def initial_setup():
# python-apt on dapper and hardy doesn't have the same API
if testlib.ubuntu_release() == "dapper" or \
testlib.ubuntu_release() == "hardy":
server = "mysql-server-5.0"
else:
import apt
cache = apt.Cache()
cache.open()
server = None
for p in ['mariadb-server-5.5', 'mysql-server-5.5', 'mysql-server-5.1', 'mysql-server-5.0']:
if cache.__contains__(p) and cache[p].is_installed:
server = p
break
handle, debconf = testlib.mkstemp_fill('''Name: mysql-server/root_password
Template: mysql-server/root_password
Value: %s
Owners: %s
Name: mysql-server/root_password_again
Template: mysql-server/root_password_again
Value: %s
Owners: %s''' %((default_pass, server) * 2))
env = os.environ.copy()
env['DEBIAN_FRONTEND']= 'noninteractive'
env['DEBCONF_DB_OVERRIDE'] = 'File{%s}' %debconf
handle.close()
subprocess.call(['dpkg-reconfigure', server], env=env, stdout=subprocess.PIPE)
os.unlink(debconf)
def test_deliver(self):
'''Test dovecot's deliver LDA'''
test_mail = '''From [email protected] Fri Dec 28 11:29:34 2007
Date: Fri, 28 Dec 2007 11:29:34 +0100
From: ( Test User 4 <*****@*****.**>
To: Dovecot tester <*****@*****.**>
Subject: Test 4
Ubuntu Rocks!
'''
handle, name = testlib.mkstemp_fill(test_mail, dir=self.user.home)
(rc, report) = testlib.cmd([
'/usr/lib/dovecot/deliver', '-d', self.user.login, '-m', 'TestMB'
],
stdin=handle)
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
mail_file = self.user.home + '/mail/TestMB'
# Is the file there?
self.assertTrue(os.path.exists(mail_file))
# Does it contain our email?
self.assertEquals(
subprocess.call(['/bin/grep', '-q', 'Ubuntu Rocks!', mail_file],
stdout=subprocess.PIPE), 0)
def _run_script(self, contents, expected=0, args=[], taint_check=False):
'''Run a perl script, expecting exit code 0'''
handle, name = testlib.mkstemp_fill(contents + '\n')
if taint_check:
args = ['-T'] + args
self.assertShellExitEquals(expected, ['/usr/bin/perl'] + args,
stdin=handle)
os.unlink(name)
def test_wall(self):
'''Test wall'''
handle, self.tmpname = testlib.mkstemp_fill(
"Testing wall...this message can be ignored...")
rc, report = testlib.cmd(['wall'], stdin=handle)
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
os.unlink(self.tmpname)
def test_10_sending_mail_forward_xternal(self):
'''Mail processed by commands in .forward'''
# Create user-writable redirected mbox destination
mbox, mbox_name = testlib.mkstemp_fill('',prefix='test-postfix.mbox-')
mbox.close()
os.chown(mbox_name, self.user.uid, self.user.gid)
# Create a script to run in the .forward
redir, redir_name = testlib.mkstemp_fill('''#!/bin/bash
/bin/cat > "%s"
''' % (mbox_name),prefix='test-postfix.redir-')
redir.close()
os.chmod(redir_name,0755)
self._write_forward(self.user,'|%s\n' % (redir_name))
self._test_roundtrip_mail(self.user, spool_file=mbox_name)
os.unlink(redir_name)
os.unlink(mbox_name)
def _run_script(self, contents, expected=0, args=[]):
'''Run a php script, expecting exit code 0'''
if self.lsb_release['Release'] >= 16.04:
php_bin = "/usr/bin/php7.0"
else:
php_bin = "/usr/bin/php5"
handle, name = testlib.mkstemp_fill('<?php\n' + contents + '\n?>\n',
dir=self.tempdir)
self.assertShellExitEquals(expected, [php_bin] + args, stdin=handle)
os.unlink(name)
def _test_auth(self, username, password, expected_string, expected_rc=0):
'''Tests authentication'''
handle, tmpname = testlib.mkstemp_fill("User-Name=%s,Password=%s" % (username, password), dir=self.tmpdir)
# can't use radtest as there's no way to set a timeout or number of retries
rc, report = testlib.cmd(['/usr/bin/radclient', '-4', '-r', '2', '-f', tmpname, '-s', 'localhost:1812', 'auth', 'testing123'])
result = 'Got exit code %d, expected %d\n' % (rc, expected_rc)
self.assertEquals(expected_rc, rc, result + report)
result = 'Could not find %s in output: %s\n' % (expected_string, report)
self.assertTrue(expected_string in report, result)
def _check_klist(self, v4=False):
if v4:
vstr = "-5 -4"
else:
vstr = "-5"
handle, name = testlib.mkstemp_fill("%s\n" % (krb5.user_password))
rc, out = testlib.cmd(
['/bin/su', '-c',
'/usr/bin/klist %s' % (vstr), krb5.user.login],
stdin=handle)
os.unlink(name)
return rc, out
def test_10_sending_mail_forward_xternal(self):
'''Mail processed by commands in .forward'''
# Create user-writable redirected mbox destination
mbox, mbox_name = testlib.mkstemp_fill('',prefix='test-postfix.mbox-')
mbox.close()
os.chown(mbox_name, self.user.uid, self.user.gid)
# Create a script to run in the .forward
redir, redir_name = testlib.mkstemp_fill('''#!/bin/bash
/bin/cat > "%s"
''' % (mbox_name),prefix='test-postfix.redir-')
redir.close()
os.chmod(redir_name,0755)
self._write_forward(self.user,'|%s\n' % (redir_name))
# SKIP TESTING, FAILS IN TESTBED
#self._test_roundtrip_mail(self.user, spool_file=mbox_name)
os.unlink(redir_name)
os.unlink(mbox_name)
def _kinit(self, login, password, v4=False):
'''Attempt kinit for a given user and password'''
handle, name = testlib.mkstemp_fill("%s\n" % (password))
if v4:
v4str = "-5 -4"
else:
v4str = ""
rc, out = testlib.cmd([
'/bin/su', '-c',
'/usr/bin/kinit -V %s %s' % (v4str, login), login
],
stdin=handle)
os.unlink(name)
return rc, out
def _setUp(self):
'''_setUp'''
self.rootpass = default_pass
self.initscript = "/etc/init.d/mysql"
self.rundir = "/var/run/mysqld"
self.handle, self.name = testlib.mkstemp_fill('''show databases;
create database foo;
drop database foo;
connect mysql;
show tables;
select * from user;
''', dir="/tmp")
self.mysql_commonargs = ['--no-defaults', '-u', 'root', '--password='******'/usr/bin/mysql'] + self.mysql_commonargs
# make sure the real mysql is not running
subprocess.call([self.initscript, 'stop'], stdout=subprocess.PIPE)
def _run_formail(self, contents, split=False, expected=0, search=None):
'''Test formail tool'''
handle, self.tmpname = testlib.mkstemp_fill(contents)
if split == True:
command = ['formail', '-s']
else:
command = ['formail']
rc, report = testlib.cmd(command, stdin=handle)
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
if search != None:
result = 'Could not find "%s" in output "%s"\n' % (search, report)
self.assertTrue(search in report, result)
def test_deliver_sieve(self):
'''Test dovecot's deliver LDA with sieve plugin'''
open(self.user.home + '/.dovecot.sieve',
'w').write('''require "fileinto";
if header :comparator "i;ascii-casemap" :contains "Subject" "**SPAM**" {
fileinto "Trash";
stop;
}
''')
test_mail = '''From [email protected] Fri Dec 28 11:29:34 2007
Date: Fri, 28 Dec 2007 11:29:34 +0100
From: ( Test User 4 <*****@*****.**>
To: Dovecot tester <*****@*****.**>
Subject: **SPAM** Buy stuff
Hey! Guess what? I've got a great opportunity for ya!
'''
handle, name = testlib.mkstemp_fill(test_mail, dir=self.user.home)
(rc, report) = testlib.cmd([
'/usr/lib/dovecot/deliver', '-d', self.user.login, '-m', 'TestMB'
],
stdin=handle)
expected = 0
result = 'Got exit code %d, expected %d\n' % (rc, expected)
self.assertEquals(expected, rc, result + report)
mail_file = self.user.home + '/mail/Trash'
# Is the file there?
self.assertTrue(os.path.exists(mail_file))
# Does it contain our email?
self.assertEquals(
subprocess.call(['/bin/grep', '-q', 'Buy stuff', mail_file],
stdout=subprocess.PIPE), 0)
def setUp(self):
'''Setup mechanisms'''
ServerCommon._setUp(self)
ServerCommon._stop(self)
if self.lsb_release['Release'] == 6.06:
return True
self.sslhandle, self.sslname = testlib.mkstemp_fill('''SHOW VARIABLES LIKE 'have_ssl';''', dir="/tmp")
(self.tmpdir, self.srvcert_pem, self.srvkey_pem, self.clientcert_pem, self.clientkey_pem, self.cacert_pem) = testlib_ssl.gen_ssl()
subprocess.call(['chown', '-R', 'mysql', self.tmpdir])
self.hosts = "/etc/hosts"
testlib.config_replace(self.hosts, "", True)
subprocess.call(['sed', '-i', 's/^\\(127.0.0.1.*\\)/\\1 server client/g', self.hosts])
self.mycnf = "/etc/mysql/my.cnf"
testlib.config_replace(self.mycnf, "", True)
subprocess.call(['sed', '-i', 's,^\[mysqld\],[mysqld]\\nssl\\n\\nssl-ca=' + self.cacert_pem + '\\nssl-cert=' + self.srvcert_pem + '\\nssl-key=' + self.srvkey_pem + '\\nlog = /var/log/mysql.log\\n,g', self.mycnf])
subprocess.call(['sed', '-i', 's,^\[client\],[client]\\nssl\\n\\nssl-ca=' + self.cacert_pem + '\\nssl-cert=' + self.clientcert_pem + '\\nssl-key=' + self.clientkey_pem + '\\nssl-verify-server-cert = false\\n,g', self.mycnf])
ServerCommon._restart(self)
def _run_script(self, contents, expected=0, args=[]):
'''Run a perl script, expecting exit code 0'''
handle, name = testlib.mkstemp_fill(contents + '\n', dir=self.tempdir)
self.assertShellExitEquals(expected, ['/usr/bin/perl'] + args,
stdin=handle)
os.unlink(name)
def onetime_setUp(self):
'''Set up prior to test_* functions'''
# Set up configuration based on system name/domain
config = '''#
[libdefaults]
default_realm = LOCAL.NETWORK
# Here, we specify the kdc and admin server for the realm
# LOCAL.NETWORK
[realms]
LOCAL.NETWORK = {
kdc = %s
admin_server = %s
}
# This informs the kdc of which hosts it should consider part of the
# LOCAL.NETWORK realm
[domain_realm]
%s = LOCAL.NETWORK
.%s = LOCAL.NETWORK
''' % (self.fqdn, self.fqdn, self.domainname, self.domainname)
if self.lsb_release['Release'] < 9.10:
config += '''
# I disable kerberos 4 compatibility altogether. I understand it had
# some real security issues. I don't know if this is important here,
# but, it doesn't hurt in my particular case (all clients on my network
# are kerberos 5 compatible).
[login]
krb4_convert = true
krb4_get_tickets = true
'''
testlib.config_replace('/etc/krb5.conf', config)
testlib.config_replace(
'/etc/krb5kdc/kdc.conf', '''#
[kdcdefaults]
kdc_ports = 750,88
[realms]
LOCAL.NETWORK = {
database_name = /var/lib/krb5kdc/principal
admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
key_stash_file = /etc/krb5kdc/stash
kdc_ports = 750,88
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3
default_principal_flags = +preauth
}
''')
# destroy old principals
for drop in glob.glob('/etc/krb5kdc/principal*') + glob.glob(
'/var/lib/krb5kdc/principal*'):
os.unlink(drop)
# Generate principals for initial database
krb5.setup()
self.assertFalse(krb5.user_password == krb5.user.password,
"need different passwords between login and krb5")
handle, name = testlib.mkstemp_fill(
'%s\n%s\n' % (krb5.admin_password, krb5.admin_password))
rc, out = testlib.cmd(['/usr/sbin/kdb5_util', 'create', '-s'],
stdin=handle)
os.unlink(name)
self.assertEquals(rc, 0, "krb database initialization: " + out)
handle, name = testlib.mkstemp_fill('%s\n' % (krb5.admin_password))
rc, out = testlib.cmd(
['/usr/sbin/kadmin.local', '-q', 'addprinc admin/admin'],
stdin=handle)
os.unlink(name)
self.assertEquals(rc, 0, "krb admin add: " + out)
handle, name = testlib.mkstemp_fill(
'%s\n%s\n' % (krb5.user_password, krb5.user_password))
rc, out = testlib.cmd([
'/usr/sbin/kadmin.local', '-p', 'admin/admin', '-q',
'addprinc %s' % (krb5.user.login)
],
stdin=handle)
os.unlink(name)
self.assertEquals(rc, 0, "krb user add: " + out)
self.assertTrue(
'Principal "*****@*****.**" created.' % (krb5.user.login) in out,
"kadmin.local failure: " + out)
handle, name = testlib.mkstemp_fill('''addprinc -randkey host/%s
addprinc -randkey host/%s
ktadd host/%s
quit
''' % (self.fqdn, self.fqdn_client, self.fqdn))
rc, out = testlib.cmd(['/usr/sbin/kadmin.local', '-p', 'admin/admin'],
stdin=handle)
os.unlink(name)
self.assertEquals(rc, 0, "krb user/host principals not added: " + out)
k5login = '******' % (krb5.user.home)
file(k5login, 'w').write('%[email protected]\n' % (krb5.user.login))
os.chown(k5login, krb5.user.uid, krb5.user.gid)
# restart
self._restart_services()
def _run_script(self, contents, versions, expected=0, args=[]):
'''Run a tk script, expecting exit code 0'''
for ver in versions:
handle, name = testlib.mkstemp_fill(contents+'\n')
self.assertShellExitEquals(expected, ['/usr/bin/wish%s' % ver] + args, stdin = handle)
os.unlink(name)
