wait_for_prop(kpropd2, True, 2, 0)
check_ulog(0, 0, 0, [], slave2)
+# Stop the kprop daemons so we can test kpropd -t.
+stop_daemon(kpropd1)
+stop_daemon(kpropd2)
+
+# Test the case where no updates are needed.
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'KDC is synchronized' not in out:
+ fail('Expected synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+
+# Make a change on the master; this will cause a full resync since the
+# master was recently reinitialized.
+realm.run([kadminl, 'modprinc', '-maxlife', '5 minutes', pr1])
+check_ulog(1, 1, 1, [pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+ 'KDC is synchronized' not in out):
+ fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 1, [], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:05:00' not in out:
+ fail('slave1 does not have modification from master after kpropd -t')
+
+# Make another change and get it via incremental update.
+realm.run([kadminl, 'modprinc', '-maxlife', '15 minutes', pr1])
+check_ulog(2, 1, 2, [pr1, pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'Got incremental updates (sno=2 ' not in out:
+ fail('Expected incremental updates from kpropd -t')
+check_ulog(1, 2, 2, [pr1], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:15:00' not in out:
+ fail('slave1 does not have modification from master after kpropd -t')
+
+# Propagate a policy change via full resync.
+realm.run([kadminl, 'addpol', '-minclasses', '3', 'testpol'])
+check_ulog(0, 0, 0, [])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+ 'KDC is synchronized' not in out):
+ fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+out = realm.run([kadminl, 'getpol', 'testpol'], env=slave1)
+if 'Minimum number of password character classes: 3' not in out:
+ fail('slave1 does not have policy from master after kpropd -t')
+
success('iprop tests')
is given, it contains a list of additional kpropd arguments.
Returns a handle to the kpropd process.
+* realm.run_kpropd_once(env, args=[]): Run kpropd once, using the -t
+ flag. Pass an environment created with realm.special_env() for the
+ slave. If args is given, it contains a list of additional kpropd
+ arguments. Returns the kpropd output.
+
* realm.realm: The realm's name.
* realm.testdir: The realm's storage directory (absolute path).
stop_daemon(self._kadmind_proc)
self._kadmind_proc = None
- def start_kpropd(self, env, args=[]):
- global krb5kdc
+ def _kpropd_args(self):
slavedump_path = os.path.join(self.testdir, 'incoming-slave-datatrans')
kpropdacl_path = os.path.join(self.testdir, 'kpropd-acl')
- proc = _start_daemon([kpropd, '-D', '-P', str(self.kprop_port()),
- '-f', slavedump_path, '-p', kdb5_util,
- '-a', kpropdacl_path] + args, env, 'ready')
+ return [kpropd, '-D', '-P', str(self.kprop_port()),
+ '-f', slavedump_path, '-p', kdb5_util, '-a', kpropdacl_path]
+
+ def start_kpropd(self, env, args=[]):
+ proc = _start_daemon(self._kpropd_args() + args, env, 'ready')
self._kpropd_procs.append(proc)
return proc
+ def run_kpropd_once(self, env, args=[]):
+ return self.run(self._kpropd_args() + ['-t'] + args, env=env)
+
def stop(self):
if self._kdc_proc:
self.stop_kdc()
projects / thirdparty / krb5.git / commitdiff
