From 5883b99fa0d13368f6e79fdb40b6637d36ed1801 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 22 Aug 2017 12:25:58 +0200 Subject: [PATCH 72/93] TESTS: Add files provider tests that request a user and group by ID MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Reviewed-by: Fabiano FidĂȘncio --- src/tests/intg/test_files_provider.py | 97 ++++++++++++++++++++++++++++++++--- 1 file changed, 91 insertions(+), 6 deletions(-) diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py index b26977e0610b85e1ba015d3dd98596f356004fa8..e507ea10d78b9b35ee57178e78f4621372d0c2e5 100644 --- a/src/tests/intg/test_files_provider.py +++ b/src/tests/intg/test_files_provider.py @@ -29,8 +29,10 @@ import pytest import ent import sssd_id from sssd_nss import NssReturnCode -from sssd_passwd import call_sssd_getpwnam, call_sssd_enumeration -from sssd_group import call_sssd_getgrnam +from sssd_passwd import (call_sssd_getpwnam, + call_sssd_enumeration, + call_sssd_getpwuid) +from sssd_group import call_sssd_getgrnam, call_sssd_getgrgid from files_ops import passwd_ops_setup, group_ops_setup from util import unindent @@ -258,6 +260,14 @@ def sssd_getpwnam_sync(name): return call_sssd_getpwnam(name) +def sssd_getpwuid_sync(uid): + ret = poll_canary(call_sssd_getpwnam, CANARY["name"]) + if ret is False: + return NssReturnCode.NOTFOUND, None + + return call_sssd_getpwuid(uid) + + def sssd_getgrnam_sync(name): ret = poll_canary(call_sssd_getgrnam, CANARY_GR["name"]) if ret is False: @@ -266,6 +276,14 @@ def sssd_getgrnam_sync(name): return call_sssd_getgrnam(name) +def sssd_getgrgid_sync(name): + ret = poll_canary(call_sssd_getgrnam, CANARY_GR["name"]) + if ret is False: + return NssReturnCode.NOTFOUND, None + + return call_sssd_getgrgid(name) + + def sssd_id_sync(name): sssd_getpwnam_sync(CANARY["name"]) res, _, groups = sssd_id.get_user_groups(name) @@ -307,6 +325,15 @@ def check_group(exp_group, delay=1.0): assert found_group == exp_group +def check_group_by_gid(exp_group, delay=1.0): + if delay > 0: + time.sleep(delay) + + res, found_group = sssd_getgrgid_sync(exp_group["gid"]) + assert res == NssReturnCode.SUCCESS + assert found_group == exp_group + + def check_group_list(exp_groups_list): for exp_group in exp_groups_list: check_group(exp_group) @@ -349,6 +376,16 @@ def test_getpwnam_after_start(add_user_with_canary, files_domain_only): assert user == USER1 +def test_getpwuid_after_start(add_user_with_canary, files_domain_only): + """ + Test that after startup without any additional operations, a user + can be resolved through sssd + """ + res, user = sssd_getpwuid_sync(USER1["uid"]) + assert res == NssReturnCode.SUCCESS + assert user == USER1 + + def test_user_overriden(add_user_with_canary, files_domain_only): """ Test that user override works with files domain only @@ -373,8 +410,8 @@ def test_group_overriden(add_group_with_canary, files_domain_only): """ # Override subprocess.check_call(["sss_override", "group-add", GROUP1["name"], - "-n", OV_GROUP1["name"], - "-g", str(OV_GROUP1["gid"])]) + "-n", OV_GROUP1["name"], + "-g", str(OV_GROUP1["gid"])]) restart_sssd() @@ -383,12 +420,20 @@ def test_group_overriden(add_group_with_canary, files_domain_only): def test_getpwnam_neg(files_domain_only): """ - Test that a nonexistant user cannot be resolved + Test that a nonexistant user cannot be resolved by name """ res, _ = call_sssd_getpwnam("nosuchuser") assert res == NssReturnCode.NOTFOUND +def test_getpwuid_neg(files_domain_only): + """ + Test that a nonexistant user cannot be resolved by UID + """ + res, _ = call_sssd_getpwuid(12345) + assert res == NssReturnCode.NOTFOUND + + def test_root_does_not_resolve(files_domain_only): """ SSSD currently does not resolve the root user even though it can @@ -401,6 +446,18 @@ def test_root_does_not_resolve(files_domain_only): assert res == NssReturnCode.NOTFOUND +def test_uid_zero_does_not_resolve(files_domain_only): + """ + SSSD currently does not resolve the UID 0 even though it can + be resolved through the NSS interface + """ + nss_root = pwd.getpwuid(0) + assert nss_root is not None + + res, _ = call_sssd_getpwuid(0) + assert res == NssReturnCode.NOTFOUND + + def test_add_remove_add_file_user(setup_pw_with_canary, files_domain_only): """ Test that removing a user is detected and the user @@ -522,11 +579,19 @@ def test_incomplete_user_fail(setup_pw_with_canary, files_domain_only): def test_getgrnam_after_start(add_group_with_canary, files_domain_only): """ Test that after startup without any additional operations, a group - can be resolved through sssd + can be resolved through sssd by name """ check_group(GROUP1) +def test_getgrgid_after_start(add_group_with_canary, files_domain_only): + """ + Test that after startup without any additional operations, a group + can be resolved through sssd by GID + """ + check_group_by_gid(GROUP1) + + def test_getgrnam_neg(files_domain_only): """ Test that a nonexistant group cannot be resolved @@ -535,6 +600,14 @@ def test_getgrnam_neg(files_domain_only): assert res == NssReturnCode.NOTFOUND +def test_getgrgid_neg(files_domain_only): + """ + Test that a nonexistant group cannot be resolved + """ + res, user = sssd_getgrgid_sync(123456) + assert res == NssReturnCode.NOTFOUND + + def test_root_group_does_not_resolve(files_domain_only): """ SSSD currently does not resolve the root group even though it can @@ -547,6 +620,18 @@ def test_root_group_does_not_resolve(files_domain_only): assert res == NssReturnCode.NOTFOUND +def test_gid_zero_does_not_resolve(files_domain_only): + """ + SSSD currently does not resolve the group with GID 0 even though it + can be resolved through the NSS interface + """ + nss_root = grp.getgrgid(0) + assert nss_root is not None + + res, user = call_sssd_getgrgid(0) + assert res == NssReturnCode.NOTFOUND + + def test_add_remove_add_file_group(setup_gr_with_canary, files_domain_only): """ Test that removing a group is detected and the group -- 2.14.1