def test_get_valid(topology_st, backend):
"""Test basic get method functionality
:id: d3e5ebf2-5598-41cd-b1fa-ac18d3057f80
:setup: Standalone instance
:steps:
1. Get the backend with suffix
2. Get the backend with backend name
3. Get the backend with backend DN
:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Operation should be successful
"""
backends = Backends(topology_st.standalone)
log.info("Try to get a backend with backend suffix")
d1 = backends.get(NEW_SUFFIX_1_RDN)
topology_st.standalone.log.info("Suffix (%d): backend %s" % (1, d1.dn))
assert d1 is not None
log.info("Try to get a backend with backend name")
d2 = backends.get(BACKEND_NAME_1)
topology_st.standalone.log.info("Backend (%d): backend (%s)" % (1, d2.dn))
assert d2 is not None
log.info("Try to get a backend with backend DN")
d3 = backends.get(dn=backend.dn)
topology_st.standalone.log.info("DN (%d): backend %s" % (1, d3.dn))
assert d3 is not None
def test_ndn_cache_enabled(topo):
"""Test nsslapd-ignore-virtual-attrs configuration attribute
:id: 2caa3ec0-cd05-458e-9e21-3b73cf4697ff
:setup: Standalone instance
:steps:
1. Check the attribute nsslapd-ndn-cache-enabled is present in cn=config
2. Check the attribute nsslapd-ndn-cache-enabled has the default value set as ON
3. Check the attribute nsslapd-ndn-cache-max-size is present in cn=config
4. Check the backend monitor output for Normalized DN cache statistics while nsslapd-ndn-cache-enabled is OFF
5. Set nsslapd-ndn-cache-enabled ON and check the backend monitor output for Normalized DN cache statistics
6. Set invalid value for nsslapd-ndn-cache-enabled
7. Set invalid value for nsslapd-ndn-cache-max-size
:expectedresults:
1. This should be successful
2. This should be successful
3. This should be successful
4. Backend monitor output should not have NDN cache statistics
5. Backend monitor output should have NDN cache statistics
6. This should fail
7. This should fail
"""
log.info("Check the attribute nsslapd-ndn-cache-enabled is present in cn=config")
assert topo.standalone.config.present('nsslapd-ndn-cache-enabled')
log.info("Check the attribute nsslapd-ndn-cache-enabled has the default value set as ON")
assert topo.standalone.config.get_attr_val_utf8('nsslapd-ndn-cache-enabled') == 'on'
log.info("Check the attribute nsslapd-ndn-cache-max-size is present in cn=config")
assert topo.standalone.config.present('nsslapd-ndn-cache-max-size')
backends = Backends(topo.standalone)
backend = backends.get(DEFAULT_BENAME)
log.info("Ticket#49593 : NDN cache stats should be under the global stats - Implemented in 1.4")
log.info("Fetch the monitor value according to the ds version")
if ds_is_older('1.4'):
monitor = backend.get_monitor()
else:
monitor = MonitorLDBM(topo.standalone)
log.info("Check the backend monitor output for Normalized DN cache statistics, "
"while nsslapd-ndn-cache-enabled is off")
topo.standalone.config.set('nsslapd-ndn-cache-enabled', 'off')
topo.standalone.restart()
assert not monitor.present('normalizedDnCacheHits')
log.info("Check the backend monitor output for Normalized DN cache statistics, "
"while nsslapd-ndn-cache-enabled is on")
topo.standalone.config.set('nsslapd-ndn-cache-enabled', 'on')
topo.standalone.restart()
assert monitor.present('normalizedDnCacheHits')
log.info("Set invalid value for nsslapd-ndn-cache-enabled")
with pytest.raises(ldap.OPERATIONS_ERROR):
topo.standalone.config.set('nsslapd-ndn-cache-enabled', 'invalid_value')
log.info("Set invalid value for nsslapd-ndn-cache-max-size")
with pytest.raises(ldap.OPERATIONS_ERROR):
topo.standalone.config.set('nsslapd-ndn-cache-max-size', 'invalid_value')
def test_backend_index(topology_st):
backends = Backends(topology_st.standalone)
ur_backend = backends.get('userRoot')
ur_indexes = ur_backend.get_indexes()
index = ur_indexes.create(properties={
'cn': 'modifytimestamp',
'nsSystemIndex': 'false',
'nsIndexType': 'eq'
})
index_list = ur_indexes.list()
found = False
for i in index_list:
if i.dn.startswith('cn=modifytimestamp'):
found = True
assert found
index.delete()
index_list = ur_indexes.list()
found = False
for i in index_list:
if i.dn.startswith('cn=modifytimestamp'):
found = True
assert not found
def test_49290_range_unindexed_notes(topology_st):
"""
Ticket 49290 had a small collection of issues - the primary issue is
that range requests on an attribute that is unindexed was not reporting
notes=U. This asserts that:
* When unindexed, the attr shows notes=U
* when indexed, the attr does not
"""
# First, assert that modifyTimestamp does not have an index. If it does,
# delete it.
topology_st.standalone.config.set('nsslapd-accesslog-logbuffering', 'off')
backends = Backends(topology_st.standalone)
backend = backends.get(DEFAULT_BENAME)
indexes = backend.get_indexes()
for i in indexes.list():
i_cn = i.get_attr_val_utf8('cn')
if i_cn.lower() == 'modifytimestamp':
i.delete()
topology_st.standalone.restart()
# Now restart the server, and perform a modifyTimestamp range operation.
# in access, we should see notes=U (or notes=A)
results = topology_st.standalone.search_s(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
'(modifyTimestamp>=0)', [
'nsUniqueId',
])
access_lines_unindexed = topology_st.standalone.ds_access_log.match(
'.*notes=U.*')
assert len(access_lines_unindexed) == 1
# Now add the modifyTimestamp index and run db2index. This will restart
# the server
indexes.create(properties={
'cn': 'modifytimestamp',
'nsSystemIndex': 'false',
'nsIndexType': 'eq',
})
topology_st.standalone.stop()
assert topology_st.standalone.db2index(DEFAULT_BENAME,
attrs=['modifytimestamp'])
topology_st.standalone.start()
# Now run the modifyTimestamp range query again. Assert that there is no
# notes=U/A in the log
results = topology_st.standalone.search_s(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
'(modifyTimestamp>=0)', [
'nsUniqueId',
])
access_lines_indexed = topology_st.standalone.ds_access_log.match(
'.*notes=U.*')
# Remove the old lines too.
access_lines_final = set(access_lines_unindexed) - set(
access_lines_indexed)
# Make sure we have no unindexed notes in the log.
assert len(access_lines_final) == 0
def test_ruv_after_reindex(topo):
"""Test that the tombstone RUV entry is not corrupted after a reindex task
:id: 988c0fab-1905-4dc5-a45d-fbf195843a33
:setup: 2 suppliers
:steps:
1. Reindex database
2. Perform some updates
3. Check error log does not have "_entryrdn_insert_key" errors
:expectedresults:
1. Success
2. Success
3. Success
"""
inst = topo.ms['supplier1']
suffix = Domain(inst, "ou=people," + DEFAULT_SUFFIX)
backends = Backends(inst)
backend = backends.get(DEFAULT_BENAME)
# Reindex nsuniqueid
backend.reindex(attrs=['nsuniqueid'], wait=True)
# Do some updates
for idx in range(0, 5):
suffix.replace('description', str(idx))
# Check error log for RUV entryrdn errors. Stopping instance forces RUV
# to be written and quickly exposes the error
inst.stop()
assert not inst.searchErrorsLog("entryrdn_insert_key")
def test_healthcheck_virtual_attr_incorrectly_indexed(topology_st):
"""Check if HealthCheck returns DSVIRTLE0001 code
:id: 1055173b-21aa-4aaa-9e91-4dc6c5e0c01f
:setup: Standalone instance
:steps:
1. Create DS instance
2. Create a CoS definition entry
3. Create the matching CoS template entry, with postalcode as virtual attribute
4. Create an index for postalcode
5. Use HealthCheck without --json option
6. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Healthcheck reports DSVIRTLE0001 code and related details
6. Healthcheck reports DSVIRTLE0001 code and related details
"""
RET_CODE = 'DSVIRTLE0001'
standalone = topology_st.standalone
postal_index_properties = {
'cn': 'postalcode',
'nsSystemIndex': 'False',
'nsIndexType': ['eq', 'sub', 'pres'],
}
log.info(
'Add cosPointer, cosTemplate and test entry to default suffix, where virtual attribute is postal code'
)
cos_pointer_properties = {
'cn': 'cosPointer',
'description': 'cosPointer example',
'cosTemplateDn': 'cn=cosTemplateExample,ou=People,dc=example,dc=com',
'cosAttribute': 'postalcode',
}
cos_pointer_definitions = CosPointerDefinitions(standalone, DEFAULT_SUFFIX,
'ou=People')
cos_pointer_definitions.create(properties=cos_pointer_properties)
log.info('Create CoS template')
cos_template_properties = {'cn': 'cosTemplateExample', 'postalcode': '117'}
cos_templates = CosTemplates(standalone, DEFAULT_SUFFIX, 'ou=People')
cos_templates.create(properties=cos_template_properties)
log.info('Create an index for postalcode')
backends = Backends(topology_st.standalone)
ur_indexes = backends.get('userRoot').get_indexes()
ur_indexes.create(properties=postal_index_properties)
run_healthcheck_and_flush_log(topology_st,
standalone,
RET_CODE,
json=False)
run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=True)
def backend_monitor(inst, basedn, log, args):
bes = Backends(inst)
if args.backend:
be = bes.get(args.backend)
be_monitor = be.get_monitor()
_format_status(log, be_monitor, args.json)
else:
for be in bes.list():
be_monitor = be.get_monitor()
_format_status(log, be_monitor, args.json)
def test_get_invalid(topology_st, backend):
"""Test the invalid situations while using get method
:id: c5028350-1381-4d6d-82b8-4959a9b82964
:setup: Standalone instance
:steps:
1. Get the backend with invalid suffix
2. Get the backend with invalid backend name
3. Get the backend with invalid backend DN
:expectedresults:
1. No such object error should be raised
2. No such object error should be raised
3. No such object error should be raised
"""
backends = Backends(topology_st.standalone)
log.info("Try to get the backend with invalid backend suffix")
with pytest.raises(ldap.NO_SUCH_OBJECT):
backends.get(NEW_SUFFIX_2_RDN)
log.info("Try to get the backend with invalid backend name")
with pytest.raises(ldap.NO_SUCH_OBJECT):
backends.get(DUMMY_BACKEND)
log.info("Try to get the backend with invalid backend DN")
with pytest.raises(ldap.NO_SUCH_OBJECT):
backends.get(dn=DUMMY_BACKEND_DN)
def assert_data_present(inst):
# Do we have the backend marker?
d = Domain(inst, DEFAULT_SUFFIX)
try:
desc = d.get_attr_val_utf8('description')
if desc == TEST_MARKER:
return
except:
# Just reset everything.
pass
# Reset the backends
bes = Backends(inst)
try:
be = bes.get(DEFAULT_SUFFIX)
be.delete()
except:
pass
be = bes.create(properties={
'nsslapd-suffix': DEFAULT_SUFFIX,
'cn': 'userRoot',
})
be.create_sample_entries('001004002')
# Load our data
# We can't use dbgen as that relies on local access :(
# Add 40,000 groups
groups = Groups(inst, DEFAULT_SUFFIX)
for i in range(1, GROUP_MAX):
rdn = 'group_{0:07d}'.format(i)
groups.create(properties={
'cn': rdn,
})
# Add 60,000 users
users = nsUserAccounts(inst, DEFAULT_SUFFIX)
for i in range(1, USER_MAX):
rdn = 'user_{0:07d}'.format(i)
users.create(
properties={
'uid': rdn,
'cn': rdn,
'displayName': rdn,
'uidNumber': '%s' % i,
'gidNumber': '%s' % i,
'homeDirectory': '/home/%s' % rdn,
'userPassword': rdn,
})
# Add the marker
d.replace('description', TEST_MARKER)
def _gen_db_plan(self):
# Create/Manage dbs
# Get the set of current dbs.
backends = Backends(self.inst)
for db in self.olconfig.databases:
# Get the suffix
suffix = db.suffix
try:
# Do we have a db with that suffix already?
be = backends.get(suffix)
self._gen_be_exist_plan(db, be)
except ldap.NO_SUCH_OBJECT:
self._gen_be_create_plan(db)
self._gen_plugin_plan(db)
def test_set_cachememsize_to_custom_value(topo):
"""Test if value nsslapd-cachememsize remains set
at the custom setting of value above 3805132804 bytes
after changing the value to 9100100100 bytes
:id: 8a3efc00-65a9-4ee7-b8ee-e35840991ea9
:setup: Standalone Instance
:steps:
1. Disable in the cn=config,cn=ldbm database,cn=plugins,cn=config:
nsslapd-cache-autosize by setting it to 0
2. Disable in the cn=config,cn=ldbm database,cn=plugins,cn=config:
nsslapd-cache-autosize-split by setting it to 0
3. Restart the instance
4. Set in the cn=UserRoot,cn=ldbm database,cn=plugins,cn=config:
nsslapd-cachememsize: CUSTOM_MEM
:expectedresults:
1. nsslapd-cache-autosize is successfully disabled
2. nsslapd-cache-autosize-split is successfully disabled
3. The instance should be successfully restarted
4. nsslapd-cachememsize is successfully set
"""
config_ldbm = LDBMConfig(topo.standalone)
backends = Backends(topo.standalone)
userroot_ldbm = backends.get("userroot")
log.info("Disabling nsslapd-cache-autosize by setting it to 0")
assert config_ldbm.set('nsslapd-cache-autosize', '0')
log.info("Disabling nsslapd-cache-autosize-split by setting it to 0")
assert config_ldbm.set('nsslapd-cache-autosize-split', '0')
log.info("Restarting instance")
topo.standalone.restart()
log.info("Instance restarted successfully")
log.info("Set nsslapd-cachememsize to value {}".format(CUSTOM_MEM))
assert userroot_ldbm.set('nsslapd-cachememsize', CUSTOM_MEM)
def post(self, inst):
bes = Backends(inst)
be = bes.get(self.suffix)
be.reindex(wait=True)
def test_reindex_task_creates_abandoned_index_file(topo):
"""
Recreating an index for the same attribute but changing
the case of for example 1 letter, results in abandoned indexfile
:id: 07ae5274-481a-4fa8-8074-e0de50d89ac6
:customerscenario: True
:setup: Standalone instance
:steps:
1. Create a user object with additional attributes:
objectClass: mozillaabpersonalpha
mozillaCustom1: xyz
2. Add an index entry mozillacustom1
3. Reindex the backend
4. Check the content of the index (after it has been flushed to disk) mozillacustom1.db
5. Remove the index
6. Notice the mozillacustom1.db is removed
7. Recreate the index but now use the exact case as mentioned in the schema
8. Reindex the backend
9. Check the content of the index (after it has been flushed to disk) mozillaCustom1.db
10. Check that an ldapsearch does not return a result (mozillacustom1=xyz)
11. Check that an ldapsearch returns the results (mozillaCustom1=xyz)
12. Restart the instance
13. Notice that an ldapsearch does not return a result(mozillacustom1=xyz)
14. Check that an ldapsearch does not return a result (mozillacustom1=xyz)
15. Check that an ldapsearch returns the results (mozillaCustom1=xyz)
16. Reindex the backend
17. Notice the second indexfile for this attribute
18. Check the content of the index (after it has been flushed to disk) no mozillacustom1.db
19. Check the content of the index (after it has been flushed to disk) mozillaCustom1.db
:expectedresults:
1. Should Success.
2. Should Success.
3. Should Success.
4. Should Success.
5. Should Success.
6. Should Success.
7. Should Success.
8. Should Success.
9. Should Success.
10. Should Success.
11. Should Success.
12. Should Success.
13. Should Success.
14. Should Success.
15. Should Success.
16. Should Success.
17. Should Success.
18. Should Success.
19. Should Success.
"""
inst = topo.standalone
attr_name = "mozillaCustom1"
attr_value = "xyz"
users = UserAccounts(inst, DEFAULT_SUFFIX)
user = users.create_test_user()
user.add("objectClass", "mozillaabpersonalpha")
user.add(attr_name, attr_value)
backends = Backends(inst)
backend = backends.get(DEFAULT_BENAME)
indexes = backend.get_indexes()
index = indexes.create(
properties={
'cn': attr_name.lower(),
'nsSystemIndex': 'false',
'nsIndexType': ['eq', 'pres']
})
backend.reindex()
time.sleep(3)
assert os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name.lower()}.db")
index.delete()
assert not os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name.lower()}.db")
index = indexes.create(properties={
'cn': attr_name,
'nsSystemIndex': 'false',
'nsIndexType': ['eq', 'pres']
})
backend.reindex()
time.sleep(3)
assert not os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name.lower()}.db")
assert os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name}.db")
entries = inst.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE,
f"{attr_name}={attr_value}")
assert len(entries) > 0
inst.restart()
entries = inst.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE,
f"{attr_name}={attr_value}")
assert len(entries) > 0
backend.reindex()
time.sleep(3)
assert not os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name.lower()}.db")
assert os.path.exists(
f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name}.db")
def test_be_delete(topo):
"""Test that we can delete a backend that contains replication
configuration and encrypted attributes. The default naming
context should also be updated to reflect the next available suffix
:id: 5208f897-7c95-4925-bad0-9ceb95fee678
:setup: Master Instance
:steps:
1. Create second backend/suffix
2. Add an encrypted attribute to the default suffix
3. Delete default suffix
4. Check the nsslapd-defaultnamingcontext is updated
5. Delete the last backend
6. Check the namingcontext has not changed
7. Add new backend
8. Set default naming context
9. Verify the naming context is correct
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""
inst = topo.ms["master1"]
# Create second suffix
backends = Backends(inst)
default_backend = backends.get(DEFAULT_SUFFIX)
new_backend = backends.create(properties={
'nsslapd-suffix': SECOND_SUFFIX,
'name': 'namingRoot'
})
# Add encrypted attribute entry under default suffix
encrypt_attrs = EncryptedAttrs(inst,
basedn='cn=encrypted attributes,{}'.format(
default_backend.dn))
encrypt_attrs.create(properties={
'cn': 'employeeNumber',
'nsEncryptionAlgorithm': 'AES'
})
# Delete default suffix
default_backend.delete()
# Check that the default naming context is set to the new/second suffix
default_naming_ctx = inst.config.get_attr_val_utf8(
'nsslapd-defaultnamingcontext')
assert default_naming_ctx == SECOND_SUFFIX
# delete new backend, but the naming context should not change
new_backend.delete()
# Check that the default naming context is still set to the new/second suffix
default_naming_ctx = inst.config.get_attr_val_utf8(
'nsslapd-defaultnamingcontext')
assert default_naming_ctx == SECOND_SUFFIX
# Add new backend
new_backend = backends.create(properties={
'nsslapd-suffix': THIRD_SUFFIX,
'name': 'namingRoot2'
})
# manaully set naming context
inst.config.set('nsslapd-defaultnamingcontext', THIRD_SUFFIX)
# Verify naming context is correct
default_naming_ctx = inst.config.get_attr_val_utf8(
'nsslapd-defaultnamingcontext')
assert default_naming_ctx == THIRD_SUFFIX
def test_mail_attr_repl(topo_r):
"""Check that no crash happens during mail attribute replication
:id: 959edc84-05be-4bf9-a541-53afae482052
:setup: Replication setup with master and consumer instances,
test user on master
:steps:
1. Check that user was replicated to consumer
2. Back up mail database file
3. Remove mail attribute from the user entry
4. Restore mail database
5. Search for the entry with a substring 'mail=user*'
6. Search for the entry once again to make sure that server is alive
:expectedresults:
1. The user should be replicated to consumer
2. Operation should be successful
3. The mail attribute should be removed
4. Operation should be successful
5. Search should be successful
6. No crash should happen
"""
master = topo_r.ms["master1"]
consumer = topo_r.cs["consumer1"]
repl = ReplicationManager(DEFAULT_SUFFIX)
m_users = UserAccounts(topo_r.ms["master1"], DEFAULT_SUFFIX)
m_user = m_users.ensure_state(properties=TEST_USER_PROPERTIES)
m_user.ensure_present('mail', '*****@*****.**')
log.info("Check that replication is working")
repl.wait_for_replication(master, consumer)
c_users = UserAccounts(topo_r.cs["consumer1"], DEFAULT_SUFFIX)
c_user = c_users.get('testuser')
c_bes = Backends(consumer)
c_be = c_bes.get(DEFAULT_SUFFIX)
db_dir = c_be.get_attr_val_utf8('nsslapd-directory')
mail_db = list(filter(lambda fl: fl.startswith("mail"),
os.listdir(db_dir)))
assert mail_db, "mail.* wasn't found in {}"
mail_db_path = os.path.join(db_dir, mail_db[0])
backup_path = os.path.join(DEFAULT_BACKUPDIR, mail_db[0])
consumer.stop()
log.info("Back up {} to {}".format(mail_db_path, backup_path))
shutil.copyfile(mail_db_path, backup_path)
consumer.start()
log.info("Remove 'mail' attr from master")
m_user.remove_all('mail')
log.info("Wait for the replication to happen")
repl.wait_for_replication(master, consumer)
consumer.stop()
log.info("Restore {} to {}".format(backup_path, mail_db_path))
shutil.copyfile(backup_path, mail_db_path)
consumer.start()
log.info("Make a search for mail attribute in attempt to crash server")
c_user.get_attr_val("mail")
log.info("Make sure that server hasn't crashed")
repl.test_replication(master, consumer)