ipa/SOURCES/0036-ipatests-test-ipa-getkeytab-server-option.patch

From 7a13200fd8b92dd90ebc4b6416ef25659df8aa71 Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Fri, 16 Jul 2021 12:59:47 -0400
Subject: [PATCH] ipatests: test ipa-getkeytab server option

Test various usages of the -s/--server option:
* -s is defined, use it as the server
* no -s, use the host value from /etc/ipa/default.conf
* -s is '_srv_', do DNS discovery

https://pagure.io/freeipa/issue/8478

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Florence Blanc-Renaud <flo@redhat.com>
---
 ipatests/test_integration/test_commands.py | 58 ++++++++++++++++++++++
 1 file changed, 58 insertions(+)

diff --git a/ipatests/test_integration/test_commands.py b/ipatests/test_integration/test_commands.py
index d64519eb7..2035ced56 100644
--- a/ipatests/test_integration/test_commands.py
+++ b/ipatests/test_integration/test_commands.py
@@ -1467,6 +1467,64 @@ class TestIPACommand(IntegrationTest):
             assert 'This account is currently not available' in \
                 result.stdout_text
 
+    def test_ipa_getkeytab_server(self):
+        """
+        Exercise the ipa-getkeytab server options
+
+        This relies on the behavior that without a TGT
+        ipa-getkeytab will quit and not do much of anything.
+
+        A bogus keytab and principal are passed in to satisfy the
+        minimum requirements.
+        """
+        tasks.kdestroy_all(self.master)
+
+        # Pass in a server name to use
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-s",
+                self.master.hostname,
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert 'Using provided server %s' % self.master.hostname in result
+
+        # Don't pass in a name, should use /etc/ipa/default.conf
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert (
+            'Using server from config %s' % self.master.hostname
+            in result
+        )
+
+        # Use DNS SRV lookup
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-s",
+                "_srv_",
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert 'Discovered server %s' % self.master.hostname in result
+
 
 class TestIPACommandWithoutReplica(IntegrationTest):
     """
-- 
2.31.1