From: Greg Hudson Date: Wed, 8 Apr 2015 22:12:31 +0000 (-0400) Subject: Add kpropd -t iprop-mode tests X-Git-Tag: krb5-1.14-alpha1~142 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F267%2Fhead;p=thirdparty%2Fkrb5.git Add kpropd -t iprop-mode tests Add a run_kpropd_once() method to K5Realm(), and add tests to t_iprop.py for the cases where no updates are needed, where incremental updates are needed, and where a full resync is needed followed by a poll for updates. ticket: 8161 --- diff --git a/src/tests/t_iprop.py b/src/tests/t_iprop.py index 78938fc5eb..1ed8dbd109 100755 --- a/src/tests/t_iprop.py +++ b/src/tests/t_iprop.py @@ -352,4 +352,50 @@ kpropd2.send_signal(signal.SIGUSR1) wait_for_prop(kpropd2, True, 2, 0) check_ulog(0, 0, 0, [], slave2) +# Stop the kprop daemons so we can test kpropd -t. +stop_daemon(kpropd1) +stop_daemon(kpropd2) + +# Test the case where no updates are needed. +out = realm.run_kpropd_once(slave1, ['-d']) +if 'KDC is synchronized' not in out: + fail('Expected synchronized from kpropd -t') +check_ulog(0, 0, 0, [], slave1) + +# Make a change on the master; this will cause a full resync since the +# master was recently reinitialized. +realm.run([kadminl, 'modprinc', '-maxlife', '5 minutes', pr1]) +check_ulog(1, 1, 1, [pr1]) +out = realm.run_kpropd_once(slave1, ['-d']) +if ('Full propagation transfer finished' not in out or + 'KDC is synchronized' not in out): + fail('Expected full dump and synchronized from kpropd -t') +check_ulog(0, 0, 1, [], slave1) +out = realm.run([kadminl, 'getprinc', pr1], env=slave1) +if 'Maximum ticket life: 0 days 00:05:00' not in out: + fail('slave1 does not have modification from master after kpropd -t') + +# Make another change and get it via incremental update. +realm.run([kadminl, 'modprinc', '-maxlife', '15 minutes', pr1]) +check_ulog(2, 1, 2, [pr1, pr1]) +out = realm.run_kpropd_once(slave1, ['-d']) +if 'Got incremental updates (sno=2 ' not in out: + fail('Expected incremental updates from kpropd -t') +check_ulog(1, 2, 2, [pr1], slave1) +out = realm.run([kadminl, 'getprinc', pr1], env=slave1) +if 'Maximum ticket life: 0 days 00:15:00' not in out: + fail('slave1 does not have modification from master after kpropd -t') + +# Propagate a policy change via full resync. +realm.run([kadminl, 'addpol', '-minclasses', '3', 'testpol']) +check_ulog(0, 0, 0, []) +out = realm.run_kpropd_once(slave1, ['-d']) +if ('Full propagation transfer finished' not in out or + 'KDC is synchronized' not in out): + fail('Expected full dump and synchronized from kpropd -t') +check_ulog(0, 0, 0, [], slave1) +out = realm.run([kadminl, 'getpol', 'testpol'], env=slave1) +if 'Minimum number of password character classes: 3' not in out: + fail('slave1 does not have policy from master after kpropd -t') + success('iprop tests') diff --git a/src/util/k5test.py b/src/util/k5test.py index 935ec55e7c..5aedff8ae6 100644 --- a/src/util/k5test.py +++ b/src/util/k5test.py @@ -309,6 +309,11 @@ Scripts may use the following realm methods and attributes: is given, it contains a list of additional kpropd arguments. Returns a handle to the kpropd process. +* realm.run_kpropd_once(env, args=[]): Run kpropd once, using the -t + flag. Pass an environment created with realm.special_env() for the + slave. If args is given, it contains a list of additional kpropd + arguments. Returns the kpropd output. + * realm.realm: The realm's name. * realm.testdir: The realm's storage directory (absolute path). @@ -925,16 +930,20 @@ class K5Realm(object): stop_daemon(self._kadmind_proc) self._kadmind_proc = None - def start_kpropd(self, env, args=[]): - global krb5kdc + def _kpropd_args(self): slavedump_path = os.path.join(self.testdir, 'incoming-slave-datatrans') kpropdacl_path = os.path.join(self.testdir, 'kpropd-acl') - proc = _start_daemon([kpropd, '-D', '-P', str(self.kprop_port()), - '-f', slavedump_path, '-p', kdb5_util, - '-a', kpropdacl_path] + args, env, 'ready') + return [kpropd, '-D', '-P', str(self.kprop_port()), + '-f', slavedump_path, '-p', kdb5_util, '-a', kpropdacl_path] + + def start_kpropd(self, env, args=[]): + proc = _start_daemon(self._kpropd_args() + args, env, 'ready') self._kpropd_procs.append(proc) return proc + def run_kpropd_once(self, env, args=[]): + return self.run(self._kpropd_args() + ['-t'] + args, env=env) + def stop(self): if self._kdc_proc: self.stop_kdc()