URL: https://github.com/SSSD/sssd/pull/5930 Author: shridhargadekar Title: #5930: Tests: Health and Support Analyzer - Add request log parsing utility Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/5930/head:pr5930 git checkout pr5930
From fe5bfbe551e570875afb88f6fd1dc72b2b8857de Mon Sep 17 00:00:00 2001 From: Shridhar Gadekar <sgade...@sgadekar.pnq.csb> Date: Tue, 21 Dec 2021 00:35:14 +0530 Subject: [PATCH] Tests: Health and Support Analyzer - Add request log parsing utility Verifies: #5712 Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1294670 --- .../alltests/test_sssctl_analyzer.py | 183 ++++++++++++++++++ 1 file changed, 183 insertions(+) create mode 100644 src/tests/multihost/alltests/test_sssctl_analyzer.py diff --git a/src/tests/multihost/alltests/test_sssctl_analyzer.py b/src/tests/multihost/alltests/test_sssctl_analyzer.py new file mode 100644 index 0000000000..b4a99b40f6 --- /dev/null +++ b/src/tests/multihost/alltests/test_sssctl_analyzer.py @@ -0,0 +1,183 @@ +"""Automation tests for sssctl analyzer +:requirement: sssctl analyzer +:casecomponent: sssd +:subsystemteam: sst_idm_sssd +:upstream: yes +""" +import pytest +from sssd.testlib.common.utils import sssdTools +from sssd.testlib.common.expect import pexpect_ssh +from sssd.testlib.common.exceptions import SSHLoginException +from constants import ds_instance_name + + +def analyzer(multihost, req_arg, arg=None): + """ + Execute sssctl analyze command with given action and options + and return the exit status as well as command output + :param str req_arg: command action to perform, values could be + 'list' or 'show' or 'show <num>' + : param str arg: optional argument string. values could be + '--source <log_source>' or '--logdir <dir_path>' or '--help' + """ + if arg is None: + arg = '' + cmd1 = f'sssctl analyze {arg} request {req_arg}' + cmd = multihost.client[0].run_command(cmd1, raiseonerr=False) + return cmd.returncode, cmd.stdout_text + + +@pytest.mark.usefixtures('setup_sssd', 'create_posix_usersgroups') +@pytest.mark.analyzer +@pytest.mark.tier1_2 +class TestSssctlAnalyzer(object): + """ sssctl analyze test suite """ + def test_analyzer_list(self, multihost, backupsssdconf): + """ + :title: sssctl analyzer list to show captured nss related + requests from sssd log + :id: 95e18ae1-6c4a-4baa-8202-fe33fe82bdec + :description: sssctl analyzer request list is able to capture the user + and group related requests raised when commands like id and getent + are executed + :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1294670 + :steps: + 1. Configure sssd to authenticate against directory server + 2. Enable debug_level to 9 in the 'nss', 'pam' and domain section + 3. Restart SSSD with cleared cache + 4. Fetch user and group information using 'id' and 'getent' tools + 5. Run 'sssctl analyzer request list' + 6. Check with sssctl analyzer is listing id and getent instances + 7. sssctl analyzer with subcmd 'show' and request number is listing + logs related to that number only + :expectedresults: + 1. Should succeed + 2. Should succeed + 3. Should succeed + 4. Should succeed + 5. Should succeed + 6. Should succeed + 7. Should succeed + """ + tools = sssdTools(multihost.client[0]) + sec = ['nss', 'pam'] + sssd_params = {'debug_level': '9'} + for sec_op in sec: + tools.sssd_conf(sec_op, sssd_params, action='update') + multihost.client[0].service_sssd('start') + tools.clear_sssd_cache() + cmd = f'getent group ldapusers@{ds_instance_name}' + multihost.client[0].run_command(cmd, raiseonerr=False) + cmd = f'id foo1@{ds_instance_name}' + multihost.client[0].run_command(cmd, raiseonerr=False) + for act_op in ['list', 'list -v']: + _, stdout = analyzer(multihost, act_op) + assert all(ptn in stdout for ptn in ['id', 'getent']) + tools.clear_sssd_cache() + cmd = f'getent passwd foo1@{ds_instance_name}' + multihost.client[0].run_command(cmd, raiseonerr=False) + for act_op in ['list', 'list -v']: + _, stdout = analyzer(multihost, act_op) + assert all(ptn in stdout for ptn in ['CID #1', 'getent']) + + def test_analyzer_diff_log_location(self, multihost, backupsssdconf): + """ + :title: sssctl analyzer able to parse sssd logs from non-default + location + :description: sssctl analyzer should be able to parse the sssd logs + from different location or logs from other host + :id: d297b394-3502-4ade-a5a5-5fb4c4333645 + :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1294670 + :steps: + 1. Configure sssd to authenticate against directory server + 2. Enable debug_level to 9 in the 'nss', 'pam' and domain section + 3. Restart SSSD with cleared cache + 4. Fetch user as well as information using 'id' and 'groups' tools + 5. Log in as user via ssh + 6. Copy sssd logs to a different location + 7. Confirm --logdir allows analyzer to parse logs from that location + :expectedresults: + 1. Should succeed + 2. Should succeed + 3. Should succeed + 4. Should succeed + 5. Should succeed + 6. Should succeed + 7. Should succeed + """ + tools = sssdTools(multihost.client[0]) + sec = ['nss', 'pam'] + sssd_params = {'debug_level': '9'} + for sec_op in sec: + tools.sssd_conf(sec_op, sssd_params, action='update') + tools.clear_sssd_cache() + user = f'foo1@{ds_instance_name}' + cmd = f'id {user}' + multihost.client[0].run_command(cmd, raiseonerr=False) + client_hostname = multihost.client[0].sys_hostname + client = pexpect_ssh(client_hostname, user, 'Secret123', + debug=False) + try: + client.login() + except SSHLoginException: + pytest.fail(f'{user} failed to login') + else: + client.logout() + cmd = 'cp -r /var/log/sssd/ /tmp/' + multihost.client[0].run_command(cmd, raiseonerr=False) + op = 'show 1 --pam' + logdir = '--logdir /tmp/sssd/' + _, stdout = analyzer(multihost, op, logdir) + cmds = ['SSS_PAM_AUTHENTICATE', 'SSS_PAM_AUTHENTICATE', + 'SSS_PAM_ACCT_MGMT', 'SSS_PAM_SETCRED'] + for pam_cmd in cmds: + assert pam_cmd in stdout + for act_op in ['list', 'list -v']: + _, stdout = analyzer(multihost, act_op, logdir) + assert all(ptn in stdout for ptn in ['id', 'ssh']) + + def test_analyzer_pam_logs(self, multihost, backupsssdconf): + """ + :title: sssctl analyzer to parse pam requests from logs + :id: 7fcd03b6-7f6f-4f39-96f8-45e0cb2d8c20 + :description: sssctl analyze request should able to parse and return + authentication logs + :bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1294670 + :steps: + 1. Configure sssd to authenticate against directory server + 2. Enable debug_level to 9 in the 'nss', 'pam' and domain section + 3. Restart SSSD with cleared cache + 4. Log in as a user using ssh + 5. Confirm --pam option is showing login related logs + :expectedresults: + 1. Should succeed + 2. Should succeed + 3. Should succeed + 4. Should succeed + 5. Should succeed + """ + tools = sssdTools(multihost.client[0]) + multihost.client[0].service_sssd('stop') + tools.remove_sss_cache('/var/lib/sss/db/') + tools.remove_sss_cache('/var/log/sssd/') + sec = ['nss', 'pam'] + sssd_params = {'debug_level': '9'} + for sec_op in sec: + tools.sssd_conf(sec_op, sssd_params, action='update') + multihost.client[0].service_sssd('start') + user = f'foo1@{ds_instance_name}' + client_hostname = multihost.client[0].sys_hostname + client = pexpect_ssh(client_hostname, user, 'Secret123', + debug=False) + try: + client.login() + except SSHLoginException: + pytest.fail(f"{user} failed to login") + else: + client.logout() + _, stdout = analyzer(multihost, 'show 1 --pam') + assert 'CID #1' in stdout + cmds = ['SSS_PAM_AUTHENTICATE', 'SSS_PAM_AUTHENTICATE', + 'SSS_PAM_ACCT_MGMT', 'SSS_PAM_SETCRED'] + for pam_cmd in cmds: + assert pam_cmd in stdout
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure