URL: https://github.com/SSSD/sssd/pull/5755
Author: aborah-sudo
 Title: #5755: Tests: support subid ranges managed by FreeIPA
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/5755/head:pr5755
git checkout pr5755
From 6ee425c829b9f51871618a76c225587717268a6c Mon Sep 17 00:00:00 2001
From: Anuj Borah <abo...@redhat.com>
Date: Thu, 19 Aug 2021 14:19:26 +0530
Subject: [PATCH] Tests: support subid ranges managed by FreeIPA

issue: https://github.com/SSSD/sssd/issues/5197

bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
---
 src/tests/multihost/ipa/conftest.py           |  77 ++++++++++-
 .../multihost/ipa/data/list_subid_ranges.c    |  46 +++++++
 src/tests/multihost/ipa/test_subid_ranges.py  | 125 ++++++++++++++++++
 3 files changed, 247 insertions(+), 1 deletion(-)
 create mode 100644 src/tests/multihost/ipa/data/list_subid_ranges.c
 create mode 100644 src/tests/multihost/ipa/test_subid_ranges.py

diff --git a/src/tests/multihost/ipa/conftest.py b/src/tests/multihost/ipa/conftest.py
index f65ae765d3..4cde40a8a1 100644
--- a/src/tests/multihost/ipa/conftest.py
+++ b/src/tests/multihost/ipa/conftest.py
@@ -16,12 +16,13 @@
 from sssd.testlib.ipa.utils import ipaTools
 from sssd.testlib.common.utils import ADOperations
 from sssd.testlib.common.paths import SSSD_DEFAULT_CONF
+from sssd.testlib.common.utils import SSHClient
 
 
 def pytest_configure():
     """ Namespace hook to add below dict in the pytest namespace """
     pytest.num_masters = 1
-    pytest.num_ad = 1
+    pytest.num_ad = 0
     pytest.num_atomic = 0
     pytest.num_replicas = 0
     pytest.num_clients = 1
@@ -165,6 +166,80 @@ def restoresssdconf():
 # ====================  Class Scoped Fixtures ================
 
 
+@pytest.fixture(scope='class')
+def environment_setup(session_multihost, request):
+    """
+    Install necessary packages
+    """
+    client = session_multihost.client[0]
+    client.run_command("yum install -y shadow-utils*")
+    client.run_command("yum install -y gcc")
+    with pytest.raises(subprocess.CalledProcessError):
+        client.run_command(f"grep subid /etc/nsswitch.conf")
+    file_location = "/src/tests/multihost/ipa/data/list_subid_ranges.c"
+    client.transport.put_file(os.getcwd() +
+                              file_location,
+                              '/tmp/list_subid_ranges.c')
+    client.run_command("gcc /tmp/list_subid_ranges.c"
+                       "  -lsubid -o /tmp/list_subid_ranges")
+
+    def remove():
+        """ Remove file """
+        for file in ['list_subid_ranges', 'list_subid_ranges.c']:
+            client.run_command(f"rm -vf /tmp/{file}")
+
+    request.addfinalizer(remove)
+
+
+@pytest.fixture(scope='class')
+def subid_generate(session_multihost, request):
+    """
+    Generate subid for user admin
+    """
+    user = "admin"
+    test_password = "Secret123"
+    ssh1 = SSHClient(session_multihost.client[0].ip,
+                     username=user, password=test_password)
+    (result, result1, exit_status) = ssh1.execute_cmd('kinit',
+                                                      stdin=test_password)
+    assert exit_status == 0
+    (result, result1, exit_status) = ssh1.exec_command(f"ipa "
+                                                       f" subid-generate"
+                                                       f"  --owner={user}")
+    ssh1.close()
+
+
+@pytest.fixture(scope='class')
+def bkp_cnfig_for_subid_files(session_multihost, request):
+    """ Back up files used in test
+        And config /etc/nsswitch.conf
+    """
+    session_multihost.client[0].run_command("cp -vf  "
+                                            "/etc/subuid "
+                                            "/tmp/subuid_bkp")
+    session_multihost.client[0].run_command("cp -vf  "
+                                            "/etc/subgid "
+                                            "/tmp/subgid_bkp")
+    session_multihost.client[0].run_command("cp -vf  "
+                                            "/etc/nsswitch.conf "
+                                            "/tmp/nsswitch.conf_bkp")
+    session_multihost.client[0].run_command("echo 'subid: sss'  "
+                                            ">> /etc/nsswitch.conf")
+
+    def restore():
+        """ Restore """
+        session_multihost.client[0].run_command("mv -vf  "
+                                                "/tmp/subuid_bkp "
+                                                "/etc/subuid")
+        session_multihost.client[0].run_command("mv -vf  "
+                                                "/tmp/subgid_bkp "
+                                                "/etc/subgid")
+        session_multihost.client[0].run_command("mv -vf  "
+                                                "/tmp/nsswitch.conf_bkp "
+                                                "/etc/nsswitch.conf")
+    request.addfinalizer(restore)
+
+
 @pytest.fixture(scope="class")
 def default_ipa_users(session_multihost, request):
     """ Create IPA Users foobar0 to foobar9 """
diff --git a/src/tests/multihost/ipa/data/list_subid_ranges.c b/src/tests/multihost/ipa/data/list_subid_ranges.c
new file mode 100644
index 0000000000..05d2e8f048
--- /dev/null
+++ b/src/tests/multihost/ipa/data/list_subid_ranges.c
@@ -0,0 +1,46 @@
+
+#include <stdio.h>
+#include <string.h>
+#include "shadow/subid.h"
+#include "stdlib.h"
+
+const char *Prog;
+FILE *shadow_logfd = NULL;
+
+void usage(void)
+{
+	fprintf(stderr, "Usage: %s [-g] user\n", Prog);
+	fprintf(stderr, "    list subuid ranges for user\n");
+	fprintf(stderr, "    pass -g to list subgid ranges\n");
+	exit(EXIT_FAILURE);
+}
+
+int main(int argc, char *argv[])
+{
+	int i, count=0;
+	struct subid_range *ranges;
+	const char *owner;
+
+	Prog = argv[0];
+	shadow_logfd = stderr;
+	if (argc < 2)
+		usage();
+	owner = argv[1];
+	if (argc == 3 && strcmp(argv[1], "-g") == 0) {
+		owner = argv[2];
+		count = get_subgid_ranges(owner, &ranges);
+	} else if (argc == 2 && strcmp(argv[1], "-h") == 0) {
+		usage();
+	} else {
+		count = get_subuid_ranges(owner, &ranges);
+	}
+	if (!ranges) {
+		fprintf(stderr, "Error fetching ranges\n");
+		exit(1);
+	}
+	for (i = 0; i < count; i++) {
+		printf("%d: %s %lu %lu\n", i, owner,
+			ranges[i].start, ranges[i].count);
+	}
+	return 0;
+}
diff --git a/src/tests/multihost/ipa/test_subid_ranges.py b/src/tests/multihost/ipa/test_subid_ranges.py
new file mode 100644
index 0000000000..a09f710edf
--- /dev/null
+++ b/src/tests/multihost/ipa/test_subid_ranges.py
@@ -0,0 +1,125 @@
+""" Automation of IPA bugs """
+
+import pytest
+import subprocess
+import time
+import os
+from sssd.testlib.common.utils import SSHClient
+
+
+test_password = "Secret123"
+user = 'admin'
+
+
+def execute_cmd(multihost, command):
+    """ Execute command on client """
+    cmd = multihost.client[0].run_command(command)
+    return cmd
+
+
+def ipa_subid_find(multihost):
+    ssh1 = SSHClient(multihost.client[0].ip,
+                     username=user, password=test_password)
+    (result, result1, exit_status) = ssh1.exec_command(f"ipa  "
+                                                       f"subid-find"
+                                                       f"  --owner  "
+                                                       f"{user}")
+    user_details = result1.readlines()
+    global uid_start, uid_range, gid_start, gid_range
+    uid_start = int(user_details[5].split(': ')[1].split('\n')[0])
+    uid_range = int(user_details[6].split(': ')[1].split('\n')[0])
+    gid_start = int(user_details[7].split(': ')[1].split('\n')[0])
+    gid_range = int(user_details[8].split(': ')[1].split('\n')[0])
+    ssh1.close()
+
+
+@pytest.mark.usefixtures('environment_setup',
+                         'subid_generate',
+                         'bkp_cnfig_for_subid_files')
+@pytest.mark.tier2
+class TestSubid(object):
+    """
+    This is for ipa bugs automation
+    """
+    def test_subid_feature(self, multihost):
+        """
+        :Title: support subid ranges managed by FreeIPA
+        :id: 50bcdc28-00c8-11ec-bef4-845cf3eff344
+        :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
+        :steps:
+            1. Test newuidmap command
+            2. Test newgidmap command
+        :expectedresults:
+            1. Should succeed
+            2. Should succeed
+        """
+        ipa_subid_find(multihost)
+        ssh1 = SSHClient(multihost.client[0].ip,
+                         username=user, password=test_password)
+        (results1, results2, results3) = ssh1.exec_command("unshare"
+                                                           " -U bash"
+                                                           " -c 'echo $$"
+                                                           ">/tmp/unshare.pid;"
+                                                           "sleep 1000'")
+        time.sleep(2)
+        proces_id = int(execute_cmd(multihost,
+                                    "cat "
+                                    "/tmp/unshare.pid").stdout_text.strip())
+        uid = 0
+        gid = 1000
+        count = 1
+        (std_out, std_err, exit_status) = ssh1.exec_command(f"newuidmap "
+                                                            f"{proces_id}"
+                                                            f" {uid}"
+                                                            f" {uid_start}"
+                                                            f" {count}")
+        for i in exit_status.readlines():
+            assert "write to uid_map failed" not in i
+        (result, result1, exit_status) = ssh1.exec_command(f"newgidmap "
+                                                           f"{proces_id} "
+                                                           f"{gid} "
+                                                           f"{gid_start} "
+                                                           f"{count}")
+        for i in exit_status.readlines():
+            assert "write to uid_map failed" not in i
+        result = execute_cmd(multihost, f"cat /proc/{proces_id}/uid_map")
+        assert str(uid) == result.stdout_text.split()[0]
+        assert str(uid_start) == result.stdout_text.split()[1]
+        assert str(count) == result.stdout_text.split()[2]
+        result = execute_cmd(multihost, f"cat /proc/{proces_id}/gid_map")
+        assert str(gid) == result.stdout_text.split()[0]
+        assert str(gid_start) == result.stdout_text.split()[1]
+        assert str(count) == result.stdout_text.split()[2]
+        multihost.client[0].run_command(f'kill -9 {proces_id}')
+        multihost.client[0].run_command("rm -vf "
+                                        "/tmp/unshare.pid")
+        ssh1.close()
+
+    def test_list_subid_ranges(self, multihost):
+        """
+        :Title: support subid ranges managed by FreeIPA
+        :id: 4ab33f84-00c8-11ec-ad91-845cf3eff344
+        :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1803943
+        :steps:
+            1. Test list_subid_ranges command
+            2. Test list_subid_ranges -g command
+        :expectedresults:
+            1. Should succeed
+            2. Should succeed
+        """
+        ipa_subid_find(multihost)
+        ssh1 = SSHClient(multihost.client[0].ip,
+                         username=user, password=test_password)
+        cmd = multihost.client[0].run_command(f"cd /tmp/; "
+                                              f"./list_subid_ranges "
+                                              f"{user}")
+        assert str(user) == cmd.stdout_text.split()[1]
+        assert str(uid_start) == cmd.stdout_text.split()[2]
+        assert str(uid_range) == cmd.stdout_text.split()[3]
+        cmd = multihost.client[0].run_command(f"cd /tmp/;"
+                                              f" ./list_subid_ranges"
+                                              f" -g {user}")
+        assert str(user) == cmd.stdout_text.split()[1]
+        assert str(gid_start) == cmd.stdout_text.split()[2]
+        assert str(gid_range) == cmd.stdout_text.split()[3]
+        ssh1.close()
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to