def test_sanity_rfc2307_bis(ldap_conn, sanity_rfc2307_bis):
passwd_pattern = ent.contains_only(
dict(name="user1", passwd="*", uid=1001, gid=2001, gecos="1001", dir="/home/user1", shell="/bin/bash"),
dict(name="user2", passwd="*", uid=1002, gid=2002, gecos="1002", dir="/home/user2", shell="/bin/bash"),
dict(name="user3", passwd="*", uid=1003, gid=2003, gecos="1003", dir="/home/user3", shell="/bin/bash"),
)
ent.assert_passwd(passwd_pattern)
group_pattern = ent.contains_only(
dict(name="group1", passwd="*", gid=2001, mem=ent.contains_only()),
dict(name="group2", passwd="*", gid=2002, mem=ent.contains_only()),
dict(name="group3", passwd="*", gid=2003, mem=ent.contains_only()),
dict(name="empty_group1", passwd="*", gid=2010, mem=ent.contains_only()),
dict(name="empty_group2", passwd="*", gid=2011, mem=ent.contains_only()),
dict(name="two_user_group", passwd="*", gid=2012, mem=ent.contains_only("user1", "user2")),
dict(name="group_empty_group", passwd="*", gid=2013, mem=ent.contains_only()),
dict(name="group_two_empty_groups", passwd="*", gid=2014, mem=ent.contains_only()),
dict(name="one_user_group1", passwd="*", gid=2015, mem=ent.contains_only("user1")),
dict(name="one_user_group2", passwd="*", gid=2016, mem=ent.contains_only("user2")),
dict(name="group_one_user_group", passwd="*", gid=2017, mem=ent.contains_only("user1")),
dict(name="group_two_user_group", passwd="*", gid=2018, mem=ent.contains_only("user1", "user2")),
dict(name="group_two_one_user_groups", passwd="*", gid=2019, mem=ent.contains_only("user1", "user2")),
)
ent.assert_group(group_pattern)
with pytest.raises(KeyError):
pwd.getpwnam("non_existent_user")
with pytest.raises(KeyError):
pwd.getpwuid(1)
with pytest.raises(KeyError):
grp.getgrnam("non_existent_group")
with pytest.raises(KeyError):
grp.getgrgid(1)
def test_sanity_rfc2307(ldap_conn, sanity_rfc2307):
passwd_pattern = ent.contains_only(
dict(name='user1', passwd='*', uid=1001, gid=2001, gecos='1001',
dir='/home/user1', shell='/bin/bash'),
dict(name='user2', passwd='*', uid=1002, gid=2002, gecos='1002',
dir='/home/user2', shell='/bin/bash'),
dict(name='user3', passwd='*', uid=1003, gid=2003, gecos='1003',
dir='/home/user3', shell='/bin/bash')
)
ent.assert_passwd(passwd_pattern)
group_pattern = ent.contains_only(
dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()),
dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()),
dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()),
dict(name='empty_group', passwd='*', gid=2010,
mem=ent.contains_only()),
dict(name='two_user_group', passwd='*', gid=2012,
mem=ent.contains_only("user1", "user2"))
)
ent.assert_group(group_pattern)
with pytest.raises(KeyError):
pwd.getpwnam("non_existent_user")
with pytest.raises(KeyError):
pwd.getpwuid(1)
with pytest.raises(KeyError):
grp.getgrnam("non_existent_group")
with pytest.raises(KeyError):
grp.getgrgid(1)
def test_sanity_rfc2307(ldap_conn, sanity_rfc2307):
passwd_pattern = ent.contains_only(
dict(name='user1', passwd='*', uid=1001, gid=2001, gecos='1001',
dir='/home/user1', shell='/bin/bash'),
dict(name='user2', passwd='*', uid=1002, gid=2002, gecos='1002',
dir='/home/user2', shell='/bin/bash'),
dict(name='user3', passwd='*', uid=1003, gid=2003, gecos='1003',
dir='/home/user3', shell='/bin/bash')
)
ent.assert_passwd(passwd_pattern)
group_pattern = ent.contains_only(
dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()),
dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()),
dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()),
dict(name='empty_group', passwd='*', gid=2010,
mem=ent.contains_only()),
dict(name='two_user_group', passwd='*', gid=2012,
mem=ent.contains_only("user1", "user2"))
)
ent.assert_group(group_pattern)
with pytest.raises(KeyError):
pwd.getpwnam("non_existent_user")
with pytest.raises(KeyError):
pwd.getpwuid(1)
with pytest.raises(KeyError):
grp.getgrnam("non_existent_group")
with pytest.raises(KeyError):
grp.getgrgid(1)
def test_ldap_auto_private_groups_enumerate(ldap_conn,
sanity_rfc2307_bis_mpg):
"""
Test the auto_private_groups together with enumeration
"""
passwd_pattern = ent.contains_only(
dict(name='user1', passwd='*', uid=1001, gid=1001, gecos='1001',
dir='/home/user1', shell='/bin/bash'),
dict(name='user2', passwd='*', uid=1002, gid=1002, gecos='1002',
dir='/home/user2', shell='/bin/bash'),
dict(name='user3', passwd='*', uid=1003, gid=1003, gecos='1003',
dir='/home/user3', shell='/bin/bash')
)
ent.assert_passwd(passwd_pattern)
group_pattern = ent.contains_only(
dict(name='user1', passwd='*', gid=1001, mem=ent.contains_only()),
dict(name='user2', passwd='*', gid=1002, mem=ent.contains_only()),
dict(name='user3', passwd='*', gid=1003, mem=ent.contains_only()),
dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()),
dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()),
dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()),
dict(name='empty_group1', passwd='*', gid=2010,
mem=ent.contains_only()),
dict(name='empty_group2', passwd='*', gid=2011,
mem=ent.contains_only()),
dict(name='two_user_group', passwd='*', gid=2012,
mem=ent.contains_only("user1", "user2")),
dict(name='group_empty_group', passwd='*', gid=2013,
mem=ent.contains_only()),
dict(name='group_two_empty_groups', passwd='*', gid=2014,
mem=ent.contains_only()),
dict(name='one_user_group1', passwd='*', gid=2015,
mem=ent.contains_only("user1")),
dict(name='one_user_group2', passwd='*', gid=2016,
mem=ent.contains_only("user2")),
dict(name='group_one_user_group', passwd='*', gid=2017,
mem=ent.contains_only("user1")),
dict(name='group_two_user_group', passwd='*', gid=2018,
mem=ent.contains_only("user1", "user2")),
dict(name='group_two_one_user_groups', passwd='*', gid=2019,
mem=ent.contains_only("user1", "user2"))
)
ent.assert_group(group_pattern)
with pytest.raises(KeyError):
grp.getgrnam("conflict1")
ent.assert_group_by_gid(1002, dict(name="user2", mem=ent.contains_only()))
def test_ldap_auto_private_groups_enumerate(ldap_conn,
sanity_rfc2307_bis_mpg):
"""
Test the auto_private_groups together with enumeration
"""
passwd_pattern = ent.contains_only(
dict(name='user1', passwd='*', uid=1001, gid=1001, gecos='1001',
dir='/home/user1', shell='/bin/bash'),
dict(name='user2', passwd='*', uid=1002, gid=1002, gecos='1002',
dir='/home/user2', shell='/bin/bash'),
dict(name='user3', passwd='*', uid=1003, gid=1003, gecos='1003',
dir='/home/user3', shell='/bin/bash')
)
ent.assert_passwd(passwd_pattern)
group_pattern = ent.contains_only(
dict(name='user1', passwd='*', gid=1001, mem=ent.contains_only()),
dict(name='user2', passwd='*', gid=1002, mem=ent.contains_only()),
dict(name='user3', passwd='*', gid=1003, mem=ent.contains_only()),
dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()),
dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()),
dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()),
dict(name='empty_group1', passwd='*', gid=2010,
mem=ent.contains_only()),
dict(name='empty_group2', passwd='*', gid=2011,
mem=ent.contains_only()),
dict(name='two_user_group', passwd='*', gid=2012,
mem=ent.contains_only("user1", "user2")),
dict(name='group_empty_group', passwd='*', gid=2013,
mem=ent.contains_only()),
dict(name='group_two_empty_groups', passwd='*', gid=2014,
mem=ent.contains_only()),
dict(name='one_user_group1', passwd='*', gid=2015,
mem=ent.contains_only("user1")),
dict(name='one_user_group2', passwd='*', gid=2016,
mem=ent.contains_only("user2")),
dict(name='group_one_user_group', passwd='*', gid=2017,
mem=ent.contains_only("user1")),
dict(name='group_two_user_group', passwd='*', gid=2018,
mem=ent.contains_only("user1", "user2")),
dict(name='group_two_one_user_groups', passwd='*', gid=2019,
mem=ent.contains_only("user1", "user2"))
)
ent.assert_group(group_pattern)
with pytest.raises(KeyError):
grp.getgrnam("conflict1")
ent.assert_group_by_gid(1002, dict(name="user2", mem=ent.contains_only()))
def test_assert_group(users_and_groups):
ent.assert_group(ent.contains())
ent.assert_group(ent.contains(GROUP1))
ent.assert_group(ent.contains_only(*GROUP_LIST))
try:
ent.assert_group(ent.contains(dict(name="group3", gid=2003)))
assert False
except AssertionError as e:
assert re.search("list mismatch:", str(e))
assert re.search("expected groups not found:", str(e))
assert not re.search("unexpected groups found:", str(e))
try:
ent.assert_group(ent.contains_only(GROUP1))
assert False
except AssertionError as e:
assert re.search("list mismatch:", str(e))
assert not re.search("expected groups not found:", str(e))
assert re.search("unexpected groups found:", str(e))
def test_assert_group(users_and_groups):
ent.assert_group(ent.contains())
ent.assert_group(ent.contains(GROUP1))
ent.assert_group(ent.contains_only(*GROUP_LIST))
try:
ent.assert_group(ent.contains(dict(name="group3", gid=2003)))
assert False
except AssertionError as e:
assert re.search("list mismatch:", str(e))
assert re.search("expected groups not found:", str(e))
assert not re.search("unexpected groups found:", str(e))
try:
ent.assert_group(ent.contains_only(GROUP1))
assert False
except AssertionError as e:
assert re.search("list mismatch:", str(e))
assert not re.search("expected groups not found:", str(e))
assert re.search("unexpected groups found:", str(e))
def test_add_remove_group_rfc2307_bis(ldap_conn, blank_rfc2307_bis):
"""Test RFC2307bis group addition and removal are reflected by SSSD"""
e = ldap_ent.group_bis(ldap_conn.ds_inst.base_dn, "group", 2001)
time.sleep(INTERACTIVE_TIMEOUT/2)
# Add the group
ent.assert_group(ent.contains_only())
ldap_conn.add_s(*e)
time.sleep(INTERACTIVE_TIMEOUT)
ent.assert_group(ent.contains_only(dict(name="group", gid=2001)))
# Remove the group
ldap_conn.delete_s(e[0])
time.sleep(INTERACTIVE_TIMEOUT)
ent.assert_group(ent.contains_only())
def test_add_remove_group_rfc2307_bis(ldap_conn, blank_rfc2307_bis):
"""Test RFC2307bis group addition and removal are reflected by SSSD"""
e = ldap_ent.group_bis(ldap_conn.ds_inst.base_dn, "group", 2001)
time.sleep(INTERACTIVE_TIMEOUT / 2)
# Add the group
ent.assert_group(ent.contains_only())
ldap_conn.add_s(*e)
time.sleep(INTERACTIVE_TIMEOUT)
ent.assert_group(ent.contains_only(dict(name="group", gid=2001)))
# Remove the group
ldap_conn.delete_s(e[0])
time.sleep(INTERACTIVE_TIMEOUT)
ent.assert_group(ent.contains_only())
try:
ent.assert_each_group_with_gid([dict(gid=2003)])
assert False
except AssertionError, e:
assert str(e) == "'getgrgid(): gid not found: 2003'"
try:
ent.assert_each_group_with_gid([dict(name="group2", gid=2001)])
assert False
except AssertionError, e:
assert str(e) == \
"group 2001 mismatch: 'name' mismatch: 'group2' != 'group1'"
def test_assert_group(users_and_groups):
ent.assert_group(ent.contains())
ent.assert_group(ent.contains(GROUP1))
ent.assert_group(ent.contains_only(*GROUP_LIST))
try:
ent.assert_group(ent.contains(dict(name="group3", gid=2003)))
assert False
except AssertionError, e:
assert re.search("list mismatch:", str(e))
assert re.search("expected groups not found:", str(e))
assert not re.search("unexpected groups found:", str(e))
try:
ent.assert_group(ent.contains_only(GROUP1))
assert False
except AssertionError, e:
assert re.search("list mismatch:", str(e))
assert not re.search("expected groups not found:", str(e))
assert re.search("unexpected groups found:", str(e))
ent.assert_each_group_with_gid([dict(gid=2003)])
assert False
except AssertionError, e:
assert str(e) == "'getgrgid(): gid not found: 2003'"
try:
ent.assert_each_group_with_gid([dict(name="group2", gid=2001)])
assert False
except AssertionError, e:
assert str(e) == \
"group 2001 mismatch: 'name' mismatch: 'group2' != 'group1'"
def test_assert_group(users_and_groups):
ent.assert_group(ent.contains())
ent.assert_group(ent.contains(GROUP1))
ent.assert_group(ent.contains_only(*GROUP_LIST))
try:
ent.assert_group(ent.contains(dict(name="group3", gid=2003)))
assert False
except AssertionError, e:
assert re.search("list mismatch:", str(e))
assert re.search("expected groups not found:", str(e))
assert not re.search("unexpected groups found:", str(e))
try:
ent.assert_group(ent.contains_only(GROUP1))
assert False
except AssertionError, e:
assert re.search("list mismatch:", str(e))
assert not re.search("expected groups not found:", str(e))
assert re.search("unexpected groups found:", str(e))
