[Freeipa-devel] [freeipa PR#4292][opened] Test if server installer lock Bind9 recursion

Mon, 02 Mar 2020 03:50:21 -0800 

   URL: https://github.com/freeipa/freeipa/pull/4292
Author: mrizwan93
 Title: #4292: Test if server installer lock Bind9 recursion
Action: opened

PR body:
"""
This test is to check if recursion can be configured.
It checks if newly added file /etc/named/ipa-ext.conf
exists and /etc/named.conf should not have
'allow-recursion { any; };'. It also checks if ipa-backup
command backup the /etc/named/ipa-ext.conf file as well

related : https://pagure.io/freeipa/issue/8079

Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com>
"""

To pull the PR as Git branch:
git remote add ghfreeipa https://github.com/freeipa/freeipa
git fetch ghfreeipa pull/4292/head:pr4292
git checkout pr4292

From 22d269f5c2c363d57bda34e29f25375021cfa4e9 Mon Sep 17 00:00:00 2001
From: Mohammad Rizwan Yusuf <myu...@redhat.com>
Date: Mon, 2 Mar 2020 17:12:24 +0530
Subject: [PATCH] Test if server installer lock Bind9 recursion

This test is to check if recursion can be configured.
It checks if newly added file /etc/named/ipa-ext.conf
exists and /etc/named.conf should not have
'allow-recursion { any; };'. It also checks if ipa-backup
command backup the /etc/named/ipa-ext.conf file as well

related : https://pagure.io/freeipa/issue/8079

Signed-off-by: Mohammad Rizwan Yusuf <myu...@redhat.com>
---
 .../test_integration/test_installation.py     | 23 +++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/ipatests/test_integration/test_installation.py b/ipatests/test_integration/test_installation.py
index 7b48410fd2..b97f2f11b0 100644
--- a/ipatests/test_integration/test_installation.py
+++ b/ipatests/test_integration/test_installation.py
@@ -842,6 +842,29 @@ def test_install_master(self):
             extra_args=['--zonemgr', 'm...@example.org'],
         )
 
+    def test_server_install_lock_bind_recursion(self):
+        """Test if server installer lock Bind9 recursion
+
+        This test is to check if recursion can be configured.
+        It checks if newly added file /etc/named/ipa-ext.conf
+        exists and /etc/named.conf should not have
+        'allow-recursion { any; };'. It also checks if ipa-backup
+        command backup the /etc/named/ipa-ext.conf file as well
+
+        related : https://pagure.io/freeipa/issue/8079
+        """
+        # check of /etc/named/ipa-ext.conf exist
+        assert self.master.transport.file_exists(paths.NAMED_CUSTOM_CONFIG)
+
+        # check if /etc/named.conf does not contain 'allow-recursion { any; };'
+        string_to_check = 'allow-recursion { any; };'
+        named_contents = self.master.get_file_contents(paths.NAMED_CONF)
+        assert string_to_check not in named_contents
+
+        # check if ipa-backup command backups the /etc/named/ipa-ext.conf
+        result = self.master.run_command(['ipa-backup', '-v'])
+        assert paths.NAMED_CUSTOM_CONFIG in result.stdout_text
+
     def test_install_kra(self):
         tasks.install_kra(self.master, first_instance=True)
 

_______________________________________________
FreeIPA-devel mailing list -- freeipa-devel@lists.fedorahosted.org
To unsubscribe send an email to freeipa-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/freeipa-devel@lists.fedorahosted.org

Reply via email to