Avoid keyctl purge in keyring ccache tests

keyctl purge was added in keyutils 1.5 (released in March 2011).  Use
keyctl unlink to clean up keys instead, as it is more universal.

ticket: 7810
target_version: 1.12.1
tags: pullup

diff --git a/src/lib/krb5/ccache/t_cccol.py b/src/lib/krb5/ccache/t_cccol.py
index e7626256620d1f67be627ac6b68e42961a1f35c3..e6d715cbaf1d76cfda0f0a9812153930e0d00464 100644 (file)
--- a/src/lib/krb5/ccache/t_cccol.py
+++ b/src/lib/krb5/ccache/t_cccol.py
@@ -11,30 +11,33 @@ test_keyring = (keyctl is not None and
 # Run the collection test program against each collection-enabled type.
 realm.run(['./t_cccol', 'DIR:' + os.path.join(realm.testdir, 'cc')])
 if test_keyring:
+    def cleanup_keyring(anchor, name):
+        out = realm.run(['keyctl', 'list', anchor])
+        if ('keyring: ' + name + '\n') in out:
+            keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name])
+            realm.run(['keyctl', 'unlink', keyid.strip(), anchor])
+
     # Use the test directory as the collection name to avoid colliding
     # with other build trees.
     cname = realm.testdir
+    col_ringname = '_krb_' + cname
 
     # Remove any keys left behind by previous failed test runs.
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', cname])
-    out = realm.run(['keyctl', 'list', '@u'])
-    if ('keyring: _krb_' + cname + '\n') in out:
-        id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname])
-        realm.run(['keyctl', 'unlink', id.strip(), '@u'])
+    cleanup_keyring('@s', cname)
+    cleanup_keyring('@s', col_ringname)
+    cleanup_keyring('@u', col_ringname)
 
     # Run test program over each subtype, cleaning up as we go.  Don't
     # test the persistent subtype, since it supports only one
     # collection and might be in actual use.
     realm.run(['./t_cccol', 'KEYRING:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:legacy:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:session:' + cname])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:user:' + cname])
-    id = realm.run(['keyctl', 'search', '@u', 'keyring', '_krb_' + cname])
-    realm.run(['keyctl', 'unlink', id.strip(), '@u'])
+    cleanup_keyring('@u', col_ringname)
     realm.run(['./t_cccol', 'KEYRING:process:abcd'])
     realm.run(['./t_cccol', 'KEYRING:thread:abcd'])
 
@@ -57,8 +60,7 @@ realm.kinit('alice', password('alice'), flags=['-c', dalice])
 realm.kinit('bob', password('bob'), flags=['-c', dbob])
 
 if test_keyring:
-    cname = realm.testdir
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     krccname = 'KEYRING:session:' + cname
     kruser = '%s:tkt1' % krccname
     kralice = '%s:tkt2' % krccname
@@ -105,7 +107,7 @@ realm.run(['./t_cccursor', realm.ccache, 'CONTENT'])
 realm.run(['./t_cccursor', mfoo, 'CONTENT'], expected_code=1)
 if test_keyring:
     realm.run(['./t_cccursor', krccname, 'CONTENT'])
-    realm.run(['keyctl', 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
 # Make sure FILE doesn't yield a nonexistent default cache.
 realm.run([kdestroy])

diff --git a/src/tests/t_ccache.py b/src/tests/t_ccache.py
index eedd29af8f1aaefe9ab9979782f50b98be390a06..dd20e11399a53c57ec64c815d6ab3ed4e5ee3fcf 100644 (file)
--- a/src/tests/t_ccache.py
+++ b/src/tests/t_ccache.py
@@ -85,13 +85,20 @@ def collection_test(realm, ccname):
 
 collection_test(realm, 'DIR:' + os.path.join(realm.testdir, 'cc'))
 if test_keyring:
+    def cleanup_keyring(anchor, name):
+        out = realm.run(['keyctl', 'list', anchor])
+        if ('keyring: ' + name + '\n') in out:
+            keyid = realm.run(['keyctl', 'search', anchor, 'keyring', name])
+            realm.run(['keyctl', 'unlink', keyid.strip(), anchor])
+
     # Use realm.testdir as the collection name to avoid conflicts with
     # other build trees.
     cname = realm.testdir
+    col_ringname = '_krb_' + cname
 
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
     collection_test(realm, 'KEYRING:session:' + cname)
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
     # Test legacy keyring cache linkage.
     realm.env['KRB5CCNAME'] = 'KEYRING:' + cname
@@ -108,12 +115,10 @@ if test_keyring:
     # Remove the collection keyring.  When the collection is
     # reinitialized, the legacy cache should reappear inside it
     # automatically as the primary cache.
-    out = realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
-    if 'purged 1 keys' not in out:
-        fail('Could not purge collection keyring')
+    cleanup_keyring('@s', col_ringname)
     out = realm.run([klist])
     if realm.user_princ not in out:
-        fail('Cannot see legacy cache after purging collection')
+        fail('Cannot see legacy cache after removing collection')
     coll_id = realm.run([keyctl, 'search', '@s', 'keyring', '_krb_' + cname])
     out = realm.run([keyctl, 'list', coll_id.strip()])
     if (id.strip() + ':') not in out:
@@ -121,8 +126,7 @@ if test_keyring:
     # Destroy the cache and check that it is unlinked from the session keyring.
     realm.run([kdestroy])
     realm.run([keyctl, 'search', '@s', 'keyring', cname], expected_code=1)
-    # Clean up the collection key.
-    realm.run([keyctl, 'purge', 'keyring', '_krb_' + cname])
+    cleanup_keyring('@s', col_ringname)
 
 # Test parameter expansion in default_ccache_name
 realm.stop()