def install(cls, mh): if cls.domain_level is not None: domain_level = cls.domain_level else: domain_level = cls.master.config.domain_level tasks.install_topo(cls.topology, cls.master, cls.replicas, cls.clients, domain_level, clients_extra_args=('--mkhomedir',)) cls.ad = cls.ads[0] cls.smbserver = cls.clients[0] cls.smbclient = cls.clients[1] cls.ad_user = '******'.format(cls.ad_user_login, cls.ad.domain.name) tasks.config_host_resolvconf_with_master_data(cls.master, cls.smbclient) tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.configure_windows_dns_for_trust(cls.ad, cls.master) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name, extra_args=['--two-way=true']) tasks.create_active_user(cls.master, cls.ipa_user1, password=cls.ipa_user1_password) tasks.create_active_user(cls.master, cls.ipa_user2, password=cls.ipa_user2_password) # Trigger creation of home directories on the SMB server for user in [cls.ipa_user1, cls.ipa_user2, cls.ad_user]: tasks.run_command_as_user(cls.smbserver, user, ['stat', '.'])
def install(cls, mh): tasks.install_master(cls.master, setup_dns=True) tasks.install_adtrust(cls.master) for client in cls.replicas + cls.clients: cls.fix_resolv_conf(client, cls.master) tasks.install_client(cls.master, client, extra_args=['--mkhomedir']) cls.replicas[0].collect_log('/var/log/samba/') cls.master.collect_log('/var/log/samba/')
def install(cls, mh): if not cls.master.transport.file_exists('/usr/bin/rpcclient'): raise unittest.SkipTest("Package samba-client not available " "on {}".format(cls.master.hostname)) super(TestTrust, cls).install(mh) cls.ad = cls.ads[0] # pylint: disable=no-member cls.ad_domain = cls.ad.domain.name tasks.install_adtrust(cls.master) cls.check_sid_generation() cls.child_ad = cls.ad_subdomains[0] # pylint: disable=no-member cls.ad_subdomain = cls.child_ad.domain.name cls.tree_ad = cls.ad_treedomains[0] # pylint: disable=no-member cls.ad_treedomain = cls.tree_ad.domain.name
def install(cls, mh): super(TestSSSDAuthCache, cls).install(mh) cls.ad = cls.ads[0] # pylint: disable=no-member tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name) cls.users['ad']['name'] = cls.users['ad']['name_tmpl'].format( domain=cls.ad.domain.name) tasks.user_add(cls.master, cls.intermed_user) tasks.create_active_user(cls.master, cls.ipa_user, cls.ipa_user_password)
def install(cls, mh): super(TestSSSDWithAdTrust, cls).install(mh) cls.ad = cls.ads[0] tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name) cls.users['ad']['name'] = cls.users['ad']['name_tmpl'].format( domain=cls.ad.domain.name) cls.users['ad']['group'] = cls.users['ad']['group_tmpl'].format( domain=cls.ad.domain.name) tasks.user_add(cls.master, cls.intermed_user) tasks.create_active_user(cls.master, cls.ipa_user, cls.ipa_user_password)
def install(cls, mh): super(TestSSSDWithAdTrust, cls).install(mh) cls.ad = cls.ads[0] tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name) cls.users['ad']['name'] = cls.users['ad']['name_tmpl'].format( domain=cls.ad.domain.name) # Regression tests for cached_auth_timeout option # https://bugzilla.redhat.com/show_bug.cgi?id=1685581 tasks.user_add(cls.master, cls.intermed_user) tasks.create_active_user(cls.master, cls.ipa_user, cls.ipa_user_password)
def install(cls, mh): super(TestWinsyncMigrate, cls).install(mh) cls.ad = cls.ads[0] # pylint: disable=no-member cls.trust_test_user = '******' % (cls.ad_user, cls.ad.domain.name) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.install_adtrust(cls.master) cls.create_test_objects() establish_winsync_agreement(cls.master, cls.ad) tasks.kinit_admin(cls.master) cls.setup_user_memberships(cls.ad_user) # store user uid and gid result = cls.master.run_command(['getent', 'passwd', cls.ad_user]) testuser_regex = (r"^{0}:\*:(\d+):(\d+):{0}:/home/{0}:/bin/sh$".format( cls.ad_user)) m = re.match(testuser_regex, result.stdout_text) cls.test_user_uid, cls.test_user_gid = m.groups()
def install(cls, mh): if not cls.master.transport.file_exists('/usr/bin/rpcclient'): raise unittest.SkipTest("Package samba-client not available " "on {}".format(cls.master.hostname)) super(BaseTestTrust, cls).install(mh) cls.ad = cls.ads[0] # pylint: disable=no-member cls.ad_domain = cls.ad.domain.name tasks.install_adtrust(cls.master) cls.check_sid_generation() cls.child_ad = cls.ad_subdomains[0] # pylint: disable=no-member cls.ad_subdomain = cls.child_ad.domain.name cls.tree_ad = cls.ad_treedomains[0] # pylint: disable=no-member cls.ad_treedomain = cls.tree_ad.domain.name # values used in workaround for # https://bugzilla.redhat.com/show_bug.cgi?id=1711958 cls.srv_gc_record_name = \ '_ldap._tcp.Default-First-Site-Name._sites.gc._msdcs' cls.srv_gc_record_value = '0 100 389 {}.'.format(cls.master.hostname)
def install(cls, mh): tasks.install_master(cls.master, setup_dns=True) cls.ad = cls.ads[0] tasks.install_adtrust(cls.master) tasks.configure_dns_for_trust(cls.master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad.domain.name)
def install(cls, mh): super(TestCertsInIDOverrides, cls).install(mh) cls.ad = config.ad_domains[0].ads[0] cls.ad_domain = cls.ad.domain.name cls.aduser = "******" % cls.ad_domain master = cls.master # A setup for test_dbus_user_lookup master.run_command(['dnf', 'install', '-y', 'sssd-dbus'], raiseonerr=False) # The tasks.modify_sssd_conf way did not work because # sssd_domain.set_option knows nothing about 'services' parameter of # the sssd config file. Therefore I am using sed approach master.run_command("sed -i '/^services/ s/$/, ifp/' %s" % paths.SSSD_CONF) master.run_command("sed -i 's/= 7/= 0xFFF0/' %s" % paths.SSSD_CONF, raiseonerr=False) master.run_command(['systemctl', 'restart', 'sssd.service']) # End of setup for test_dbus_user_lookup # AD-related stuff tasks.install_adtrust(master) tasks.sync_time(master, cls.ad) tasks.establish_trust_with_ad( cls.master, cls.ad_domain, extra_args=['--range-type', 'ipa-ad-trust']) cls.reqdir = os.path.join(master.config.test_dir, "certs") cls.reqfile1 = os.path.join(cls.reqdir, "test1.csr") cls.reqfile2 = os.path.join(cls.reqdir, "test2.csr") cls.pwname = os.path.join(cls.reqdir, "pwd") # Create a NSS database folder master.run_command(['mkdir', cls.reqdir], raiseonerr=False) # Create an empty password file master.run_command(["touch", cls.pwname], raiseonerr=False) # Initialize NSS database tasks.run_certutil(master, ["-N", "-f", cls.pwname], cls.reqdir) # Now generate self-signed certs for a windows user stdin_text = string.digits + string.ascii_letters[2:] + '\n' tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert1, '-n', cls.adcert1, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert2, '-n', cls.adcert2, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) # Export the previously generated cert tasks.run_certutil( master, ['-L', '-n', cls.adcert1, '-a', '>', cls.adcert1_file], cls.reqdir) tasks.run_certutil( master, ['-L', '-n', cls.adcert2, '-a', '>', cls.adcert2_file], cls.reqdir) cls.cert1_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert1_file).stdout_text cls.cert2_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert2_file).stdout_text cls.cert1_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert1_file).stdout_text cls.cert2_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert2_file).stdout_text
def install(cls, mh): super(TestCertsInIDOverrides, cls).install(mh) cls.ad = config.ad_domains[0].ads[0] cls.ad_domain = cls.ad.domain.name cls.aduser = "******" % cls.ad_domain master = cls.master # A setup for test_dbus_user_lookup master.run_command(['dnf', 'install', '-y', 'sssd-dbus'], raiseonerr=False) # The tasks.modify_sssd_conf way did not work because # sssd_domain.set_option knows nothing about 'services' parameter of # the sssd config file. Therefore I am using sed approach master.run_command( "sed -i '/^services/ s/$/, ifp/' %s" % paths.SSSD_CONF) master.run_command( "sed -i 's/= 7/= 0xFFF0/' %s" % paths.SSSD_CONF, raiseonerr=False) master.run_command(['systemctl', 'restart', 'sssd.service']) # End of setup for test_dbus_user_lookup # AD-related stuff tasks.install_adtrust(master) tasks.sync_time(master, cls.ad) tasks.establish_trust_with_ad(cls.master, cls.ad_domain, extra_args=['--range-type', 'ipa-ad-trust']) cls.reqdir = os.path.join(master.config.test_dir, "certs") cls.reqfile1 = os.path.join(cls.reqdir, "test1.csr") cls.reqfile2 = os.path.join(cls.reqdir, "test2.csr") cls.pwname = os.path.join(cls.reqdir, "pwd") # Create a NSS database folder master.run_command(['mkdir', cls.reqdir], raiseonerr=False) # Create an empty password file master.run_command(["touch", cls.pwname], raiseonerr=False) # Initialize NSS database tasks.run_certutil(master, ["-N", "-f", cls.pwname], cls.reqdir) # Now generate self-signed certs for a windows user stdin_text = string.digits+string.ascii_letters[2:] + '\n' tasks.run_certutil(master, ['-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert1, '-n', cls.adcert1, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234'], cls.reqdir, stdin=stdin_text) tasks.run_certutil(master, ['-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert2, '-n', cls.adcert2, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234'], cls.reqdir, stdin=stdin_text) # Export the previously generated cert tasks.run_certutil(master, ['-L', '-n', cls.adcert1, '-a', '>', cls.adcert1_file], cls.reqdir) tasks.run_certutil(master, ['-L', '-n', cls.adcert2, '-a', '>', cls.adcert2_file], cls.reqdir) cls.cert1_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert1_file ).stdout_text cls.cert2_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert2_file ).stdout_text cls.cert1_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert1_file ).stdout_text cls.cert2_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert2_file ).stdout_text
def install_adtrust(cls): """Test adtrust support installation""" tasks.install_adtrust(cls.master)
def install(cls, mh): super(TestCertsInIDOverrides, cls).install(mh) cls.ad = config.ad_domains[0].ads[0] cls.ad_domain = cls.ad.domain.name cls.aduser = "******" % cls.ad_domain master = cls.master # A setup for test_dbus_user_lookup master.run_command(['dnf', 'install', '-y', 'sssd-dbus'], raiseonerr=False) master.run_command("sed -i 's/= 7/= 0xFFF0/' %s" % paths.SSSD_CONF, raiseonerr=False) with tasks.remote_sssd_config(master) as sssd_config: try: sssd_config.new_service('ifp') except ServiceAlreadyExists: pass sssd_config.activate_service('ifp') master.run_command(['systemctl', 'restart', 'sssd.service']) # End of setup for test_dbus_user_lookup # AD-related stuff tasks.install_adtrust(master) tasks.sync_time(master, cls.ad) tasks.configure_dns_for_trust(master, cls.ad) tasks.establish_trust_with_ad( cls.master, cls.ad_domain, extra_args=['--range-type', 'ipa-ad-trust']) cls.reqdir = os.path.join(master.config.test_dir, "certs") cls.reqfile1 = os.path.join(cls.reqdir, "test1.csr") cls.reqfile2 = os.path.join(cls.reqdir, "test2.csr") cls.pwname = os.path.join(cls.reqdir, "pwd") # Create a NSS database folder master.run_command(['mkdir', cls.reqdir], raiseonerr=False) # Create an empty password file master.run_command(["touch", cls.pwname], raiseonerr=False) # Initialize NSS database tasks.run_certutil(master, ["-N", "-f", cls.pwname], cls.reqdir) # Now generate self-signed certs for a windows user stdin_text = string.digits + string.ascii_letters[2:] + '\n' tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert1, '-n', cls.adcert1, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) tasks.run_certutil(master, [ '-S', '-s', "cn=%s,dc=ad,dc=test" % cls.adcert2, '-n', cls.adcert2, '-x', '-t', 'CT,C,C', '-v', '120', '-m', '1234' ], cls.reqdir, stdin=stdin_text) # Export the previously generated cert res = tasks.run_certutil(master, ['-L', '-n', cls.adcert1, '-a'], cls.reqdir) master.put_file_contents( os.path.join(master.config.test_dir, cls.adcert1_file), res.stdout_text) res = tasks.run_certutil(master, ['-L', '-n', cls.adcert2, '-a'], cls.reqdir) master.put_file_contents( os.path.join(master.config.test_dir, cls.adcert2_file), res.stdout_text) cls.cert1_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert1_file).stdout_text cls.cert2_base64 = cls.master.run_command( "openssl x509 -outform der -in %s | base64 -w 0" % cls.adcert2_file).stdout_text cls.cert1_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert1_file).stdout_text cls.cert2_pem = cls.master.run_command( "openssl x509 -in %s -outform pem" % cls.adcert2_file).stdout_text