - 4. Create netgroup "ng-2" - 5. Add "(-,user-1,)" triple to the netgroup "ng-1" - 6. Add "(-,user-2,)" triple to the netgroup "ng-2" - 7. Add "ng-1" as a member to "ng-2" - 8. Start SSSD - :steps: - 1. Run "getent netgroup ng-2" - 2. Remove "ng-1" from "ng-2" - 3. Invalidate netgroup "ng-2" in cache "sssctl cache-expire -n ng-2" - 4. Run "getent netgroup ng-2" - :expectedresults: - 1. "(-,user-1,)", "(-,user-2,)" is present in the netgroup - 2. Netgroup member was removed from the netgroup - 3. Cached record was invalidated - 4. "(-,user-1,)" is not present in the netgroup, only "(-,user-2,)" - :customerscenario: True - """ - u1 = provider.user("user-1").add() - u2 = provider.user("user-2").add() - - ng1 = provider.netgroup("ng-1").add().add_member(user=u1) - ng2 = provider.netgroup("ng-2").add().add_member(user=u2, ng=ng1) - - client.sssd.start() - - result = client.tools.getent.netgroup("ng-2") - assert result is not None - assert result.name == "ng-2" - assert len(result.members) == 2 - assert "(-, user-1)" in result.members - assert "(-, user-2)" in result.members - - ng2.remove_member(ng=ng1) - client.sssctl.cache_expire(netgroups=True) - - result = client.tools.getent.netgroup("ng-2") - assert result is not None - assert result.name == "ng-2" - assert len(result.members) == 1 - assert "(-, user-1)" not in result.members - assert "(-, user-2)" in result.members