URL: https://github.com/SSSD/sssd/pull/5478
Author: shridhargadekar
 Title: #5478: Tests: alltests: fetch autofs maps after coming online
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5478/head:pr5478
git checkout pr5478
From 3c053ec1da72224c85db8ea71df0ea8fabdd0b13 Mon Sep 17 00:00:00 2001
From: Shridhar Gadekar <sgade...@sgadekar.pnq.csb>
Date: Thu, 28 Jan 2021 19:12:02 +0530
Subject: [PATCH] fetch autofs maps after coming online

SSSD is started in offline mode with no existing
cache. While coming online, SSSD should fetch
autofs maps from server without restarting SSSSD service.
---
 .../multihost/alltests/test_automount.py      | 84 +++++++++++++++++++
 1 file changed, 84 insertions(+)

diff --git a/src/tests/multihost/alltests/test_automount.py b/src/tests/multihost/alltests/test_automount.py
index 33ed6b1563..d794f8cd7d 100644
--- a/src/tests/multihost/alltests/test_automount.py
+++ b/src/tests/multihost/alltests/test_automount.py
@@ -342,3 +342,87 @@ def test_008_wildcardsearch(self, multihost, indirect_nismaps,
         # delete the pcap file
         del_pcap = 'rm -f %s' % auto_pcapfile
         multihost.client[0].run_command(del_pcap)
+
+    @pytest.mark.parametrize('add_nisobject', ['/export'], indirect=True)
+    @pytest.mark.tier1
+    def test_009_fetch_maps_coming_online_from_offline(self, multihost,
+                                                       add_nisobject):
+        """
+        @title: fetch autofs map after coming online from offline
+
+        @id: b9da6e0e-3d8b-4465-b435-338708d0d51e
+
+        @bugzilla:
+        https://bugzilla.redhat.com/show_bug.cgi?id=1113639
+
+        @setup:
+        1. edit sssd.conf and specify autofs_provider
+        2. Install and configure firewall
+
+        @steps:
+        1. firewall block 389 and 636
+        2. stop sssd, autofs.
+        3. remove sssd cache
+        4. Start sssd
+        5. remove firewall rule
+        6. start autofs
+
+        @expectedresults:
+        1. port 389 and 636 should not allow any traffic
+        2. sssd and autofs services should stop
+        3. sssd cache should be deleted successfully
+        4. sssd should come online within 60 seconds
+        5. port 389 and 636 should allow traffic through them
+        6. autofs should start successfully
+        """
+        multihost.master[0].run_command(['touch', '/export/nfs-test'])
+        for service in ['sssd', 'autofs']:
+            srv = 'systemctl stop %s' % service
+            try:
+                multihost.client[0].run_command(srv)
+            except subprocess.CalledProcessError:
+                pytest.fail("Unable to stop %s service" % service)
+        client = sssdTools(multihost.client[0])
+        domain_name = client.get_domain_section_name()
+        client.clear_sssd_cache()
+        cmd = 'dnf install -y firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        cmd = 'systemctl start firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        fw_add0 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 0 -p tcp -m tcp --dport=389 -j DROP'
+        fw_add1 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 1 -p tcp -m tcp --dport=636 -j DROP'
+        fw_add2 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 2 -j ACCEPT'
+        multihost.client[0].run_command(fw_add0, raiseonerr=True)
+        multihost.client[0].run_command(fw_add1, raiseonerr=True)
+        multihost.client[0].run_command(fw_add2, raiseonerr=True)
+        fw_rld = 'firewall-cmd --reload'
+        multihost.client[0].run_command(fw_rld, raiseonerr=True)
+        cmd = 'systemctl start sssd'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        time.sleep(10)
+        cmd = 'sssctl domain-status %s' % domain_name
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        find = re.compile(r'Online status: Offline')
+        result = find.search(cmd.stdout_text)
+        assert result is not None
+        fw_r0 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 0 -p tcp -m tcp --dport=389 -j DROP'
+        fw_r1 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 1 -p tcp -m tcp --dport=636 -j DROP'
+        fw_r2 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 2 -j ACCEPT'
+        multihost.client[0].run_command(fw_r0, raiseonerr=True)
+        multihost.client[0].run_command(fw_r1, raiseonerr=True)
+        multihost.client[0].run_command(fw_r2, raiseonerr=True)
+        multihost.client[0].run_command(fw_rld, raiseonerr=True)
+        cmd = 'systemctl stop firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        time.sleep(60)
+        cmd1 = 'systemctl start autofs'
+        cmd2 = multihost.client[0].run_command(cmd1, raiseonerr=False)
+        cmd = 'dnf remove -y firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        assert cmd2.returncode == 0
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to