def test_sanity_rfc2307_bis(ldap_conn, sanity_rfc2307_bis): passwd_pattern = ent.contains_only( dict(name="user1", passwd="*", uid=1001, gid=2001, gecos="1001", dir="/home/user1", shell="/bin/bash"), dict(name="user2", passwd="*", uid=1002, gid=2002, gecos="1002", dir="/home/user2", shell="/bin/bash"), dict(name="user3", passwd="*", uid=1003, gid=2003, gecos="1003", dir="/home/user3", shell="/bin/bash"), ) ent.assert_passwd(passwd_pattern) group_pattern = ent.contains_only( dict(name="group1", passwd="*", gid=2001, mem=ent.contains_only()), dict(name="group2", passwd="*", gid=2002, mem=ent.contains_only()), dict(name="group3", passwd="*", gid=2003, mem=ent.contains_only()), dict(name="empty_group1", passwd="*", gid=2010, mem=ent.contains_only()), dict(name="empty_group2", passwd="*", gid=2011, mem=ent.contains_only()), dict(name="two_user_group", passwd="*", gid=2012, mem=ent.contains_only("user1", "user2")), dict(name="group_empty_group", passwd="*", gid=2013, mem=ent.contains_only()), dict(name="group_two_empty_groups", passwd="*", gid=2014, mem=ent.contains_only()), dict(name="one_user_group1", passwd="*", gid=2015, mem=ent.contains_only("user1")), dict(name="one_user_group2", passwd="*", gid=2016, mem=ent.contains_only("user2")), dict(name="group_one_user_group", passwd="*", gid=2017, mem=ent.contains_only("user1")), dict(name="group_two_user_group", passwd="*", gid=2018, mem=ent.contains_only("user1", "user2")), dict(name="group_two_one_user_groups", passwd="*", gid=2019, mem=ent.contains_only("user1", "user2")), ) ent.assert_group(group_pattern) with pytest.raises(KeyError): pwd.getpwnam("non_existent_user") with pytest.raises(KeyError): pwd.getpwuid(1) with pytest.raises(KeyError): grp.getgrnam("non_existent_group") with pytest.raises(KeyError): grp.getgrgid(1)
def test_override_shell(override_shell): """Test the effect of the "override_shell" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_shell_A", uid=1001, shell="/bin/B"), dict(name="user_with_shell_B", uid=1002, shell="/bin/B"), dict(name="user_with_empty_shell", uid=1003, shell="/bin/B")))
def test_sanity_rfc2307(ldap_conn, sanity_rfc2307): passwd_pattern = ent.contains_only( dict(name='user1', passwd='*', uid=1001, gid=2001, gecos='1001', dir='/home/user1', shell='/bin/bash'), dict(name='user2', passwd='*', uid=1002, gid=2002, gecos='1002', dir='/home/user2', shell='/bin/bash'), dict(name='user3', passwd='*', uid=1003, gid=2003, gecos='1003', dir='/home/user3', shell='/bin/bash') ) ent.assert_passwd(passwd_pattern) group_pattern = ent.contains_only( dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()), dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()), dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()), dict(name='empty_group', passwd='*', gid=2010, mem=ent.contains_only()), dict(name='two_user_group', passwd='*', gid=2012, mem=ent.contains_only("user1", "user2")) ) ent.assert_group(group_pattern) with pytest.raises(KeyError): pwd.getpwnam("non_existent_user") with pytest.raises(KeyError): pwd.getpwuid(1) with pytest.raises(KeyError): grp.getgrnam("non_existent_group") with pytest.raises(KeyError): grp.getgrgid(1)
def test_fallback_homedir(fallback_homedir): """Test the effect of the "fallback_homedir" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_homedir_A", uid=1001, dir="/home/A"), dict(name="user_with_homedir_B", uid=1002, dir="/home/B"), dict(name="user_with_empty_homedir", uid=1003, dir="/home/B")))
def test_default_shell(default_shell): """Test the effect of the "default_shell" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_sh_shell", uid=1001, shell="/bin/sh"), dict(name="user_with_not_installed_shell", uid=1002, shell="/bin/fallback"), dict(name="user_with_empty_shell", uid=1003, shell="/bin/default"), ) )
def test_override_shell(override_shell): """Test the effect of the "override_shell" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_shell_A", uid=1001, shell="/bin/B"), dict(name="user_with_shell_B", uid=1002, shell="/bin/B"), dict(name="user_with_empty_shell", uid=1003, shell="/bin/B"), ) )
def test_fallback_homedir(fallback_homedir): """Test the effect of the "fallback_homedir" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_homedir_A", uid=1001, dir="/home/A"), dict(name="user_with_homedir_B", uid=1002, dir="/home/B"), dict(name="user_with_empty_homedir", uid=1003, dir="/home/B"), ) )
def test_some_empty(some_empty): """Test "some" scope with no users or groups""" ent.assert_passwd( ent.contains_only( dict(name="user1", uid=1001, shell="/bin/sh1"), dict(name="user2", uid=1002, shell="/bin/sh2"), dict(name="user3", uid=1003, shell="/bin/sh3"), dict(name="user4", uid=1004, shell="/bin/sh4"), ))
def test_none(none): """Test "none" scope""" ent.assert_passwd( ent.contains_only( dict(name="user1", uid=1001, shell="/bin/sh1"), dict(name="user2", uid=1002, shell="/bin/sh2"), dict(name="user3", uid=1003, shell="/bin/sh3"), dict(name="user4", uid=1004, shell="/bin/sh4"), ))
def test_vetoed_shells(vetoed_shells): """Test the effect of the "vetoed_shells" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_sh_shell", uid=1001, shell="/bin/sh"), dict(name="user_with_vetoed_shell", uid=1002, shell="/bin/fallback"), dict(name="user_with_empty_shell", uid=1003, shell="/bin/default"), ) )
def test_shell_fallback(shell_fallback): """Test the effect of the "shell_fallback" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_sh_shell", uid=1001, shell="/bin/sh"), dict(name="user_with_not_installed_shell", uid=1002, shell="/bin/fallback"), dict(name="user_with_empty_shell", uid=1003, shell="")))
def test_vetoed_shells(vetoed_shells): """Test the effect of the "vetoed_shells" option""" ent.assert_passwd( ent.contains_only( dict(name="user_with_sh_shell", uid=1001, shell="/bin/sh"), dict(name="user_with_vetoed_shell", uid=1002, shell="/bin/fallback"), dict(name="user_with_empty_shell", uid=1003, shell="/bin/default")))
def test_some_empty(some_empty): """Test "some" scope with no users or groups""" ent.assert_passwd( ent.contains_only( dict(name="user1", uid=1001, shell="/bin/sh1"), dict(name="user2", uid=1002, shell="/bin/sh2"), dict(name="user3", uid=1003, shell="/bin/sh3"), dict(name="user4", uid=1004, shell="/bin/sh4"), ) )
def test_none(none): """Test "none" scope""" ent.assert_passwd( ent.contains_only( dict(name="user1", uid=1001, shell="/bin/sh1"), dict(name="user2", uid=1002, shell="/bin/sh2"), dict(name="user3", uid=1003, shell="/bin/sh3"), dict(name="user4", uid=1004, shell="/bin/sh4"), ) )
def test_ldap_auto_private_groups_enumerate(ldap_conn, sanity_rfc2307_bis_mpg): """ Test the auto_private_groups together with enumeration """ passwd_pattern = ent.contains_only( dict(name='user1', passwd='*', uid=1001, gid=1001, gecos='1001', dir='/home/user1', shell='/bin/bash'), dict(name='user2', passwd='*', uid=1002, gid=1002, gecos='1002', dir='/home/user2', shell='/bin/bash'), dict(name='user3', passwd='*', uid=1003, gid=1003, gecos='1003', dir='/home/user3', shell='/bin/bash') ) ent.assert_passwd(passwd_pattern) group_pattern = ent.contains_only( dict(name='user1', passwd='*', gid=1001, mem=ent.contains_only()), dict(name='user2', passwd='*', gid=1002, mem=ent.contains_only()), dict(name='user3', passwd='*', gid=1003, mem=ent.contains_only()), dict(name='group1', passwd='*', gid=2001, mem=ent.contains_only()), dict(name='group2', passwd='*', gid=2002, mem=ent.contains_only()), dict(name='group3', passwd='*', gid=2003, mem=ent.contains_only()), dict(name='empty_group1', passwd='*', gid=2010, mem=ent.contains_only()), dict(name='empty_group2', passwd='*', gid=2011, mem=ent.contains_only()), dict(name='two_user_group', passwd='*', gid=2012, mem=ent.contains_only("user1", "user2")), dict(name='group_empty_group', passwd='*', gid=2013, mem=ent.contains_only()), dict(name='group_two_empty_groups', passwd='*', gid=2014, mem=ent.contains_only()), dict(name='one_user_group1', passwd='*', gid=2015, mem=ent.contains_only("user1")), dict(name='one_user_group2', passwd='*', gid=2016, mem=ent.contains_only("user2")), dict(name='group_one_user_group', passwd='*', gid=2017, mem=ent.contains_only("user1")), dict(name='group_two_user_group', passwd='*', gid=2018, mem=ent.contains_only("user1", "user2")), dict(name='group_two_one_user_groups', passwd='*', gid=2019, mem=ent.contains_only("user1", "user2")) ) ent.assert_group(group_pattern) with pytest.raises(KeyError): grp.getgrnam("conflict1") ent.assert_group_by_gid(1002, dict(name="user2", mem=ent.contains_only()))
def test_assert_passwd(users_and_groups): ent.assert_passwd(ent.contains()) ent.assert_passwd(ent.contains(USER1)) ent.assert_passwd(ent.contains_only(*USER_LIST)) try: ent.assert_passwd(ent.contains(dict(name="user3", uid=1003))) assert False except AssertionError as e: assert re.search("list mismatch:", str(e)) assert re.search("expected users not found:", str(e)) assert not re.search("unexpected users found:", str(e)) try: ent.assert_passwd(ent.contains_only(USER1)) assert False except AssertionError as e: assert re.search("list mismatch:", str(e)) assert not re.search("expected users not found:", str(e)) assert re.search("unexpected users found:", str(e))
def test_add_remove_user(ldap_conn, blank_rfc2307): """Test user addition and removal are reflected by SSSD""" e = ldap_ent.user(ldap_conn.ds_inst.base_dn, "user", 2001, 2000) time.sleep(INTERACTIVE_TIMEOUT / 2) # Add the user ent.assert_passwd(ent.contains_only()) ldap_conn.add_s(*e) time.sleep(INTERACTIVE_TIMEOUT) ent.assert_passwd(ent.contains_only(dict(name="user", uid=2001))) # Remove the user ldap_conn.delete_s(e[0]) time.sleep(INTERACTIVE_TIMEOUT) ent.assert_passwd(ent.contains_only())
def test_add_remove_user(ldap_conn, blank_rfc2307): """Test user addition and removal are reflected by SSSD""" e = ldap_ent.user(ldap_conn.ds_inst.base_dn, "user", 2001, 2000) time.sleep(INTERACTIVE_TIMEOUT/2) # Add the user ent.assert_passwd(ent.contains_only()) ldap_conn.add_s(*e) time.sleep(INTERACTIVE_TIMEOUT) ent.assert_passwd(ent.contains_only(dict(name="user", uid=2001))) # Remove the user ldap_conn.delete_s(e[0]) time.sleep(INTERACTIVE_TIMEOUT) ent.assert_passwd(ent.contains_only())
assert str(e) == \ "user 1001 mismatch: 'name' mismatch: 'user2' != 'user1'" def test_assert_passwd(users_and_groups): ent.assert_passwd(ent.contains()) ent.assert_passwd(ent.contains(USER1)) ent.assert_passwd(ent.contains_only(*USER_LIST)) try: ent.assert_passwd(ent.contains(dict(name="user3", uid=1003))) assert False except AssertionError, e: assert re.search("list mismatch:", str(e)) assert re.search("expected users not found:", str(e)) assert not re.search("unexpected users found:", str(e)) try: ent.assert_passwd(ent.contains_only(USER1)) assert False except AssertionError, e: assert re.search("list mismatch:", str(e)) assert not re.search("expected users not found:", str(e)) assert re.search("unexpected users found:", str(e)) def test_group_member_matching(users_and_groups): ent.assert_group_by_name("empty_group", dict(mem=ent.contains())) ent.assert_group_by_name("empty_group", dict(mem=ent.contains_only())) try: ent.assert_group_by_name("empty_group", dict(mem=ent.contains("user1"))) except AssertionError, e: assert re.search("member list mismatch:", str(e)) assert re.search("expected members not found:", str(e))
"user 1001 mismatch: 'name' mismatch: 'user2' != 'user1'" def test_assert_passwd(users_and_groups): ent.assert_passwd(ent.contains()) ent.assert_passwd(ent.contains(USER1)) ent.assert_passwd(ent.contains_only(*USER_LIST)) try: ent.assert_passwd(ent.contains(dict(name="user3", uid=1003))) assert False except AssertionError, e: assert re.search("list mismatch:", str(e)) assert re.search("expected users not found:", str(e)) assert not re.search("unexpected users found:", str(e)) try: ent.assert_passwd(ent.contains_only(USER1)) assert False except AssertionError, e: assert re.search("list mismatch:", str(e)) assert not re.search("expected users not found:", str(e)) assert re.search("unexpected users found:", str(e)) def test_group_member_matching(users_and_groups): ent.assert_group_by_name("empty_group", dict(mem=ent.contains())) ent.assert_group_by_name("empty_group", dict(mem=ent.contains_only())) try: ent.assert_group_by_name("empty_group", dict(mem=ent.contains("user1"))) except AssertionError, e: assert re.search("member list mismatch:", str(e))