Ejemplo n.º 1
0
def memberof_show_config(inst, basedn, log, args):
    log = log.getChild('memberof_show_config')
    targetdn = args.DN
    config = MemberOfSharedConfig(inst, targetdn)

    if not config.exists():
        raise ldap.NO_SUCH_OBJECT("Entry %s doesn't exists" % targetdn)
    if args and args.json:
        o_str = config.get_all_attrs_json()
        log.info(o_str)
    else:
        log.info(config.display())
Ejemplo n.º 2
0
def test_sync_repl_cookie_with_failure(topology, request):
    """Test sync_repl cookie are progressing is the right order
       when there is a failure in nested updates

    :id: e0103448-170e-4080-8f22-c34606447ce2
    :setup: Standalone Instance
    :steps:
      1.: enable retroCL
      2.: configure retroCL to log nsuniqueid as targetUniqueId
      3.: enable content_sync plugin
      4.: enable automember
      5.: create (4) groups.
          make group2 groupOfUniqueNames so the automember
          will fail to add 'member' (uniqueMember expected)
      6.: configure automember to provision those groups with 'member'
      7.: enable and configure memberof plugin
      8.: enable plugin log level
      9.: restart the server
      10.: create a thread dedicated to run a sync repl client
      11.: Create a group that will be the only update received by sync repl client
      12.: Create (9) users that will generate nested updates (automember/memberof)
      13.: stop sync repl client and collect the list of cookie.change_no
      14.: check that the list of cookie.change_no contains only the group 'step 11'
    :expectedresults:
      1.: succeeds
      2.: succeeds
      3.: succeeds
      4.: succeeds
      5.: succeeds
      6.: succeeds
      7.: succeeds
      8.: succeeds
      9.: succeeds
      10.: succeeds
      11.: succeeds
      12.: Fails (expected)
      13.: succeeds
      14.: succeeds
    """
    inst = topology[0]

    # Enable/configure retroCL
    plugin = RetroChangelogPlugin(inst)
    plugin.disable()
    plugin.enable()
    plugin.set('nsslapd-attribute', 'nsuniqueid:targetuniqueid')

    # Enable sync plugin
    plugin = ContentSyncPlugin(inst)
    plugin.enable()

    # Enable automember
    plugin = AutoMembershipPlugin(inst)
    plugin.disable()
    plugin.enable()

    # Add the automember group
    groups = Groups(inst, DEFAULT_SUFFIX)
    group = []
    for i in range(1, 5):
        group.append(groups.create(properties={'cn': 'group%d' % i}))

    # Set group2 as a groupOfUniqueNames so that automember will fail to update that group
    # This will trigger a failure in internal MOD and a failure to add member
    group[1].replace('objectclass', 'groupOfUniqueNames')

    # Add the automember config entry
    am_configs = AutoMembershipDefinitions(inst)
    for g in group:
        am_config = am_configs.create(
            properties={
                'cn': 'config %s' % g.get_attr_val_utf8('cn'),
                'autoMemberScope': DEFAULT_SUFFIX,
                'autoMemberFilter': 'uid=*',
                'autoMemberDefaultGroup': g.dn,
                'autoMemberGroupingAttr': 'member:dn'
            })

    # Enable and configure memberof plugin
    plugin = MemberOfPlugin(inst)
    plugin.disable()
    plugin.enable()

    plugin.replace_groupattr('member')

    memberof_config = MemberOfSharedConfig(
        inst, 'cn=memberOf config,{}'.format(DEFAULT_SUFFIX))
    memberof_config.create(
        properties={
            'cn': 'memberOf config',
            'memberOfGroupAttr': 'member',
            'memberOfAttr': 'memberof'
        })

    # Enable plugin log level (usefull for debug)
    inst.setLogLevel(65536)
    inst.restart()

    # create a sync repl client and wait 5 seconds to be sure it is running
    sync_repl = Sync_persist(inst)
    sync_repl.start()
    time.sleep(5)

    # Add a test group just to check that sync_repl receives only one update
    group.append(groups.create(properties={'cn': 'group%d' % 10}))

    # create users, that automember/memberof will generate nested updates
    users = UserAccounts(inst, DEFAULT_SUFFIX)
    users_set = []
    for i in range(1000, 1010):
        try:
            users_set.append(users.create_test_user(uid=i))
            # Automember should fail to add uid=1000 in group2
            assert (False)
        except ldap.UNWILLING_TO_PERFORM:
            pass

    # stop the server to get the sync_repl result set (exit from while loop).
    # Only way I found to acheive that.
    # and wait a bit to let sync_repl thread time to set its result before fetching it.
    inst.stop()
    time.sleep(10)
    cookies = sync_repl.get_result()

    # checking that the cookie list contains only one entry
    assert len(cookies) == 1
    prev = 0
    for cookie in cookies:
        log.info('Check cookie %s' % cookie)

        assert int(cookie) > 0
        assert int(cookie) < 1000
        assert int(cookie) > prev
        prev = int(cookie)
    sync_repl.join()
    log.info('test_sync_repl_cookie_with_failure: PASS\n')

    def fin():
        inst.restart()
        for user in users_set:
            try:
                user.delete()
            except:
                pass
        for g in group:
            try:
                g.delete()
            except:
                pass

    request.addfinalizer(fin)
Ejemplo n.º 3
0
def test_sync_repl_cookie_add_del(topology, request):
    """Test sync_repl cookie are progressing is an increasing order
       when there add and del

    :id: 83e11038-6ed0-4a5b-ac77-e44887ab11e3
    :setup: Standalone Instance
    :steps:
      1.: enable retroCL
      2.: configure retroCL to log nsuniqueid as targetUniqueId
      3.: enable content_sync plugin
      4.: enable automember
      5.: create (2) groups. Few groups can help to reproduce the concurrent updates problem.
      6.: configure automember to provision those groups with 'member'
      7.: enable and configure memberof plugin
      8.: enable plugin log level
      9.: restart the server
      10.: create a thread dedicated to run a sync repl client
      11.: Create (3) users that will generate nested updates (automember/memberof)
      12.: Delete (3) users
      13.: stop sync repl client and collect the list of cookie.change_no
      14.: check that cookies.change_no are in increasing order
    :expectedresults:
      1.: succeeds
      2.: succeeds
      3.: succeeds
      4.: succeeds
      5.: succeeds
      6.: succeeds
      7.: succeeds
      8.: succeeds
      9.: succeeds
      10.: succeeds
      11.: succeeds
      12.: succeeds
      13.: succeeds
      14.: succeeds
    """
    inst = topology[0]

    # Enable/configure retroCL
    plugin = RetroChangelogPlugin(inst)
    plugin.disable()
    plugin.enable()
    plugin.set('nsslapd-attribute', 'nsuniqueid:targetuniqueid')

    # Enable sync plugin
    plugin = ContentSyncPlugin(inst)
    plugin.enable()

    # Enable automember
    plugin = AutoMembershipPlugin(inst)
    plugin.disable()
    plugin.enable()

    # Add the automember group
    groups = Groups(inst, DEFAULT_SUFFIX)
    group = []
    for i in range(1, 3):
        group.append(groups.create(properties={'cn': 'group%d' % i}))

    # Add the automember config entry
    am_configs = AutoMembershipDefinitions(inst)
    for g in group:
        am_config = am_configs.create(
            properties={
                'cn': 'config %s' % g.get_attr_val_utf8('cn'),
                'autoMemberScope': DEFAULT_SUFFIX,
                'autoMemberFilter': 'uid=*',
                'autoMemberDefaultGroup': g.dn,
                'autoMemberGroupingAttr': 'member:dn'
            })

    # Enable and configure memberof plugin
    plugin = MemberOfPlugin(inst)
    plugin.disable()
    plugin.enable()

    plugin.replace_groupattr('member')

    memberof_config = MemberOfSharedConfig(
        inst, 'cn=memberOf config,{}'.format(DEFAULT_SUFFIX))
    memberof_config.create(
        properties={
            'cn': 'memberOf config',
            'memberOfGroupAttr': 'member',
            'memberOfAttr': 'memberof'
        })
    # Enable plugin log level (usefull for debug)
    inst.setLogLevel(65536)
    inst.restart()

    # create a sync repl client and wait 5 seconds to be sure it is running
    sync_repl = Sync_persist(inst)
    sync_repl.start()
    time.sleep(5)

    # create users, that automember/memberof will generate nested updates
    users = UserAccounts(inst, DEFAULT_SUFFIX)
    users_set = []
    for i in range(10001, 10004):
        users_set.append(users.create_test_user(uid=i))

    time.sleep(10)
    # delete users, that automember/memberof will generate nested updates
    for user in users_set:
        user.delete()
    # stop the server to get the sync_repl result set (exit from while loop).
    # Only way I found to acheive that.
    # and wait a bit to let sync_repl thread time to set its result before fetching it.
    inst.stop()
    cookies = sync_repl.get_result()

    # checking that the cookie are in increasing and in an acceptable range (0..1000)
    assert len(cookies) > 0
    prev = 0
    for cookie in cookies:
        log.info('Check cookie %s' % cookie)

        assert int(cookie) > 0
        assert int(cookie) < 1000
        assert int(cookie) > prev
        prev = int(cookie)
    sync_repl.join()
    log.info('test_sync_repl_cookie_add_del: PASS\n')

    def fin():
        inst.restart()
        for g in group:
            try:
                g.delete()
            except:
                pass

    request.addfinalizer(fin)

    return
Ejemplo n.º 4
0
def memberof_del_config(inst, basedn, log, args):
    log = log.getChild('memberof_del_config')
    targetdn = args.DN
    config = MemberOfSharedConfig(inst, targetdn)
    config.delete()
    log.info("Successfully deleted the %s", targetdn)
Ejemplo n.º 5
0
def memberof_edit_config(inst, basedn, log, args):
    log = log.getChild('memberof_edit_config')
    targetdn = args.DN
    config = MemberOfSharedConfig(inst, targetdn)
    generic_object_edit(config, log, args, arg_to_attr)
Ejemplo n.º 6
0
def init_sync_repl_plugins(topology, request):
    """Prepare test environment (retroCL/sync_repl/
    automember/memberof) and cleanup at the end of the test
      1.: enable retroCL
      2.: configure retroCL to log nsuniqueid as targetUniqueId
      3.: enable content_sync plugin
      4.: enable automember
      5.: create (2) groups. Few groups can help to reproduce the concurrent updates problem.
      6.: configure automember to provision those groups with 'member'
      7.: enable and configure memberof plugin
      8.: enable plugin log level
      9.: restart the server
      """
    inst = topology[0]
    inst.restart()

    # Enable/configure retroCL
    plugin = RetroChangelogPlugin(inst)
    plugin.disable()
    plugin.enable()
    plugin.set('nsslapd-attribute', 'nsuniqueid:targetuniqueid')

    # Enable sync plugin
    plugin = ContentSyncPlugin(inst)
    plugin.enable()

    # Enable automember
    plugin = AutoMembershipPlugin(inst)
    plugin.disable()
    plugin.enable()

    # Add the automember group
    groups = Groups(inst, DEFAULT_SUFFIX)
    group = []
    for i in range(1, 5):
        group.append(groups.create(properties={'cn': 'group%d' % i}))

    # Add the automember config entry
    am_configs = AutoMembershipDefinitions(inst)
    am_configs_cleanup = []
    for g in group:
        am_config = am_configs.create(
            properties={
                'cn': 'config %s' % g.get_attr_val_utf8('cn'),
                'autoMemberScope': DEFAULT_SUFFIX,
                'autoMemberFilter': 'uid=*',
                'autoMemberDefaultGroup': g.dn,
                'autoMemberGroupingAttr': 'member:dn'
            })
        am_configs_cleanup.append(am_config)

    # Enable and configure memberof plugin
    plugin = MemberOfPlugin(inst)
    plugin.disable()
    plugin.enable()

    plugin.replace_groupattr('member')

    memberof_config = MemberOfSharedConfig(
        inst, 'cn=memberOf config,{}'.format(DEFAULT_SUFFIX))
    try:
        memberof_config.create(
            properties={
                'cn': 'memberOf config',
                'memberOfGroupAttr': 'member',
                'memberOfAttr': 'memberof'
            })
    except ldap.ALREADY_EXISTS:
        pass

    # Enable plugin log level (usefull for debug)
    inst.setLogLevel(65536)
    inst.restart()

    def fin():
        inst.restart()
        for am_config in am_configs_cleanup:
            am_config.delete()
        for g in group:
            try:
                g.delete()
            except:
                pass

    request.addfinalizer(fin)