URL: https://github.com/SSSD/sssd/pull/5755 Author: aborah-sudo Title: #5755: Tests: support subid ranges managed by FreeIPA Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5755/head:pr5755 git checkout pr5755
From 6ee425c829b9f51871618a76c225587717268a6c Mon Sep 17 00:00:00 2001 From: Anuj Borah <abo...@redhat.com> Date: Thu, 19 Aug 2021 14:19:26 +0530 Subject: [PATCH] Tests: support subid ranges managed by FreeIPA issue: https://github.com/SSSD/sssd/issues/5197 bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943 --- src/tests/multihost/ipa/conftest.py | 77 ++++++++++- .../multihost/ipa/data/list_subid_ranges.c | 46 +++++++ src/tests/multihost/ipa/test_subid_ranges.py | 125 ++++++++++++++++++ 3 files changed, 247 insertions(+), 1 deletion(-) create mode 100644 src/tests/multihost/ipa/data/list_subid_ranges.c create mode 100644 src/tests/multihost/ipa/test_subid_ranges.py diff --git a/src/tests/multihost/ipa/conftest.py b/src/tests/multihost/ipa/conftest.py index f65ae765d3..4cde40a8a1 100644 --- a/src/tests/multihost/ipa/conftest.py +++ b/src/tests/multihost/ipa/conftest.py @@ -16,12 +16,13 @@ from sssd.testlib.ipa.utils import ipaTools from sssd.testlib.common.utils import ADOperations from sssd.testlib.common.paths import SSSD_DEFAULT_CONF +from sssd.testlib.common.utils import SSHClient def pytest_configure(): """ Namespace hook to add below dict in the pytest namespace """ pytest.num_masters = 1 - pytest.num_ad = 1 + pytest.num_ad = 0 pytest.num_atomic = 0 pytest.num_replicas = 0 pytest.num_clients = 1 @@ -165,6 +166,80 @@ def restoresssdconf(): # ==================== Class Scoped Fixtures ================ +@pytest.fixture(scope='class') +def environment_setup(session_multihost, request): + """ + Install necessary packages + """ + client = session_multihost.client[0] + client.run_command("yum install -y shadow-utils*") + client.run_command("yum install -y gcc") + with pytest.raises(subprocess.CalledProcessError): + client.run_command(f"grep subid /etc/nsswitch.conf") + file_location = "/src/tests/multihost/ipa/data/list_subid_ranges.c" + client.transport.put_file(os.getcwd() + + file_location, + '/tmp/list_subid_ranges.c') + client.run_command("gcc /tmp/list_subid_ranges.c" + " -lsubid -o /tmp/list_subid_ranges") + + def remove(): + """ Remove file """ + for file in ['list_subid_ranges', 'list_subid_ranges.c']: + client.run_command(f"rm -vf /tmp/{file}") + + request.addfinalizer(remove) + + +@pytest.fixture(scope='class') +def subid_generate(session_multihost, request): + """ + Generate subid for user admin + """ + user = "admin" + test_password = "Secret123" + ssh1 = SSHClient(session_multihost.client[0].ip, + username=user, password=test_password) + (result, result1, exit_status) = ssh1.execute_cmd('kinit', + stdin=test_password) + assert exit_status == 0 + (result, result1, exit_status) = ssh1.exec_command(f"ipa " + f" subid-generate" + f" --owner={user}") + ssh1.close() + + +@pytest.fixture(scope='class') +def bkp_cnfig_for_subid_files(session_multihost, request): + """ Back up files used in test + And config /etc/nsswitch.conf + """ + session_multihost.client[0].run_command("cp -vf " + "/etc/subuid " + "/tmp/subuid_bkp") + session_multihost.client[0].run_command("cp -vf " + "/etc/subgid " + "/tmp/subgid_bkp") + session_multihost.client[0].run_command("cp -vf " + "/etc/nsswitch.conf " + "/tmp/nsswitch.conf_bkp") + session_multihost.client[0].run_command("echo 'subid: sss' " + ">> /etc/nsswitch.conf") + + def restore(): + """ Restore """ + session_multihost.client[0].run_command("mv -vf " + "/tmp/subuid_bkp " + "/etc/subuid") + session_multihost.client[0].run_command("mv -vf " + "/tmp/subgid_bkp " + "/etc/subgid") + session_multihost.client[0].run_command("mv -vf " + "/tmp/nsswitch.conf_bkp " + "/etc/nsswitch.conf") + request.addfinalizer(restore) + + @pytest.fixture(scope="class") def default_ipa_users(session_multihost, request): """ Create IPA Users foobar0 to foobar9 """ diff --git a/src/tests/multihost/ipa/data/list_subid_ranges.c b/src/tests/multihost/ipa/data/list_subid_ranges.c new file mode 100644 index 0000000000..05d2e8f048 --- /dev/null +++ b/src/tests/multihost/ipa/data/list_subid_ranges.c @@ -0,0 +1,46 @@ + +#include <stdio.h> +#include <string.h> +#include "shadow/subid.h" +#include "stdlib.h" + +const char *Prog; +FILE *shadow_logfd = NULL; + +void usage(void) +{ + fprintf(stderr, "Usage: %s [-g] user\n", Prog); + fprintf(stderr, " list subuid ranges for user\n"); + fprintf(stderr, " pass -g to list subgid ranges\n"); + exit(EXIT_FAILURE); +} + +int main(int argc, char *argv[]) +{ + int i, count=0; + struct subid_range *ranges; + const char *owner; + + Prog = argv[0]; + shadow_logfd = stderr; + if (argc < 2) + usage(); + owner = argv[1]; + if (argc == 3 && strcmp(argv[1], "-g") == 0) { + owner = argv[2]; + count = get_subgid_ranges(owner, &ranges); + } else if (argc == 2 && strcmp(argv[1], "-h") == 0) { + usage(); + } else { + count = get_subuid_ranges(owner, &ranges); + } + if (!ranges) { + fprintf(stderr, "Error fetching ranges\n"); + exit(1); + } + for (i = 0; i < count; i++) { + printf("%d: %s %lu %lu\n", i, owner, + ranges[i].start, ranges[i].count); + } + return 0; +} diff --git a/src/tests/multihost/ipa/test_subid_ranges.py b/src/tests/multihost/ipa/test_subid_ranges.py new file mode 100644 index 0000000000..a09f710edf --- /dev/null +++ b/src/tests/multihost/ipa/test_subid_ranges.py @@ -0,0 +1,125 @@ +""" Automation of IPA bugs """ + +import pytest +import subprocess +import time +import os +from sssd.testlib.common.utils import SSHClient + + +test_password = "Secret123" +user = 'admin' + + +def execute_cmd(multihost, command): + """ Execute command on client """ + cmd = multihost.client[0].run_command(command) + return cmd + + +def ipa_subid_find(multihost): + ssh1 = SSHClient(multihost.client[0].ip, + username=user, password=test_password) + (result, result1, exit_status) = ssh1.exec_command(f"ipa " + f"subid-find" + f" --owner " + f"{user}") + user_details = result1.readlines() + global uid_start, uid_range, gid_start, gid_range + uid_start = int(user_details[5].split(': ')[1].split('\n')[0]) + uid_range = int(user_details[6].split(': ')[1].split('\n')[0]) + gid_start = int(user_details[7].split(': ')[1].split('\n')[0]) + gid_range = int(user_details[8].split(': ')[1].split('\n')[0]) + ssh1.close() + + +@pytest.mark.usefixtures('environment_setup', + 'subid_generate', + 'bkp_cnfig_for_subid_files') +@pytest.mark.tier2 +class TestSubid(object): + """ + This is for ipa bugs automation + """ + def test_subid_feature(self, multihost): + """ + :Title: support subid ranges managed by FreeIPA + :id: 50bcdc28-00c8-11ec-bef4-845cf3eff344 + :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943 + :steps: + 1. Test newuidmap command + 2. Test newgidmap command + :expectedresults: + 1. Should succeed + 2. Should succeed + """ + ipa_subid_find(multihost) + ssh1 = SSHClient(multihost.client[0].ip, + username=user, password=test_password) + (results1, results2, results3) = ssh1.exec_command("unshare" + " -U bash" + " -c 'echo $$" + ">/tmp/unshare.pid;" + "sleep 1000'") + time.sleep(2) + proces_id = int(execute_cmd(multihost, + "cat " + "/tmp/unshare.pid").stdout_text.strip()) + uid = 0 + gid = 1000 + count = 1 + (std_out, std_err, exit_status) = ssh1.exec_command(f"newuidmap " + f"{proces_id}" + f" {uid}" + f" {uid_start}" + f" {count}") + for i in exit_status.readlines(): + assert "write to uid_map failed" not in i + (result, result1, exit_status) = ssh1.exec_command(f"newgidmap " + f"{proces_id} " + f"{gid} " + f"{gid_start} " + f"{count}") + for i in exit_status.readlines(): + assert "write to uid_map failed" not in i + result = execute_cmd(multihost, f"cat /proc/{proces_id}/uid_map") + assert str(uid) == result.stdout_text.split()[0] + assert str(uid_start) == result.stdout_text.split()[1] + assert str(count) == result.stdout_text.split()[2] + result = execute_cmd(multihost, f"cat /proc/{proces_id}/gid_map") + assert str(gid) == result.stdout_text.split()[0] + assert str(gid_start) == result.stdout_text.split()[1] + assert str(count) == result.stdout_text.split()[2] + multihost.client[0].run_command(f'kill -9 {proces_id}') + multihost.client[0].run_command("rm -vf " + "/tmp/unshare.pid") + ssh1.close() + + def test_list_subid_ranges(self, multihost): + """ + :Title: support subid ranges managed by FreeIPA + :id: 4ab33f84-00c8-11ec-ad91-845cf3eff344 + :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943 + :steps: + 1. Test list_subid_ranges command + 2. Test list_subid_ranges -g command + :expectedresults: + 1. Should succeed + 2. Should succeed + """ + ipa_subid_find(multihost) + ssh1 = SSHClient(multihost.client[0].ip, + username=user, password=test_password) + cmd = multihost.client[0].run_command(f"cd /tmp/; " + f"./list_subid_ranges " + f"{user}") + assert str(user) == cmd.stdout_text.split()[1] + assert str(uid_start) == cmd.stdout_text.split()[2] + assert str(uid_range) == cmd.stdout_text.split()[3] + cmd = multihost.client[0].run_command(f"cd /tmp/;" + f" ./list_subid_ranges" + f" -g {user}") + assert str(user) == cmd.stdout_text.split()[1] + assert str(gid_start) == cmd.stdout_text.split()[2] + assert str(gid_range) == cmd.stdout_text.split()[3] + ssh1.close()
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
