URL: https://github.com/freeipa/freeipa/pull/2074 Author: mrizwan93 Title: #2074: Check if user permssions and umask 0022 is set when executing ipa-restore Action: opened
PR body: """ This test checks if the access rights for user/group is set to 644 on /var/lib/dirsrv/slapd-TESTRELM-TEST/ldif/* and umask 0022 set while restoring. related ticket: https://pagure.io/freeipa/issue/6844 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/2074/head:pr2074 git checkout pr2074
From 5acfd9f597dbf40c634953c1cc25f9887325ead1 Mon Sep 17 00:00:00 2001 From: Mohammad Rizwan Yusuf <myu...@redhat.com> Date: Wed, 27 Jun 2018 15:28:58 +0530 Subject: [PATCH] Check if user permssions and umask 0022 is set when executing ipa-restore This test checks if the access rights for user/group is set to 644 on /var/lib/dirsrv/slapd-TESTRELM-TEST/ldif/* and umask 0022 set while restoring. related ticket: https://pagure.io/freeipa/issue/6844 Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com> --- .../test_integration/test_backup_and_restore.py | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/ipatests/test_integration/test_backup_and_restore.py b/ipatests/test_integration/test_backup_and_restore.py index 1697ff0036..b7e8c0b77d 100644 --- a/ipatests/test_integration/test_backup_and_restore.py +++ b/ipatests/test_integration/test_backup_and_restore.py @@ -494,7 +494,7 @@ def test_full_backup_and_restore_with_replica(self): check_replication(self.master, replica, "testuser1") -class TestUserrootFilesOwnership(IntegrationTest): +class TestUserrootFilesOwnershipPermission(IntegrationTest): """Test to check if userroot.ldif have proper ownership. Before the fix, when ipa-backup was called for the first time, @@ -511,9 +511,14 @@ class TestUserrootFilesOwnership(IntegrationTest): fail related ticket: https://pagure.io/freeipa/issue/7010 + + This test also checks if the access rights for user/group + is set and umask 0022 set while restoring. + + related ticket: https://pagure.io/freeipa/issue/6844 """ - def test_userroot_ldif_files_ownership(self): + def test_userroot_ldif_files_ownership_and_permission(self): """backup, uninstall, restore, backup""" tasks.install_master(self.master) backup_path = backup(self.master) @@ -523,8 +528,9 @@ def test_userroot_ldif_files_ownership(self): '-U']) dirman_password = self.master.config.dirman_password - self.master.run_command(['ipa-restore', backup_path], - stdin_text=dirman_password + '\nyes') + result = self.master.run_command(['ipa-restore', backup_path], + stdin_text=dirman_password + '\nyes') + assert 'Temporary setting umask to 022' in result.stdout_text # check if files have proper owner and group. dashed_domain = self.master.domain.realm.replace(".", '-') @@ -534,11 +540,12 @@ def test_userroot_ldif_files_ownership(self): cmd = self.master.run_command(arg) assert 'dirsrvdirsrv' in cmd.stdout_text + # also check of access rights are set to 644 arg = ['stat', - '-c', '%U%G', - '/var/lib/dirsrv/slapd-' + dashed_domain + '/ldif/'] + '-c', '%U%G%a', + '/var/lib/dirsrv/slapd-' + dashed_domain + '/ldif/*'] cmd = self.master.run_command(arg) - assert 'dirsrvdirsrv' in cmd.stdout_text + assert 'dirsrvdirsrv644' in cmd.stdout_text cmd = self.master.run_command(['ipa-backup', '-d']) unexp_str = "CRITICAL: db2ldif failed:"
_______________________________________________ FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/freeipa-devel@lists.fedorahosted.org/message/POH2XWHZUPIKW66ERRNSSV6S6AYFNZF6/
