[SSSD] [sssd PR#5869][synchronized] Translations update from Weblate

2021-12-08 Thread weblate 
   URL: https://github.com/SSSD/sssd/pull/5869
Author: weblate
 Title: #5869: Translations update from Weblate
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5869/head:pr5869
git checkout pr5869
From 84d7ac294331d4071335c77c071e054bfe4d4c39 Mon Sep 17 00:00:00 2001
From: Weblate 
Date: Fri, 3 Dec 2021 23:16:08 +0100
Subject: [PATCH] po: update translations

(Czech) currently translated at 5.7% (151 of 2621 strings)
Translation: SSSD/sssd-manpage
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-manpage-master/cs/

po: update translations

(Czech) currently translated at 100.0% (619 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/cs/

po: update translations

(Chinese (Simplified) (zh_CN)) currently translated at 99.3% (615 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/zh_CN/

po: update translations

(Spanish) currently translated at 100.0% (619 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/es/

po: update translations

(Korean) currently translated at 13.8% (362 of 2615 strings)
Translation: SSSD/sssd-manpage
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-manpage-master/ko/

po: update translations

(Spanish) currently translated at 96.9% (600 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/es/

po: update translations

(Korean) currently translated at 13.3% (349 of 2615 strings)
Translation: SSSD/sssd-manpage
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-manpage-master/ko/

po: update translations

(Ukrainian) currently translated at 100.0% (619 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/uk/

po: update translations

(Polish) currently translated at 100.0% (619 of 619 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/pl/

Update translation files

Updated by "Update PO files to match POT (msgmerge)" hook in Weblate.

Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/

po: update translations

(Korean) currently translated at 13.0% (341 of 2615 strings)
Translation: SSSD/sssd-manpage
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-manpage-master/ko/

po: update translations

(Korean) currently translated at 30.7% (190 of 617 strings)
Translation: SSSD/sssd
Translate-URL: https://translate.fedoraproject.org/projects/sssd/sssd-master/ko/
---
 po/cs.po | 236 ---
 po/es.po | 138 +++
 po/ko.po |   1 +
 po/pl.po |  10 +-
 po/uk.po |  10 +-
 po/zh_CN.po  |  16 ++--
 src/man/po/cs.po |  95 ---
 src/man/po/ko.po |  66 +++--
 8 files changed, 362 insertions(+), 210 deletions(-)

diff --git a/po/cs.po b/po/cs.po
index eda8eecb3f..df6910c99e 100644
--- a/po/cs.po
+++ b/po/cs.po
@@ -7,16 +7,16 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: sssd-devel@lists.fedorahosted.org\n"
 "POT-Creation-Date: 2021-11-09 16:03+0100\n"
-"PO-Revision-Date: 2021-09-23 13:04+\n"
+"PO-Revision-Date: 2021-12-03 22:16+\n"
 "Last-Translator: Pavel Borecki \n"
-"Language-Team: Czech \n"
+"Language-Team: Czech \n"
 "Language: cs\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=3; plural=(n==1) ? 0 : (n>=2 && n<=4) ? 1 : 2;\n"
-"X-Generator: Weblate 4.8\n"
+"X-Generator: Weblate 4.9.1\n"
 
 #: src/config/SSSDConfig/sssdoptions.py:20
 #: src/config/SSSDConfig/sssdoptions.py:21
@@ -72,12 +72,18 @@ msgid ""
 "is in seconds and calculated by the following: offline_timeout + "
 "random_offset."
 msgstr ""
+"Když se SSSD přepne do režimu bez připojení, doba po které se pak pokouší "
+"znovu připojit se zvýší v závislosti na době strávené bez připojení. Tato "
+"hodnota je v sekundách a je vypočítávána takto: offilne_timeout (časový "
+"limit pro bez připojení + random_offset (náhodný posun)."
 
 #: src/config/SSSDConfig/sssdoptions.py:38
 msgid ""
 "Indicates what is the syntax of the config file. SSSD 0.6.0 and later use "
 "version 2."
 msgstr ""
+"Značí jaká je syntaxe souboru s nastaveními. SSSD 0.6.0 a novější používají "
+"verzi 2."
 
 #: src/config/SSSDConfig/sssdoptions.py:39
 msgid "SSSD Services to start"
@@ -127,7 +133,7 @@ msgstr "Vyladit sssd aby respektovalo nebo ignorovalo změny stavu netlink"
 
 #:

[SSSD] [sssd PR#5899][synchronized] Adding multidomain test cases for bz2013297 and bz2018432

2021-12-08 Thread sidecontrol 
   URL: https://github.com/SSSD/sssd/pull/5899
Author: sidecontrol
 Title: #5899: Adding multidomain test cases for bz2013297 and bz2018432
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5899/head:pr5899
git checkout pr5899
From 4d8b1973b45bb8d308a2d1a882d43b88fe1868b6 Mon Sep 17 00:00:00 2001
From: Dan Lavu 
Date: Fri, 3 Dec 2021 06:29:34 -0500
Subject: [PATCH] Adding multidomain test cases for bz2013297 and bz2018432

Add multidomain pytest suite
- bz2013297 and bz2018432
- this tset suite will provision 5 AD servers, parent, 2 childs, tree
  another forest

Signed-off-by: Dan Lavu 
---
 src/tests/multihost/admultidomain/conftest.py | 161 ++
 src/tests/multihost/admultidomain/pytest.ini  |   6 +
 src/tests/multihost/admultidomain/readme.rst  |  45 +
 .../admultidomain/test_multidomain.py | 148 
 .../multihost/sssd/testlib/common/qe_class.py |  14 +-
 5 files changed, 372 insertions(+), 2 deletions(-)
 create mode 100644 src/tests/multihost/admultidomain/conftest.py
 create mode 100644 src/tests/multihost/admultidomain/pytest.ini
 create mode 100644 src/tests/multihost/admultidomain/readme.rst
 create mode 100644 src/tests/multihost/admultidomain/test_multidomain.py

diff --git a/src/tests/multihost/admultidomain/conftest.py b/src/tests/multihost/admultidomain/conftest.py
new file mode 100644
index 00..37f4784801
--- /dev/null
+++ b/src/tests/multihost/admultidomain/conftest.py
@@ -0,0 +1,161 @@
+
+""" Common AD Fixtures """
+from __future__ import print_function
+import random
+import subprocess
+import time
+import pytest
+import ldap
+import os
+import posixpath
+import pathlib
+# pylint: disable=unused-import
+from sssd.testlib.common.paths import SSSD_DEFAULT_CONF, NSSWITCH_DEFAULT_CONF
+from sssd.testlib.common.qe_class import session_multihost
+from sssd.testlib.common.qe_class import create_testdir
+from sssd.testlib.common.exceptions import SSSDException
+from sssd.testlib.common.utils import ADOperations
+from sssd.testlib.common.exceptions import LdapException
+from sssd.testlib.common.samba import sambaTools
+from sssd.testlib.common.utils import sssdTools
+
+
+def pytest_configure():
+""" Namespace hook, Adds below dict to pytest namespace """
+pytest.num_masters = 0
+pytest.num_ad = 4
+pytest.num_atomic = 0
+pytest.num_replicas = 0
+pytest.num_clients = 1
+pytest.num_others = 0
+
+
+#  Function scoped Fixtures 
+@pytest.fixture(scope="function")
+def adjoin(session_multihost, request):
+""" Join to AD using net ads command """
+ad_realm = session_multihost.ad[0].realm
+ad_ip = session_multihost.ad[0].ip
+client_ad = sssdTools(session_multihost.client[0], session_multihost.ad[0])
+client_ad.disjoin_ad()
+client_ad.create_kdcinfo(ad_realm, ad_ip)
+kinit = "kinit Administrator"
+ad_password = session_multihost.ad[0].ssh_password
+try:
+session_multihost.client[0].run_command(kinit, stdin_text=ad_password)
+except subprocess.CalledProcessError:
+pytest.fail("kinit failed")
+
+def _join(membersw=None):
+""" Join AD """
+if membersw == 'samba':
+client_ad.join_ad(ad_realm, ad_password, mem_sw='samba')
+else:
+client_ad.join_ad(ad_realm, ad_password)
+
+def adleave():
+""" Disjoin AD """
+client_ad.disjoin_ad()
+remove_keytab = 'rm -f /etc/krb5.keytab'
+kdestroy_cmd = 'kdestroy -A'
+session_multihost.client[0].run_command(kdestroy_cmd)
+session_multihost.client[0].run_command(remove_keytab)
+request.addfinalizer(adleave)
+return _join
+
+
+@pytest.fixture(scope="function")
+def adchildjoin(session_multihost, request):
+""" Join to AD using net ads command """
+ad_realm = session_multihost.ad[1].realm
+ad_ip = session_multihost.ad[1].ip
+client_ad = sssdTools(session_multihost.client[0], session_multihost.ad[1])
+client_ad.disjoin_ad()
+client_ad.create_kdcinfo(ad_realm, ad_ip)
+kinit = "kinit Administrator@%s" % ad_realm
+ad_password = session_multihost.ad[1].ssh_password
+try:
+session_multihost.client[0].run_command(kinit, stdin_text=ad_password)
+except subprocess.CalledProcessError:
+pytest.fail("kinit failed")
+
+def _join(membersw=None):
+""" Join AD """
+if membersw == 'samba':
+client_ad.join_ad(ad_realm, ad_password, mem_sw='samba')
+else:
+client_ad.join_ad(ad_realm, ad_password)
+
+def adleave():
+""" Disjoin AD """
+client_ad.disjoin_ad()
+remove_keytab = 'rm -f /etc/krb5.keytab'
+kdestroy_cmd = 'kdestroy -A'
+session_multihost.client[0].run_command(kdestroy_cmd)
+session_multihost.client[0].run_command(remove_keytab)
+request.addfinalizer(adleave)
+return _join
+
+

[SSSD] [sssd PR#5913][+Bugzilla] Analyzer: Remove python-click dependency

2021-12-08 Thread alexey-tikhonov 
  URL: https://github.com/SSSD/sssd/pull/5913
Title: #5913: Analyzer: Remove python-click dependency

Label: +Bugzilla
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5913][opened] Analyzer: Remove python-click dependency

2021-12-08 Thread justin-stephenson 
   URL: https://github.com/SSSD/sssd/pull/5913
Author: justin-stephenson
 Title: #5913: Analyzer: Remove python-click dependency
Action: opened

PR body:
"""
As python-click will not be in RHEL9, switch to using the builtin argparse 
python module.
"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5913/head:pr5913
git checkout pr5913
From 9ba686c5c807a4b712bde0c41a2a4e13e24ed01e Mon Sep 17 00:00:00 2001
From: Justin Stephenson 
Date: Tue, 7 Dec 2021 10:21:36 -0500
Subject: [PATCH] Analyzer: Remove python-click dependency

As python-click will not be in RHEL9, switch to using the builtin
argparse python module.
---
 contrib/sssd.spec.in  |   3 +-
 src/tools/analyzer/modules/request.py | 129 +++-
 src/tools/analyzer/sss_analyze.py | 167 +++---
 3 files changed, 227 insertions(+), 72 deletions(-)

diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 7f75b1b5a3..d327143576 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -221,9 +221,8 @@ Requires: sssd-common = %{version}-%{release}
 Requires: python3-sss = %{version}-%{release}
 Requires: python3-sssdconfig = %{version}-%{release}
 Requires: libsss_certmap = %{version}-%{release}
-# required by sss_analyze
+# for logger=journald support with sss_analyze
 Requires: python3-systemd
-Requires: python3-click
 Recommends: sssd-dbus
 
 %description tools
diff --git a/src/tools/analyzer/modules/request.py b/src/tools/analyzer/modules/request.py
index 098a9197bb..ff9592e308 100644
--- a/src/tools/analyzer/modules/request.py
+++ b/src/tools/analyzer/modules/request.py
@@ -1,67 +1,91 @@
 import re
 import copy
-import click
 import logging
+import argparse
 
 from enum import Enum
 from source_files import Files
 from source_journald import Journald
+from sss_analyze import SubparsersAction
+from sss_analyze import Option
+from sss_analyze import Analyzer
 
 logger = logging.getLogger()
 
 
-@click.group(help="Request module")
-def request():
-pass
-
-
-@request.command()
-@click.option("-v", "--verbose", is_flag=True, help="Enables verbose output")
-@click.option("--pam", is_flag=True, help="Filter only PAM requests")
-@click.pass_obj
-def list(ctx, verbose, pam):
-analyzer = RequestAnalyzer()
-source = analyzer.load(ctx)
-analyzer.list_requests(source, verbose, pam)
-
-
-@request.command()
-@click.argument("cid", nargs=1, type=int, required=True)
-@click.option("--merge", is_flag=True, help="Merge logs together sorted"
-  " by timestamp (requires debug_microseconds = True)")
-@click.option("--cachereq", is_flag=True, help="Include cache request "
-  "related logs")
-@click.option("--pam", is_flag=True, help="Track only PAM requests")
-@click.pass_obj
-def show(ctx, cid, merge, cachereq, pam):
-analyzer = RequestAnalyzer()
-source = analyzer.load(ctx)
-analyzer.track_request(source, cid, merge, cachereq, pam)
-
-
 class RequestAnalyzer:
 """
 A request analyzer module, handles request tracking logic
 and analysis. Parses input generated from a source Reader.
 """
+module_parser = None
 consumed_logs = []
 done = ""
+list_opts = [
+Option('--verbose', 'Verbose output', bool, '-v'),
+Option('--pam', 'Filter only PAM requests', bool),
+]
+
+show_opts = [
+Option('cid', 'Track request with this ID', int),
+Option('--cachereq', 'Include cache request logs', bool),
+Option('--merge', 'Merge logs together sorted by timestamp', bool),
+Option('--pam', 'Track only PAM requests', bool),
+]
+
+def print_module_help(self, args):
+"""
+Print the module parser help output
+
+Args:
+args (Namespace): argparse parsed arguments
+"""
+self.module_parser.print_help()
+
+def setup_args(self, parser_grp):
+"""
+Setup module parser, subcommands, and options
 
-def load(self, ctx):
+Args:
+parser_grp (argparse.Action): Parser group to nest
+   module and subcommands under
+"""
+desc = "Analyze request tracking module"
+self.module_parser = parser_grp.add_parser('request',
+   description=desc,
+   help='Request tracking')
+
+subparser = self.module_parser.add_subparsers(title=None,
+  dest='subparser',
+  action=SubparsersAction,
+  metavar='COMMANDS')
+
+cli = Analyzer()
+subcmd_grp = subparser.add_parser_group('Operation Modes')
+cli.add_subcommand(subcmd_grp, 'list', 'List recent requests',
+   self.list_requests, self.list_opts)
+

[SSSD] [sssd PR#5912][synchronized] Tests: Fix pytest-alltests-tier1

2021-12-08 Thread aborah-sudo 
   URL: https://github.com/SSSD/sssd/pull/5912
Author: aborah-sudo
 Title: #5912: Tests: Fix pytest-alltests-tier1
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5912/head:pr5912
git checkout pr5912
From 72f8cfc02ccaf00fc597815a5ef0c07db06331d5 Mon Sep 17 00:00:00 2001
From: Anuj Borah 
Date: Wed, 8 Dec 2021 19:08:18 +0530
Subject: [PATCH] Tests: Fix pytest-alltests-tier1

https://bugzilla.redhat.com/show_bug.cgi?id=1914843
---
 src/tests/multihost/alltests/test_proxy.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/tests/multihost/alltests/test_proxy.py b/src/tests/multihost/alltests/test_proxy.py
index bdf502c0b0..4e517c2fe1 100644
--- a/src/tests/multihost/alltests/test_proxy.py
+++ b/src/tests/multihost/alltests/test_proxy.py
@@ -70,8 +70,8 @@ def test_0001_1724717(self, multihost):
 pytest.fail("%s failed to login" % user)
 else:
 id_cmd = 'id %s' % user
-(_, ret) = client.command(id_cmd)
-assert ret == '0'
+(ret1, ret) = client.command(id_cmd)
+assert "no such user" not in ret1
 client.logout()
 # On fedora after user logs out it takes time
 # for systemd process running as user to get stopped, hence
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5912][opened] Tests: Fix pytest-alltests-tier1

2021-12-08 Thread aborah-sudo 
   URL: https://github.com/SSSD/sssd/pull/5912
Author: aborah-sudo
 Title: #5912: Tests: Fix pytest-alltests-tier1
Action: opened

PR body:
"""
Fix test failure of pytest-alltests-tier1
"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5912/head:pr5912
git checkout pr5912
From 59f4f3de3ad26ded83b6430d68c6a3b6211b519d Mon Sep 17 00:00:00 2001
From: Anuj Borah 
Date: Wed, 8 Dec 2021 19:08:18 +0530
Subject: [PATCH] Tests: Fix pytest-alltests-tier1

Fix test failure of pytest-alltests-tier1
---
 src/tests/multihost/alltests/test_proxy.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/tests/multihost/alltests/test_proxy.py b/src/tests/multihost/alltests/test_proxy.py
index bdf502c0b0..4e517c2fe1 100644
--- a/src/tests/multihost/alltests/test_proxy.py
+++ b/src/tests/multihost/alltests/test_proxy.py
@@ -70,8 +70,8 @@ def test_0001_1724717(self, multihost):
 pytest.fail("%s failed to login" % user)
 else:
 id_cmd = 'id %s' % user
-(_, ret) = client.command(id_cmd)
-assert ret == '0'
+(ret1, ret) = client.command(id_cmd)
+assert "no such user" not in ret1
 client.logout()
 # On fedora after user logs out it takes time
 # for systemd process running as user to get stopped, hence
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5892][synchronized] Tests: Add a test for BZ2004406

2021-12-08 Thread jakub-vavra-cz 
   URL: https://github.com/SSSD/sssd/pull/5892
Author: jakub-vavra-cz
 Title: #5892: Tests: Add a test for BZ2004406
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5892/head:pr5892
git checkout pr5892
From 30397d43101ab9f38eafd8b4b671d94d69c2dc43 Mon Sep 17 00:00:00 2001
From: Jakub Vavra 
Date: Fri, 26 Nov 2021 07:24:15 +0100
Subject: [PATCH] Tests: Add a test for BZ2004406

Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2004406
Verifies: MR#5791
---
 src/tests/multihost/ipa/test_adtrust.py | 64 -
 1 file changed, 63 insertions(+), 1 deletion(-)

diff --git a/src/tests/multihost/ipa/test_adtrust.py b/src/tests/multihost/ipa/test_adtrust.py
index 3f2fc66c1b..d1c2dd95a4 100644
--- a/src/tests/multihost/ipa/test_adtrust.py
+++ b/src/tests/multihost/ipa/test_adtrust.py
@@ -6,13 +6,14 @@
 :upstream: yes
 """
 
+import random
 import re
 import time
 import pytest
 import paramiko
 from sssd.testlib.common.utils import sssdTools
 from sssd.testlib.common.utils import SSHClient
-
+from sssd.testlib.common.utils import ADOperations
 
 @pytest.mark.usefixtures('setup_ipa_client')
 @pytest.mark.tier2
@@ -379,3 +380,64 @@ def test_nss_get_by_name_with_private_group(self, multihost):
 assert cmd_adm.returncode == 0, 'Something wrong with setup!'
 assert cmd_usr.returncode == 0, \
 f"pysss_nss_idmap.getsidbyname for {username} failed"
+
+@staticmethod
+def test_idview_override_group(multihost, create_aduser_group):
+"""
+:title: IPA clients fail to resolve override group names
+:id: 7a0dc871-fdad-4c07-9d07-a092baa83178
+:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2004406
+:description: Overriding both group names and ids in an idview for
+ group from AD results in error in sssd when running id command
+ for IPA user that was assigned to overridden AD group via his gid.
+:setup:
+ 1. Create group (group1) on AD.
+ 2. Create IPA user with gid=.
+:steps:
+ 1. ID views to override AD groupname and gid of group1 to  in
+  the 'Default Trust View'.
+ 2. Run an "id" command for the user.
+:expectedresults:
+  1. View with an override is created.
+  2. Id command succeeds, group override is visible, all groups are
+  properly resolved.
+"""
+(_, adgroup) = create_aduser_group
+run_id = f"{random.randint(, 99)}"
+
+domain = multihost.ad[0].domainname
+
+ipauser = f"ipauser_{run_id}"
+
+multihost.master[0].run_command(f"ipa user-add {ipauser} --first=Bob "
+f"--last=Sad --gid=987654",
+raiseonerr=False)
+
+multihost.master[0].run_command("service ipa.service restart",
+raiseonerr=False)
+ipa_client = sssdTools(multihost.client[0])
+ipa_client.clear_sssd_cache()
+
+view = 'Default Trust View'
+
+create_grp_override = f'ipa idoverridegroup-add "{view}" ' \
+  f'{adgroup}@{domain} --group-name "borci" ' \
+  f'--gid=987654'
+multihost.master[0].run_command(create_grp_override, raiseonerr=False)
+
+ipa_client.clear_sssd_cache()
+time.sleep(5)
+
+id_cmd = f'id {ipauser}'
+cmd = multihost.client[0].run_command(id_cmd, raiseonerr=False)
+
+# TEARDOWN
+multihost.master[0].run_command(f"ipa user-del {ipauser} ",
+raiseonerr=False)
+
+ipa_client.clear_sssd_cache()
+# Test result Evaluation
+assert cmd.returncode == 0, f"User {ipauser} was not found."
+assert f"borci@{domain}" in cmd.stdout_text,\
+f"Group 1 {adgroup} name was not overridden/resolved."
+assert "987654" in cmd.stdout_text, "Group id was not overridden."
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5835][-Changes requested] Tests: Add test for bz1636002.

2021-12-08 Thread jakub-vavra-cz 
  URL: https://github.com/SSSD/sssd/pull/5835
Title: #5835: Tests: Add test for bz1636002.

Label: -Changes requested
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5835][+Waiting for review] Tests: Add test for bz1636002.

2021-12-08 Thread jakub-vavra-cz 
  URL: https://github.com/SSSD/sssd/pull/5835
Title: #5835: Tests: Add test for bz1636002.

Label: +Waiting for review
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5835][synchronized] Tests: Add test for bz1636002.

2021-12-08 Thread jakub-vavra-cz 
   URL: https://github.com/SSSD/sssd/pull/5835
Author: jakub-vavra-cz
 Title: #5835: Tests: Add test for bz1636002.
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5835/head:pr5835
git checkout pr5835
From a225e8a4ca8c9524252c1629710cacbb5807bf2a Mon Sep 17 00:00:00 2001
From: Jakub Vavra 
Date: Tue, 19 Oct 2021 11:00:41 +0200
Subject: [PATCH] Tests: Add test for bz1636002.

Verifies: #5782
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=1636002
---
 src/tests/multihost/alltests/test_misc.py | 83 +++
 1 file changed, 83 insertions(+)

diff --git a/src/tests/multihost/alltests/test_misc.py b/src/tests/multihost/alltests/test_misc.py
index f241800272..c181bdd239 100644
--- a/src/tests/multihost/alltests/test_misc.py
+++ b/src/tests/multihost/alltests/test_misc.py
@@ -398,3 +398,86 @@ def test_0007_getent_admproxy(self, multihost, backupsssdconf):
 cache_first_false = multihost.client[0].run_command(getent_admproxy,
 raiseonerr=False)
 assert cache_first_false.returncode == 0
+
+@staticmethod
+@pytest.mark.tier1_2
+def test_0008_1636002(multihost, backupsssdconf):
+"""
+:title: IDM-SSSD-TC: ldap_provider: socket-activated services start as
+ the sssd user and then are unable to read the confdb
+:id: 7a33729a-ab74-4d9e-9d75-e952deaa7bd2
+:bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1636002
+:customerscenario: true
+:steps:
+1. Switch to socket activated services, restart sssd
+2. Check 'getent passwd  output.
+3. Run ssh for the user to trigger PAM.
+4. Check log for error messages related to opening
+   /var/lib/sss/db/config.ldb
+:expectedresults:
+1. No issue switching and sssd has started.
+2. It should succeed.
+3. /var/log/sssd/sssd_pam.log is present
+4. The error messages are not present.
+:teardown:
+1. Undo socket activation.
+2. Restore sssd.conf
+"""
+# pylint: disable=unused-argument
+client = sssdTools(multihost.client[0])
+client.clear_sssd_cache()
+
+domain_name = client.get_domain_section_name()
+user = f'foo1@{domain_name}'
+
+# Configure socket activation
+sssd_params = {'services': ''}
+client.sssd_conf('sssd', sssd_params)
+client.clear_sssd_cache()
+enable_cmd = "systemctl enable sssd-nss.socket sssd-pam.socket" \
+ " sssd-pam-priv.socket"
+multihost.client[0].run_command(enable_cmd)
+multihost.client[0].service_sssd('restart')
+
+# Show the sssd config
+multihost.client[0].run_command(
+'cat /etc/sssd/sssd.conf', raiseonerr=False)
+
+# Run getent passwd
+usr_cmd = multihost.client[0].run_command(
+f'getent passwd {user}',  raiseonerr=False)
+
+# Try ssh after socket activation is configured
+# Result does not matter we just need to trigger the PAM stack
+ssh_client = pexpect_ssh(
+multihost.client[0].sys_hostname, user, 'Secret123', debug=False)
+try:
+ssh_client.login(
+login_timeout=30, sync_multiplier=5, auto_prompt_reset=False)
+except SSHLoginException:
+pass
+else:
+ssh_client.logout()
+
+# Print pam log for debug purposes
+multihost.client[0].run_command(
+'cat /var/log/sssd/sssd_pam.log',  raiseonerr=False)
+
+# Download sssd pam log
+log_str = multihost.client[0].get_file_contents(
+"/var/log/sssd/sssd_pam.log"). \
+decode('utf-8')
+
+# Disable socket activation
+multihost.client[0].run_command(
+"systemctl disable sssd-nss.socket sssd-pam.socket"
+" sssd-pam-priv.socket",  raiseonerr=False)
+
+# Evaluate test results
+assert usr_cmd.returncode == 0, f"User {user} was not found."
+assert "CONFDB: /var/lib/sss/db/config.ldb" in log_str
+assert "Unable to open tdb '/var/lib/sss/db/config.ldb': " \
+   "Permission denied" not in log_str
+assert "Failed to connect to '/var/lib/sss/db/config.ldb'" \
+not in log_str
+assert "The confdb initialization failed" not in log_str
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to