[SSSD] [sssd PR#5712][comment] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712
Title: #5712: Health and Support Analyzer - Add request log parsing utility
justin-stephenson commented:
"""
> Hi Justin,
>
> thanks for the latest updates.
>
> I think the log lines from `accept_fd_handler` e.g.
>
> ```
> 2021-08-18 10:36:34:610384): [nss] [accept_fd_handler] (0x0400): Client [CID
> #1][cmd su][0x55d181821070][27] connected!
> ```
>
> or
>
> ```
> (2021-08-18 10:36:34:703799): [pam] [accept_fd_handler] (0x0400): Client [CID
> #1][cmd su][0x55bc092703c0][24] connected to privileged pipe!
> ```
>
> are missing in the parser output, can you add it?
Added.
>
> Can you show the help output if the command line is incomplete? Currently it
> looks like:
>
> ```
> # sssctl analyze
> usage: sss_analyze [-h] [--source {files,journald}] [--logdir LOGDIR]
> {request} ...
> sss_analyze: error: the following arguments are required: subcommand
> Command '/usr/lib/python3.9/site-packages/sssd/sss_analyze.py' failed with [2]
>
> # sssctl analyze request
> #
> ```
>
> The first case it should not be as an error but the help output should be
> shown and since there is no `sss_analyze` which can be called it would be
> better to say `sssctl analyze`. The second case currently has no output, help
> output would be better here as well.
Fixed both.
>
> I would mention in the `--merge` help line that this currently only works
> properly with `debug_microseconds = True` for all components.
Done.
>
> Another item for improvement in a new pull-request is to add the tevent id
> logic to the different responders. For the nss responder this won't change
> much since the main task here is done in the cache request code. But e.g. for
> the pam responder currently also only the cache request part of the logs is
> shown by the parser but here there are other useful log messages from the
> main pam responder code as well.
Okay that makes sense, should this be worked on now or at a later point? I'm
not sure what is the complexity here. Is it just a matter of adding this
somewhere in responder setup code?
~~~
sss_chain_id_set(id_num);
~~~
The parsing tool may require some slight changes after this is implemented to
obtain all the logs.
>
> bye,
> Sumit
"""
See the full comment at
https://github.com/SSSD/sssd/pull/5712#issuecomment-902164702
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it:
https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5712][synchronized] Health and Support Analyzer - Add request log parsing utility
URL: https://github.com/SSSD/sssd/pull/5712
Author: justin-stephenson
Title: #5712: Health and Support Analyzer - Add request log parsing utility
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5712/head:pr5712
git checkout pr5712
From 91bd28408c917ab07bf9a0777b1902d2d11d3ecc Mon Sep 17 00:00:00 2001
From: Justin Stephenson
Date: Wed, 4 Aug 2021 14:57:55 +
Subject: [PATCH 1/3] DP: Log offline warning for REQ_TRACE tracking
This allows the sssctl analyze parsing tool to report if the
backend was offline when the request came in to the data
provider.
---
src/providers/data_provider/dp_request.c | 4
1 file changed, 4 insertions(+)
diff --git a/src/providers/data_provider/dp_request.c b/src/providers/data_provider/dp_request.c
index 077b361f3c..3cbd55c1ec 100644
--- a/src/providers/data_provider/dp_request.c
+++ b/src/providers/data_provider/dp_request.c
@@ -133,6 +133,10 @@ static errno_t dp_attach_req(struct dp_req *dp_req,
SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name,
"New request. [%s CID #%u] Flags [%#.4x].",
sender_name, cli_id, dp_flags);
+if (be_is_offline(provider->be_ctx)) {
+DEBUG(SSSDBG_TRACE_FUNC, "[CID #%u] Backend is offline! " \
+ "Using cached data if available\n", cli_id);
+}
} else {
SSS_REQ_TRACE_CID_DP_REQ(SSSDBG_TRACE_FUNC, dp_req->name,
"New request. Flags [%#.4x].",
From 4d7eddf957a694856de596d34710ba3089df3a66 Mon Sep 17 00:00:00 2001
From: Justin Stephenson
Date: Fri, 11 Jun 2021 11:04:59 -0400
Subject: [PATCH 2/3] TOOLS: Add sss_analyze utility
Add log parsing tool which can be used to track requests across
responder and backend logs.
---
Makefile.am | 2 +-
configure.ac | 1 +
contrib/sssd.spec.in | 3 +
src/tools/analyzer/Makefile.am| 11 ++
src/tools/analyzer/module_request.py | 261 ++
src/tools/analyzer/source_files.py| 58 ++
src/tools/analyzer/source_journald.py | 31 +++
src/tools/analyzer/sss_analyze.py | 55 ++
8 files changed, 421 insertions(+), 1 deletion(-)
create mode 100644 src/tools/analyzer/Makefile.am
create mode 100644 src/tools/analyzer/module_request.py
create mode 100644 src/tools/analyzer/source_files.py
create mode 100644 src/tools/analyzer/source_journald.py
create mode 100755 src/tools/analyzer/sss_analyze.py
diff --git a/Makefile.am b/Makefile.am
index 577935e7e6..ececc91210 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -22,7 +22,7 @@ SUBDIRS += src/man
endif
SUBDIRS += . src/tests/cwrap src/tests/intg src/tests/test_CA \
- src/tests/test_ECC_CA
+ src/tests/test_ECC_CA src/tools/analyzer
# Some old versions of automake don't define builddir
builddir ?= .
diff --git a/configure.ac b/configure.ac
index c14a59eef1..2b1ec4a0e8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -540,6 +540,7 @@ AC_CONFIG_FILES([Makefile contrib/sssd.spec src/examples/rwtab src/doxy.config
src/lib/sifp/sss_simpleifp.doxy
src/config/setup.py
src/systemtap/sssd.stp
+ src/tools/analyzer/Makefile
src/config/SSSDConfig/__init__.py])
AC_CONFIG_FILES([sbus_generate.sh], [chmod +x sbus_generate.sh])
AC_OUTPUT
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index e2877b64b1..01a18400e4 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -199,6 +199,8 @@ Requires: sssd-common = %{version}-%{release}
Requires: python3-sss = %{version}-%{release}
Requires: python3-sssdconfig = %{version}-%{release}
Requires: libsss_certmap = %{version}-%{release}
+# required by sss_analyze
+Requires: python3-systemd
Recommends: sssd-dbus
%description tools
@@ -843,6 +845,7 @@ done
%{_sbindir}/sss_debuglevel
%{_sbindir}/sss_seed
%{_sbindir}/sssctl
+%{python3_sitelib}/sssd/
%{_mandir}/man8/sss_obfuscate.8*
%{_mandir}/man8/sss_override.8*
%{_mandir}/man8/sss_debuglevel.8*
diff --git a/src/tools/analyzer/Makefile.am b/src/tools/analyzer/Makefile.am
new file mode 100644
index 00..921e7d4335
--- /dev/null
+++ b/src/tools/analyzer/Makefile.am
@@ -0,0 +1,11 @@
+pkgpythondir = $(python3dir)/sssd
+
+dist_pkgpython_SCRIPTS = \
+sss_analyze.py \
+$(NULL)
+
+dist_pkgpython_DATA = \
+module_request.py \
+source_files.py \
+source_journald.py \
+$(NULL)
diff --git a/src/tools/analyzer/module_request.py b/src/tools/analyzer/module_request.py
new file mode 100644
index 00..7464642763
--- /dev/null
+++ b/src/tools/analyzer/module_request.py
@@ -0,0 +1,261 @@
+import re
+import copy
+from enum import Enum
+
+import source_files
+
+
+class Analyzer:
+consumed_logs = []
+done = ""
+
+""" Request
[SSSD] [sssd PR#5733][comment] Work around issue #5729
URL: https://github.com/SSSD/sssd/pull/5733 Title: #5733: Work around issue #5729 joakim-tjernlund commented: """ > Closing this in favor of #5734 Mind merging #5734 ? """ See the full comment at https://github.com/SSSD/sssd/pull/5733#issuecomment-901956180 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5733][closed] Work around issue #5729
URL: https://github.com/SSSD/sssd/pull/5733 Author: joakim-tjernlund Title: #5733: Work around issue #5729 Action: closed To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5733/head:pr5733 git checkout pr5733 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5733][comment] Work around issue #5729
URL: https://github.com/SSSD/sssd/pull/5733 Title: #5733: Work around issue #5729 justin-stephenson commented: """ Closing this in favor of https://github.com/SSSD/sssd/pull/5734 """ See the full comment at https://github.com/SSSD/sssd/pull/5733#issuecomment-901946737 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[SSSD] [sssd PR#5755][synchronized] Tests: support subid ranges managed by FreeIPA
URL: https://github.com/SSSD/sssd/pull/5755
Author: aborah-sudo
Title: #5755: Tests: support subid ranges managed by FreeIPA
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5755/head:pr5755
git checkout pr5755
From d1f9716515082a38c1d3e5f08833010a60199100 Mon Sep 17 00:00:00 2001
From: Anuj Borah
Date: Thu, 19 Aug 2021 14:19:26 +0530
Subject: [PATCH] Tests: support subid ranges managed by FreeIPA
issue: https://github.com/SSSD/sssd/issues/5197
bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
---
src/tests/multihost/ipa/conftest.py | 27
.../multihost/ipa/data/list_subid_ranges.c| 46 ++
src/tests/multihost/ipa/test_subid_ranges.py | 142 ++
3 files changed, 215 insertions(+)
create mode 100644 src/tests/multihost/ipa/data/list_subid_ranges.c
create mode 100644 src/tests/multihost/ipa/test_subid_ranges.py
diff --git a/src/tests/multihost/ipa/conftest.py b/src/tests/multihost/ipa/conftest.py
index f65ae765d3..a494d454a0 100644
--- a/src/tests/multihost/ipa/conftest.py
+++ b/src/tests/multihost/ipa/conftest.py
@@ -30,6 +30,33 @@ def pytest_configure():
# Function Scoped Fixtures ==
+@pytest.fixture(scope='function')
+def create_bkp_for_1803943(session_multihost, request):
+""" Create local users """
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subuid "
+"/etc/subuid_bkp")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subgid "
+"/etc/subgid_bkp")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/nsswitch.conf "
+"/etc/nsswitch.conf_bkp")
+
+def restore():
+""" Delete local users """
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subuid_bkp "
+"/etc/subuid")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subgid_bkp "
+"/etc/subgid")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/nsswitch.conf_bkp "
+"/etc/nsswitch.conf")
+request.addfinalizer(restore)
+
+
@pytest.fixture(scope="function")
def hbac_sshd_rule(session_multihost, request):
"""
diff --git a/src/tests/multihost/ipa/data/list_subid_ranges.c b/src/tests/multihost/ipa/data/list_subid_ranges.c
new file mode 100644
index 00..05d2e8f048
--- /dev/null
+++ b/src/tests/multihost/ipa/data/list_subid_ranges.c
@@ -0,0 +1,46 @@
+
+#include
+#include
+#include "shadow/subid.h"
+#include "stdlib.h"
+
+const char *Prog;
+FILE *shadow_logfd = NULL;
+
+void usage(void)
+{
+ fprintf(stderr, "Usage: %s [-g] user\n", Prog);
+ fprintf(stderr, "list subuid ranges for user\n");
+ fprintf(stderr, "pass -g to list subgid ranges\n");
+ exit(EXIT_FAILURE);
+}
+
+int main(int argc, char *argv[])
+{
+ int i, count=0;
+ struct subid_range *ranges;
+ const char *owner;
+
+ Prog = argv[0];
+ shadow_logfd = stderr;
+ if (argc < 2)
+ usage();
+ owner = argv[1];
+ if (argc == 3 && strcmp(argv[1], "-g") == 0) {
+ owner = argv[2];
+ count = get_subgid_ranges(owner, );
+ } else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
+ usage();
+ } else {
+ count = get_subuid_ranges(owner, );
+ }
+ if (!ranges) {
+ fprintf(stderr, "Error fetching ranges\n");
+ exit(1);
+ }
+ for (i = 0; i < count; i++) {
+ printf("%d: %s %lu %lu\n", i, owner,
+ ranges[i].start, ranges[i].count);
+ }
+ return 0;
+}
diff --git a/src/tests/multihost/ipa/test_subid_ranges.py b/src/tests/multihost/ipa/test_subid_ranges.py
new file mode 100644
index 00..1f36077939
--- /dev/null
+++ b/src/tests/multihost/ipa/test_subid_ranges.py
@@ -0,0 +1,142 @@
+""" Automation of IPA bugs """
+
+import pytest
+import subprocess
+import time
+import os
+from sssd.testlib.common.utils import SSHClient
+
+
+def execute_cmd(multihost, command):
+""" Execute command on client """
+cmd = multihost.client[0].run_command(command)
+return cmd
+
+
+@pytest.mark.tier1
+class TestSubid(object):
+"""
+This is for ipa bugs automation
+"""
+def test_0001_sss(self, multihost,
+ create_bkp_for_1803943,
+ setup_ipa_client):
+"""
+:Title: support subid ranges managed by FreeIPA
+:id: 50bcdc28-00c8-11ec-bef4-845cf3eff344
+:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
+:steps:
+1. Configure subid: sss on /etc/nsswitch.conf
+
[SSSD] [sssd PR#5755][synchronized] Tests: support subid ranges managed by FreeIPA
URL: https://github.com/SSSD/sssd/pull/5755
Author: aborah-sudo
Title: #5755: Tests: support subid ranges managed by FreeIPA
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5755/head:pr5755
git checkout pr5755
From 00827fd8a0f21b7b65b71b4681e8bf4d26fbdfda Mon Sep 17 00:00:00 2001
From: Anuj Borah
Date: Thu, 19 Aug 2021 14:19:26 +0530
Subject: [PATCH] Tests: support subid ranges managed by FreeIPA
issue: https://github.com/SSSD/sssd/issues/5197
bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
---
src/tests/multihost/ipa/conftest.py | 27
.../multihost/ipa/data/list_subid_ranges.c| 46 ++
src/tests/multihost/ipa/test_subid_ranges.py | 142 ++
3 files changed, 215 insertions(+)
create mode 100644 src/tests/multihost/ipa/data/list_subid_ranges.c
create mode 100644 src/tests/multihost/ipa/test_subid_ranges.py
diff --git a/src/tests/multihost/ipa/conftest.py b/src/tests/multihost/ipa/conftest.py
index f65ae765d3..cb059a3cd7 100644
--- a/src/tests/multihost/ipa/conftest.py
+++ b/src/tests/multihost/ipa/conftest.py
@@ -30,6 +30,33 @@ def pytest_configure():
# Function Scoped Fixtures ==
+@pytest.fixture(scope='function')
+def create_bkp_for_1859252(session_multihost, request):
+""" Create local users """
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subuid "
+"/etc/subuid_bkp")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subgid "
+"/etc/subgid_bkp")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/nsswitch.conf "
+"/etc/nsswitch.conf_bkp")
+
+def restore():
+""" Delete local users """
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subuid_bkp "
+"/etc/subuid")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/subgid_bkp "
+"/etc/subgid")
+session_multihost.client[0].run_command("cp -vf "
+"/etc/nsswitch.conf_bkp "
+"/etc/nsswitch.conf")
+request.addfinalizer(restore)
+
+
@pytest.fixture(scope="function")
def hbac_sshd_rule(session_multihost, request):
"""
diff --git a/src/tests/multihost/ipa/data/list_subid_ranges.c b/src/tests/multihost/ipa/data/list_subid_ranges.c
new file mode 100644
index 00..05d2e8f048
--- /dev/null
+++ b/src/tests/multihost/ipa/data/list_subid_ranges.c
@@ -0,0 +1,46 @@
+
+#include
+#include
+#include "shadow/subid.h"
+#include "stdlib.h"
+
+const char *Prog;
+FILE *shadow_logfd = NULL;
+
+void usage(void)
+{
+ fprintf(stderr, "Usage: %s [-g] user\n", Prog);
+ fprintf(stderr, "list subuid ranges for user\n");
+ fprintf(stderr, "pass -g to list subgid ranges\n");
+ exit(EXIT_FAILURE);
+}
+
+int main(int argc, char *argv[])
+{
+ int i, count=0;
+ struct subid_range *ranges;
+ const char *owner;
+
+ Prog = argv[0];
+ shadow_logfd = stderr;
+ if (argc < 2)
+ usage();
+ owner = argv[1];
+ if (argc == 3 && strcmp(argv[1], "-g") == 0) {
+ owner = argv[2];
+ count = get_subgid_ranges(owner, );
+ } else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
+ usage();
+ } else {
+ count = get_subuid_ranges(owner, );
+ }
+ if (!ranges) {
+ fprintf(stderr, "Error fetching ranges\n");
+ exit(1);
+ }
+ for (i = 0; i < count; i++) {
+ printf("%d: %s %lu %lu\n", i, owner,
+ ranges[i].start, ranges[i].count);
+ }
+ return 0;
+}
diff --git a/src/tests/multihost/ipa/test_subid_ranges.py b/src/tests/multihost/ipa/test_subid_ranges.py
new file mode 100644
index 00..6a24e03a78
--- /dev/null
+++ b/src/tests/multihost/ipa/test_subid_ranges.py
@@ -0,0 +1,142 @@
+""" Automation of IPA bugs """
+
+import pytest
+import subprocess
+import time
+import os
+from sssd.testlib.common.utils import SSHClient
+
+
+def execute_cmd(multihost, command):
+""" Execute command on client """
+cmd = multihost.client[0].run_command(command)
+return cmd
+
+
+@pytest.mark.tier1
+class TestSubid(object):
+"""
+This is for ipa bugs automation
+"""
+def test_0001_sss(self, multihost,
+ create_bkp_for_1859252,
+ setup_ipa_client):
+"""
+:Title: support subid ranges managed by FreeIPA
+:id: 50bcdc28-00c8-11ec-bef4-845cf3eff344
+:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
+:steps:
+1. Configure subid: sss on /etc/nsswitch.conf
+
[SSSD] [sssd PR#5755][opened] Tests: support subid ranges managed by FreeIPA
URL: https://github.com/SSSD/sssd/pull/5755
Author: aborah-sudo
Title: #5755: Tests: support subid ranges managed by FreeIPA
Action: opened
PR body:
"""
issue: https://github.com/SSSD/sssd/issues/5197
bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5755/head:pr5755
git checkout pr5755
From 29f29eab3f982b023835526a61329c1125793ddd Mon Sep 17 00:00:00 2001
From: Anuj Borah
Date: Thu, 19 Aug 2021 14:19:26 +0530
Subject: [PATCH] Tests: support subid ranges managed by FreeIPA
issue: https://github.com/SSSD/sssd/issues/5197
bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
---
src/tests/multihost/ipa/conftest.py | 15 ++
.../multihost/ipa/data/list_subid_ranges.c| 46 ++
src/tests/multihost/ipa/test_subid_ranges.py | 142 ++
3 files changed, 203 insertions(+)
create mode 100644 src/tests/multihost/ipa/data/list_subid_ranges.c
create mode 100644 src/tests/multihost/ipa/test_subid_ranges.py
diff --git a/src/tests/multihost/ipa/conftest.py b/src/tests/multihost/ipa/conftest.py
index f65ae765d3..b4c527adb2 100644
--- a/src/tests/multihost/ipa/conftest.py
+++ b/src/tests/multihost/ipa/conftest.py
@@ -30,6 +30,21 @@ def pytest_configure():
# Function Scoped Fixtures ==
+@pytest.fixture(scope='function')
+def create_bkp_for_1859252(session_multihost, request):
+""" Create local users """
+session_multihost.client[0].run_command("cp -vf /etc/subuid /etc/subuid_bkp")
+session_multihost.client[0].run_command("cp -vf /etc/subgid /etc/subgid_bkp")
+session_multihost.client[0].run_command("cp -vf /etc/nsswitch.conf /etc/nsswitch.conf_bkp")
+
+def restore():
+""" Delete local users """
+session_multihost.client[0].run_command("cp -vf /etc/subuid_bkp /etc/subuid")
+session_multihost.client[0].run_command("cp -vf /etc/subgid_bkp /etc/subgid")
+session_multihost.client[0].run_command("cp -vf /etc/nsswitch.conf_bkp /etc/nsswitch.conf")
+request.addfinalizer(restore)
+
+
@pytest.fixture(scope="function")
def hbac_sshd_rule(session_multihost, request):
"""
diff --git a/src/tests/multihost/ipa/data/list_subid_ranges.c b/src/tests/multihost/ipa/data/list_subid_ranges.c
new file mode 100644
index 00..05d2e8f048
--- /dev/null
+++ b/src/tests/multihost/ipa/data/list_subid_ranges.c
@@ -0,0 +1,46 @@
+
+#include
+#include
+#include "shadow/subid.h"
+#include "stdlib.h"
+
+const char *Prog;
+FILE *shadow_logfd = NULL;
+
+void usage(void)
+{
+ fprintf(stderr, "Usage: %s [-g] user\n", Prog);
+ fprintf(stderr, "list subuid ranges for user\n");
+ fprintf(stderr, "pass -g to list subgid ranges\n");
+ exit(EXIT_FAILURE);
+}
+
+int main(int argc, char *argv[])
+{
+ int i, count=0;
+ struct subid_range *ranges;
+ const char *owner;
+
+ Prog = argv[0];
+ shadow_logfd = stderr;
+ if (argc < 2)
+ usage();
+ owner = argv[1];
+ if (argc == 3 && strcmp(argv[1], "-g") == 0) {
+ owner = argv[2];
+ count = get_subgid_ranges(owner, );
+ } else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
+ usage();
+ } else {
+ count = get_subuid_ranges(owner, );
+ }
+ if (!ranges) {
+ fprintf(stderr, "Error fetching ranges\n");
+ exit(1);
+ }
+ for (i = 0; i < count; i++) {
+ printf("%d: %s %lu %lu\n", i, owner,
+ ranges[i].start, ranges[i].count);
+ }
+ return 0;
+}
diff --git a/src/tests/multihost/ipa/test_subid_ranges.py b/src/tests/multihost/ipa/test_subid_ranges.py
new file mode 100644
index 00..6a24e03a78
--- /dev/null
+++ b/src/tests/multihost/ipa/test_subid_ranges.py
@@ -0,0 +1,142 @@
+""" Automation of IPA bugs """
+
+import pytest
+import subprocess
+import time
+import os
+from sssd.testlib.common.utils import SSHClient
+
+
+def execute_cmd(multihost, command):
+""" Execute command on client """
+cmd = multihost.client[0].run_command(command)
+return cmd
+
+
+@pytest.mark.tier1
+class TestSubid(object):
+"""
+This is for ipa bugs automation
+"""
+def test_0001_sss(self, multihost,
+ create_bkp_for_1859252,
+ setup_ipa_client):
+"""
+:Title: support subid ranges managed by FreeIPA
+:id: 50bcdc28-00c8-11ec-bef4-845cf3eff344
+:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
+:steps:
+1. Configure subid: sss on /etc/nsswitch.conf
+2. Test newuidmap command
+3. Test newgidmap command
+:expectedresults:
+1. Should succeed
+2. Should succeed
+3. Should succeed
+"""
+execute_cmd(multihost, "yum --enablerepo=rhel-CRB install "
+ "-y shadow-utils*")
+execute_cmd(multihost, "yum install -y shadow-utils*")
+execute_cmd(multihost, "echo 'subid: sss'"
+ " >>
