65 lines
2.1 KiB
Perl
65 lines
2.1 KiB
Perl
use base "installedtest";
|
|
use strict;
|
|
use testapi;
|
|
use utils;
|
|
|
|
sub run {
|
|
my $self = shift;
|
|
# switch to tty1 (we're usually there already, but just in case
|
|
# we're carrying on from a failed freeipa_webui that didn't fail
|
|
# at tty1)
|
|
my $domain = "test.openqa.fedoraproject.org";
|
|
my $ucdomain = "TEST.OPENQA.FEDORAPROJECT.ORG";
|
|
my $user1 = "test1";
|
|
my $user2 = "test2";
|
|
my $userpw = "batterystaple";
|
|
if (get_var("FREEIPA_DEMO_INSTANCE")) {
|
|
$domain = "demo1.freeipa.org";
|
|
$ucdomain = "DEMO1.FREEIPA.ORG";
|
|
$user1 = "employee";
|
|
$user2 = "";
|
|
$userpw = "Secret123";
|
|
}
|
|
my $qdomain = quotemeta($domain);
|
|
my $qucdomain = quotemeta($ucdomain);
|
|
send_key "ctrl-alt-f1";
|
|
wait_still_screen 1;
|
|
# check domain is listed in 'realm list'
|
|
validate_script_output 'realm list', sub { $_ =~ m/domain-name: $qdomain.*configured: kerberos-member/s };
|
|
# check we can see the admin user in getent
|
|
assert_script_run "getent passwd admin\@$ucdomain";
|
|
# check keytab entries
|
|
my $hostname = script_output 'hostname';
|
|
my $qhost = quotemeta($hostname);
|
|
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@$qucdomain/ };
|
|
# check we can kinit with the host principal
|
|
assert_script_run "kinit -k host/$hostname\@$ucdomain";
|
|
# Set a longer timeout for login(1) to workaround RHBZ #1661273
|
|
assert_script_run 'echo "LOGIN_TIMEOUT 180" >> /etc/login.defs';
|
|
# switch to tty2 for login tests
|
|
send_key "ctrl-alt-f2";
|
|
# try and login as test1, should work
|
|
console_login(user => "$user1\@$ucdomain", password => $userpw);
|
|
type_string "exit\n";
|
|
# try and login as test2, should fail. we cannot use console_login
|
|
# as it takes 10 seconds to complete when login fails, and
|
|
# "permission denied" message doesn't last that long
|
|
sleep 2;
|
|
assert_screen "text_console_login";
|
|
if ($user2) {
|
|
type_string "$user2\@$ucdomain\n";
|
|
assert_screen "console_password_required";
|
|
type_string "$userpw\n";
|
|
assert_screen "login_permission_denied";
|
|
}
|
|
}
|
|
|
|
|
|
sub test_flags {
|
|
return {fatal => 1};
|
|
}
|
|
|
|
1;
|
|
|
|
# vim: set sw=4 et:
|