[SSSD] [sssd PR#5478][synchronized] Tests: alltests: fetch autofs maps after coming online

shridhargadekar Mon, 01 Mar 2021 00:47:21 -0800

   URL: https://github.com/SSSD/sssd/pull/5478
Author: shridhargadekar
 Title: #5478: Tests: alltests: fetch autofs maps after coming online
Action: synchronized


To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5478/head:pr5478
git checkout pr5478

From 1d36adf38098aed464ea7b7e0dbc4c2ce103c97c Mon Sep 17 00:00:00 2001
From: Shridhar Gadekar <sgade...@sgadekar.pnq.csb>
Date: Thu, 28 Jan 2021 19:12:02 +0530
Subject: [PATCH] fetch autofs maps after coming online

SSSD is started in offline mode with no existing
cache. While coming online, SSSD should fetch
autofs maps from server without restarting SSSSD service.
---
 .../multihost/alltests/test_automount.py      | 71 +++++++++++++++++++
 1 file changed, 71 insertions(+)

diff --git a/src/tests/multihost/alltests/test_automount.py b/src/tests/multihost/alltests/test_automount.py
index 33ed6b1563..bdcc156647 100644
--- a/src/tests/multihost/alltests/test_automount.py
+++ b/src/tests/multihost/alltests/test_automount.py
@@ -342,3 +342,74 @@ def test_008_wildcardsearch(self, multihost, indirect_nismaps,
         # delete the pcap file
         del_pcap = 'rm -f %s' % auto_pcapfile
         multihost.client[0].run_command(del_pcap)
+
+    @pytest.mark.parametrize('add_nisobject', ['/export'], indirect=True)
+    @pytest.mark.tier1_2
+    def test_009_fetch_maps_coming_online_from_offline(self, multihost,
+                                                       add_nisobject):
+        """
+        :title: fetch autofs map after coming online from offline
+        :id: b9da6e0e-3d8b-4465-b435-338708d0d51e
+        :bugzilla:
+          https://bugzilla.redhat.com/show_bug.cgi?id=1113639
+        :setup:
+          1. edit sssd.conf and specify autofs_provider
+          2. Install and configure firewall
+        :steps:
+          1. firewall block 389 and 636
+          2. stop sssd, autofs.
+          3. remove sssd cache
+          4. Start sssd
+          5. remove firewall rule
+          6. start autofs
+        :expectedresults:
+          1. port 389 and 636 should not allow any traffic
+          2. sssd and autofs services should stop
+          3. sssd cache should be deleted successfully
+          4. sssd should come online within 60 seconds
+          5. port 389 and 636 should allow traffic through them
+          6. autofs should start successfully
+        """
+        multihost.master[0].run_command(['touch', '/export/nfs-test'])
+        client = sssdTools(multihost.client[0])
+        domain_name = client.get_domain_section_name()
+        for service in ['sssd', 'autofs']:
+            client.service_ctrl("stop", service)
+        client.clear_sssd_cache()
+        cmd = 'dnf install -y firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        client.service_ctrl("start", "firewalld")
+        fw_add0 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 0 -p tcp -m tcp --dport=389 -j DROP'
+        fw_add1 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 1 -p tcp -m tcp --dport=636 -j DROP'
+        fw_add2 = 'firewall-cmd --permanent --direct --add-rule ipv4 '\
+                  'filter OUTPUT 2 -j ACCEPT'
+        multihost.client[0].run_command(fw_add0, raiseonerr=True)
+        multihost.client[0].run_command(fw_add1, raiseonerr=True)
+        multihost.client[0].run_command(fw_add2, raiseonerr=True)
+        fw_rld = 'firewall-cmd --reload'
+        multihost.client[0].run_command(fw_rld, raiseonerr=True)
+        client.service_ctrl("start", "sssd")
+        time.sleep(5)
+        cmd = 'sssctl domain-status %s' % domain_name
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        find = re.compile(r'Online status: Offline')
+        result = find.search(cmd.stdout_text)
+        assert result is not None
+        fw_r0 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 0 -p tcp -m tcp --dport=389 -j DROP'
+        fw_r1 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 1 -p tcp -m tcp --dport=636 -j DROP'
+        fw_r2 = 'firewall-cmd --permanent --direct --remove-rule ipv4 '\
+                'filter OUTPUT 2 -j ACCEPT'
+        multihost.client[0].run_command(fw_r0, raiseonerr=True)
+        multihost.client[0].run_command(fw_r1, raiseonerr=True)
+        multihost.client[0].run_command(fw_r2, raiseonerr=True)
+        multihost.client[0].run_command(fw_rld, raiseonerr=True)
+        client.service_ctrl("stop", "firewalld")
+        time.sleep(60)
+        client.service_ctrl("start", "autofs")
+        cmd = 'dnf remove -y firewalld'
+        multihost.client[0].run_command(cmd, raiseonerr=True)
+        assert cmd2.returncode == 0

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[SSSD] [sssd PR#5478][synchronized] Tests: alltests: fetch autofs maps after coming online

Reply via email to