diff options
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/cmocka/test_pam_srv.c | 183 | ||||
| -rw-r--r-- | src/tests/cwrap/Makefile.in | 1 | ||||
| -rw-r--r-- | src/tests/intg/Makefile.am | 2 | ||||
| -rw-r--r-- | src/tests/intg/Makefile.in | 3 | ||||
| -rw-r--r-- | src/tests/intg/test_files_provider.py | 13 | ||||
| -rw-r--r-- | src/tests/intg/test_pam_responder.py | 75 | ||||
| -rw-r--r-- | src/tests/multihost/basic/test_kcm.py | 13 | ||||
| -rw-r--r-- | src/tests/test_CA/Makefile.in | 1 | ||||
| -rw-r--r-- | src/tests/test_CA/intermediate_CA/Makefile.am | 2 | ||||
| -rw-r--r-- | src/tests/test_CA/intermediate_CA/Makefile.in | 3 | ||||
| -rw-r--r-- | src/tests/test_ECC_CA/Makefile.in | 1 |
11 files changed, 290 insertions, 7 deletions
diff --git a/src/tests/cmocka/test_pam_srv.c b/src/tests/cmocka/test_pam_srv.c index faa4343..3d05d33 100644 --- a/src/tests/cmocka/test_pam_srv.c +++ b/src/tests/cmocka/test_pam_srv.c @@ -90,6 +90,11 @@ "wdzGuHmSI4rOnyZ0VcJ/kA==,MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEEKhSQWMPgAU" \ "cz4d7Fjz2hZK7QUlnAttuEW5XrxD06VBaQvIRYJT7e6wM+vFU4z+uQgU9B5ERbgMiBVe99rB" \ "L9w==" +#define SSSD_TEST_PASSKEY_TWO \ + "passkey:amLLQX2dYGPKCKB5QO7mjLy4ndHCxFr2GXpr0hnb/KZ4X0W3+Dza8nmux+vXmZR4Z" \ + "EPYIb7a2wbK6Wo67uScXA==,MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE/xrLQPGeZS7Hh" \ + "7T2zrJK/LSAOoYFTHx9YiO+IIk3v7Tbgbbi7HoQJdDf8pyAKIgzM4S/kDy0eEymxDLgT4/7Zw" \ + "==" #define SSSD_TEST_PASSKEY_PK \ "zO7lzqHPkVgsWkMTuJ17E+9OTcPtYUZJFHDs3xPSDgjcsHp/yLHkiRRNJ2IMU278" \ @@ -109,6 +114,12 @@ "1m2t9rUXc12eS1EKGJiPiT9IuTQ9nCG2PslkqR+KUMiYoS9MqTsAj9HhuTMkFhcYFyufxFmt/S" \ "4rIqVwmP8lY4GwwJwOnZwNLj/I2HwC+pk= testuser@fedora.test.local" +#define SSSD_TEST_CERT \ + "X509:<I>O=Red Hat,OU=prod,CN=Certificate Authority<S>DC=com,DC=redhat,OU=users" \ + ",OID.0.9.2342.19200300.100.1.1=jstephen,E=jstephen@redhat.com" \ + "m,CN=Justin Stephenson Justin Stephenson" + + int no_cleanup; static char CACHED_AUTH_TIMEOUT_STR[] = "4"; @@ -860,6 +871,108 @@ static int test_pam_passkey_found_preauth_check(uint32_t status, uint8_t *body, return EOK; } + +void test_passkey_process_data_simple(void **state) +{ + TALLOC_CTX *tmp_ctx; + int ret; + struct pk_child_user_data *pk_data; + struct ldb_message *user_msg; + + tmp_ctx = talloc_new(NULL); + assert_non_null(tmp_ctx); + + user_msg = ldb_msg_new(tmp_ctx); + assert_non_null(user_msg); + + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PASSKEY); + assert_int_equal(ret, EOK); + + pk_data = talloc_zero(tmp_ctx, struct pk_child_user_data); + assert_non_null(pk_data); + + ret = process_passkey_data(tmp_ctx, user_msg, TEST_DOM_NAME, pk_data); + assert_int_equal(ret, EOK); + assert_int_equal(pk_data->num_credentials, 1); + for (int i = 0; i < pk_data->num_credentials; i++) { + assert_non_null(pk_data->key_handles[i]); + assert_non_null(pk_data->public_keys[i]); + } +} + +void test_passkey_process_data_multi(void **state) +{ + TALLOC_CTX *tmp_ctx; + int ret; + struct pk_child_user_data *pk_data; + struct ldb_message *user_msg; + + tmp_ctx = talloc_new(NULL); + assert_non_null(tmp_ctx); + + user_msg = ldb_msg_new(tmp_ctx); + assert_non_null(user_msg); + + /* Two passkey mappings */ + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PASSKEY); + assert_int_equal(ret, EOK); + + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PASSKEY_TWO); + assert_int_equal(ret, EOK); + + /* Invalid public key to be ignored */ + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PUBKEY); + assert_int_equal(ret, EOK); + + /* smartcard cert */ + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_CERT); + assert_int_equal(ret, EOK); + + pk_data = talloc_zero(tmp_ctx, struct pk_child_user_data); + assert_non_null(pk_data); + + ret = process_passkey_data(tmp_ctx, user_msg, TEST_DOM_NAME, pk_data); + assert_int_equal(ret, EOK); + assert_int_equal(pk_data->num_credentials, 2); + for (int i = 0; i < pk_data->num_credentials; i++) { + assert_non_null(pk_data->key_handles[i]); + assert_non_null(pk_data->public_keys[i]); + } +} + +void test_passkey_process_data_invalid(void **state) +{ + TALLOC_CTX *tmp_ctx; + int ret; + struct pk_child_user_data *pk_data; + struct ldb_message *user_msg; + struct ldb_message *user_msg2; + + tmp_ctx = talloc_new(NULL); + assert_non_null(tmp_ctx); + + user_msg = ldb_msg_new(tmp_ctx); + assert_non_null(user_msg); + + /* Invalid - key handle part of mapping only */ + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PASSKEY_KEY_HANDLE); + assert_int_equal(ret, EOK); + + pk_data = talloc_zero(tmp_ctx, struct pk_child_user_data); + assert_non_null(pk_data); + + ret = process_passkey_data(tmp_ctx, user_msg, TEST_DOM_NAME, pk_data); + assert_int_equal(ret, ENOENT); + assert_int_equal(pk_data->num_credentials, 0); + + user_msg2 = ldb_msg_new(tmp_ctx); + assert_non_null(user_msg2); + + /* Public key only */ + ret = ldb_msg_add_string(user_msg, SYSDB_USER_PASSKEY, SSSD_TEST_PUBKEY); + assert_int_equal(ret, EOK); + assert_int_equal(pk_data->num_credentials, 0); +} #endif /* BUILD_PASSKEY */ static int test_pam_simple_check(uint32_t status, uint8_t *body, size_t blen) @@ -3503,6 +3616,7 @@ void test_pam_preauth_last_crl_another_ca_files(void **state) test_pam_cert_check); } + void test_filter_response(void **state) { int ret; @@ -4412,7 +4526,7 @@ void test_pam_passkey_auth(void **state) assert_int_equal(ret, EOK); } -void test_pam_passkey_bad_mapping(void **state) +void test_pam_passkey_pubkey_mapping(void **state) { int ret; struct sysdb_attrs *attrs; @@ -4461,6 +4575,63 @@ void test_pam_passkey_bad_mapping(void **state) assert_int_equal(ret, EOK); } +void test_pam_passkey_preauth_mapping_multi(void **state) +{ + int ret; + const char *user_verification = "on"; + struct sysdb_attrs *attrs; + const char *passkey = SSSD_TEST_PASSKEY; + const char *pubkey = SSSD_TEST_PUBKEY; + size_t passkey_size; + size_t pubkey_size; + + set_passkey_auth_param(pam_test_ctx->pctx); + + /* Add user verification attribute */ + ret = sysdb_domain_update_passkey_user_verification( + pam_test_ctx->tctx->dom->sysdb, + pam_test_ctx->tctx->dom->name, + user_verification); + assert_int_equal(ret, EOK); + + mock_input_pam_passkey(pam_test_ctx, "pamuser", "1234", + NULL, NULL, SSSD_TEST_PASSKEY); + + mock_parse_inp("pamuser", NULL, EOK); + + /* Add passkey data first, then pubkey mapping data */ + passkey_size = strlen(passkey) + 1; + pubkey_size = strlen(pubkey) + 1; + + attrs = sysdb_new_attrs(pam_test_ctx); + assert_non_null(attrs); + + ret = sysdb_attrs_add_mem(attrs, SYSDB_USER_PASSKEY, passkey, passkey_size); + assert_int_equal(ret, EOK); + + ret = sysdb_attrs_add_mem(attrs, SYSDB_USER_PASSKEY, pubkey, pubkey_size); + assert_int_equal(ret, EOK); + + ret = sysdb_set_user_attr(pam_test_ctx->tctx->dom, + pam_test_ctx->pam_user_fqdn, + attrs, + LDB_FLAG_MOD_ADD); + assert_int_equal(ret, EOK); + + will_return(__wrap_sss_packet_get_cmd, SSS_PAM_PREAUTH); + will_return(__wrap_sss_packet_get_cmd, SSS_PAM_PREAUTH); + will_return(__wrap_sss_packet_get_body, WRAP_CALL_REAL); + + pam_test_ctx->exp_pam_status = PAM_SUCCESS; + set_cmd_cb(test_pam_passkey_found_preauth_check); + ret = sss_cmd_execute(pam_test_ctx->cctx, SSS_PAM_PREAUTH, + pam_test_ctx->pam_cmds); + assert_int_equal(ret, EOK); + + /* Wait until the test finishes with EOK */ + ret = test_ev_loop(pam_test_ctx->tctx); + assert_int_equal(ret, EOK); +} void test_pam_passkey_auth_send(void **state) { @@ -4688,7 +4859,9 @@ int main(int argc, const char *argv[]) pam_test_setup_passkey, pam_test_teardown), cmocka_unit_test_setup_teardown(test_pam_passkey_auth, pam_test_setup_passkey, pam_test_teardown), - cmocka_unit_test_setup_teardown(test_pam_passkey_bad_mapping, + cmocka_unit_test_setup_teardown(test_pam_passkey_pubkey_mapping, + pam_test_setup_passkey, pam_test_teardown), + cmocka_unit_test_setup_teardown(test_pam_passkey_preauth_mapping_multi, pam_test_setup_passkey, pam_test_teardown), cmocka_unit_test_setup_teardown(test_pam_passkey_auth_send, pam_test_setup_passkey, pam_test_teardown), @@ -4696,6 +4869,12 @@ int main(int argc, const char *argv[]) pam_test_setup_passkey_interactive_prompt, pam_test_teardown), cmocka_unit_test_setup_teardown(test_pam_prompting_passkey_interactive_and_touch, pam_test_setup_passkey_interactive_and_touch_prompt, pam_test_teardown), + cmocka_unit_test_setup_teardown(test_passkey_process_data_simple, + pam_test_setup, pam_test_teardown), + cmocka_unit_test_setup_teardown(test_passkey_process_data_multi, + pam_test_setup, pam_test_teardown), + cmocka_unit_test_setup_teardown(test_passkey_process_data_invalid, + pam_test_setup, pam_test_teardown), #endif /* BUILD_PASSKEY */ #ifdef HAVE_FAKETIME diff --git a/src/tests/cwrap/Makefile.in b/src/tests/cwrap/Makefile.in index d364b4c..a6f2006 100644 --- a/src/tests/cwrap/Makefile.in +++ b/src/tests/cwrap/Makefile.in @@ -721,6 +721,7 @@ HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@ HAVE_SELINUX = @HAVE_SELINUX@ HAVE_SEMANAGE = @HAVE_SEMANAGE@ HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@ +IDMAP_SAMBA_LIBS = @IDMAP_SAMBA_LIBS@ INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@ INI_CONFIG_LIBS = @INI_CONFIG_LIBS@ INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@ diff --git a/src/tests/intg/Makefile.am b/src/tests/intg/Makefile.am index 3866d3c..0cfd268 100644 --- a/src/tests/intg/Makefile.am +++ b/src/tests/intg/Makefile.am @@ -199,6 +199,7 @@ clean-local: PAM_CERT_DB_PATH="$(abs_builddir)/../test_CA/SSSD_test_CA.pem" SOFTHSM2_CONF="$(abs_builddir)/../test_CA/softhsm2_one.conf" +SOFTHSM2_TWO_CONF="$(abs_builddir)/../test_CA/softhsm2_two.conf" intgcheck-installed: config.py passwd group pam_sss_service pam_sss_alt_service pam_sss_sc_required pam_sss_try_sc pam_sss_allow_missing_name pam_sss_domains sss_netgroup_thread_test pipepath="$(DESTDIR)$(pipepath)"; \ @@ -233,6 +234,7 @@ intgcheck-installed: config.py passwd group pam_sss_service pam_sss_alt_service PAM_CERT_DB_PATH=$(PAM_CERT_DB_PATH) \ ABS_SRCDIR=$(abs_srcdir) \ SOFTHSM2_CONF=$(SOFTHSM2_CONF) \ + SOFTHSM2_TWO_CONF=$(SOFTHSM2_TWO_CONF) \ KCM_RENEW=$(KCM_RENEW) \ FILES_PROVIDER=$(FILES_PROVIDER) \ DBUS_SOCK_DIR="$(DESTDIR)$(runstatedir)/dbus/" \ diff --git a/src/tests/intg/Makefile.in b/src/tests/intg/Makefile.in index 32df7c7..14048fe 100644 --- a/src/tests/intg/Makefile.in +++ b/src/tests/intg/Makefile.in @@ -366,6 +366,7 @@ HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@ HAVE_SELINUX = @HAVE_SELINUX@ HAVE_SEMANAGE = @HAVE_SEMANAGE@ HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@ +IDMAP_SAMBA_LIBS = @IDMAP_SAMBA_LIBS@ INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@ INI_CONFIG_LIBS = @INI_CONFIG_LIBS@ INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@ @@ -730,6 +731,7 @@ PAM_SERVICE_DIR = pam_service_dir CLEANFILES = config.py config.pyc passwd group PAM_CERT_DB_PATH = "$(abs_builddir)/../test_CA/SSSD_test_CA.pem" SOFTHSM2_CONF = "$(abs_builddir)/../test_CA/softhsm2_one.conf" +SOFTHSM2_TWO_CONF = "$(abs_builddir)/../test_CA/softhsm2_two.conf" all: all-am .SUFFIXES: @@ -1333,6 +1335,7 @@ intgcheck-installed: config.py passwd group pam_sss_service pam_sss_alt_service PAM_CERT_DB_PATH=$(PAM_CERT_DB_PATH) \ ABS_SRCDIR=$(abs_srcdir) \ SOFTHSM2_CONF=$(SOFTHSM2_CONF) \ + SOFTHSM2_TWO_CONF=$(SOFTHSM2_TWO_CONF) \ KCM_RENEW=$(KCM_RENEW) \ FILES_PROVIDER=$(FILES_PROVIDER) \ DBUS_SOCK_DIR="$(DESTDIR)$(runstatedir)/dbus/" \ diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py index fa503dd..c318d73 100644 --- a/src/tests/intg/test_files_provider.py +++ b/src/tests/intg/test_files_provider.py @@ -456,6 +456,19 @@ def sssd_id_sync(name): return res, groups +def sync_files_provider(name=None): + """ + Tests with files provider can fail because files provider did not yet + finish updating its cache. Polling for presents of the canary user makes + sure that we wait until the cache is updated. + """ + if name is None: + name = CANARY["name"] + + ret = poll_canary(call_sssd_getpwnam, name) + assert ret + + # Helper functions def user_generator(seqnum): return dict(name='user%d' % seqnum, diff --git a/src/tests/intg/test_pam_responder.py b/src/tests/intg/test_pam_responder.py index 1fc3937..a4b36c0 100644 --- a/src/tests/intg/test_pam_responder.py +++ b/src/tests/intg/test_pam_responder.py @@ -34,6 +34,7 @@ import kdc import pytest +from .test_files_provider import sync_files_provider from intg.util import unindent LDAP_BASE_DN = "dc=example,dc=com" @@ -168,7 +169,7 @@ def format_pam_cert_auth_conf(config, provider): {provider.p} [certmap/auth_only/user1] - matchrule = <SUBJECT>.*CN=SSSD test cert 0001.* + matchrule = <SUBJECT>.*CN=SSSD test cert 000[12].* """).format(**locals()) @@ -201,7 +202,7 @@ def format_pam_cert_auth_conf_name_format(config, provider): {provider.p} [certmap/auth_only/user1] - matchrule = <SUBJECT>.*CN=SSSD test cert 0001.* + matchrule = <SUBJECT>.*CN=SSSD test cert 000[12].* """).format(**locals()) @@ -381,6 +382,28 @@ def simple_pam_cert_auth_no_cert(request, passwd_ops_setup): @pytest.fixture +def simple_pam_cert_auth_two_certs(request, passwd_ops_setup): + """Setup SSSD with pam_cert_auth=True""" + config.PAM_CERT_DB_PATH = os.environ['PAM_CERT_DB_PATH'] + + old_softhsm2_conf = os.environ['SOFTHSM2_CONF'] + softhsm2_two_conf = os.environ['SOFTHSM2_TWO_CONF'] + os.environ['SOFTHSM2_CONF'] = softhsm2_two_conf + + conf = format_pam_cert_auth_conf(config, provider_switch(request.param)) + create_conf_fixture(request, conf) + create_sssd_fixture(request) + + os.environ['SOFTHSM2_CONF'] = old_softhsm2_conf + + passwd_ops_setup.useradd(**USER1) + passwd_ops_setup.useradd(**USER2) + sync_files_provider(USER2['name']) + + return None + + +@pytest.fixture def simple_pam_cert_auth_name_format(request, passwd_ops_setup): """Setup SSSD with pam_cert_auth=True and full_name_format""" config.PAM_CERT_DB_PATH = os.environ['PAM_CERT_DB_PATH'] @@ -522,6 +545,54 @@ def test_sc_auth(simple_pam_cert_auth, env_for_sssctl): assert err.find("pam_authenticate for user [user1]: Success") != -1 +@pytest.mark.parametrize('simple_pam_cert_auth_two_certs', provider_list(), indirect=True) +def test_sc_auth_two(simple_pam_cert_auth_two_certs, env_for_sssctl): + + sssctl = subprocess.Popen(["sssctl", "user-checks", "user1", + "--action=auth", "--service=pam_sss_service"], + universal_newlines=True, + env=env_for_sssctl, stdin=subprocess.PIPE, + stdout=subprocess.PIPE, stderr=subprocess.PIPE) + + try: + out, err = sssctl.communicate(input="2\n123456") + except Exception: + sssctl.kill() + out, err = sssctl.communicate() + + sssctl.stdin.close() + sssctl.stdout.close() + + if sssctl.wait() != 0: + raise Exception("sssctl failed") + + assert err.find("pam_authenticate for user [user1]: Success") != -1 + + +@pytest.mark.parametrize('simple_pam_cert_auth_two_certs', provider_list(), indirect=True) +def test_sc_auth_two_missing_name(simple_pam_cert_auth_two_certs, env_for_sssctl): + + sssctl = subprocess.Popen(["sssctl", "user-checks", "", + "--action=auth", "--service=pam_sss_allow_missing_name"], + universal_newlines=True, + env=env_for_sssctl, stdin=subprocess.PIPE, + stdout=subprocess.PIPE, stderr=subprocess.PIPE) + + try: + out, err = sssctl.communicate(input="2\n123456") + except Exception: + sssctl.kill() + out, err = sssctl.communicate() + + sssctl.stdin.close() + sssctl.stdout.close() + + if sssctl.wait() != 0: + raise Exception("sssctl failed") + + assert err.find("pam_authenticate for user [user1]: Success") != -1 + + @pytest.mark.parametrize('simple_pam_cert_auth', ['proxy_password'], indirect=True) def test_sc_proxy_password_fallback(simple_pam_cert_auth, env_for_sssctl): """ diff --git a/src/tests/multihost/basic/test_kcm.py b/src/tests/multihost/basic/test_kcm.py index 8f527f6..d1c15bc 100644 --- a/src/tests/multihost/basic/test_kcm.py +++ b/src/tests/multihost/basic/test_kcm.py @@ -8,14 +8,17 @@ """ import os import re + import pytest from pexpect import pxssh from utils_config import set_param + from sssd.testlib.common.utils import sssdTools class TestSanityKCM(object): """ KCM Sanity Test cases """ + def _kcm_service_op(self, multihost, svc_op): systemd_kcm_op = 'systemctl %s sssd-kcm' % (svc_op) multihost.master[0].run_command(systemd_kcm_op) @@ -39,7 +42,7 @@ class TestSanityKCM(object): try: multihost.master[0].transport.get_file(kcm_log_file, local_kcm_log_file) - except FileNotFoundError: + except (FileNotFoundError, OSError): return 0 nlines = sum(1 for line in open(local_kcm_log_file)) @@ -51,6 +54,7 @@ class TestSanityKCM(object): 'rm -f /var/lib/sss/secrets/secrets.ldb') self._restart_kcm(multihost) + @pytest.mark.converted('test_kcm.py', 'test_kcm__kinit_kcm_krb5ccname') @pytest.mark.usefixtures("enable_kcm") def test_kinit_kcm(self, multihost): """ @@ -70,6 +74,7 @@ class TestSanityKCM(object): assert cmd2.returncode == 0, "klist failed!" assert 'Ticket cache: KCM:14583103' in cmd2.stdout_text + @pytest.mark.converted('test_kcm.py', 'test_kcm_ssh_login_creates_kerberos_ticket') @staticmethod @pytest.mark.usefixtures("enable_kcm") def test_ssh_login_kcm(multihost): @@ -85,6 +90,7 @@ class TestSanityKCM(object): 'journalctl -u sssd -n 50 --no-pager') assert ssh0, "Authentication Failed as user foo4" + @pytest.mark.converted('test_kcm.py', 'test_kcm__debug_log_enabled') @pytest.mark.usefixtures("enable_kcm") def test_kcm_debug_level_set(self, multihost): """ @@ -133,6 +139,7 @@ class TestSanityKCM(object): log_lines_debug = self._kcm_log_length(multihost) assert log_lines_debug > log_lines_pre + 100 + @pytest.mark.converted('test_kcm.py', 'test_kcm__kdestroy_nocache') @staticmethod @pytest.mark.usefixtures("enable_kcm") def test_kdestroy_retval(multihost): @@ -191,6 +198,7 @@ class TestSanityKCM(object): assert 'KCM:14583103' in klist, "kinit did not work!" assert 'KCM:14583109' in ssh_output, "Ticket not forwarded!" + @pytest.mark.converted('test_kcm.py', 'test_kcm__display_correct_kvno') @staticmethod @pytest.mark.usefixtures("enable_kcm") def test_kvno_display(multihost): @@ -216,6 +224,7 @@ class TestSanityKCM(object): else: pytest.fail("kvno display was improper") + @pytest.mark.converted('test_kcm.py', 'test_kcm__configure_max_uid_ccaches_with_different_values') @pytest.mark.usefixtures("enable_kcm", "create_many_user_principals") def test_kcm_peruid_quota(self, multihost): """ @@ -268,6 +277,7 @@ class TestSanityKCM(object): multihost.master[0].run_command( 'su -l foo3 -c "kdestroy -A"', raiseonerr=False) + @pytest.mark.converted('test_kcm.py', 'test_kcm__configure_max_uid_ccaches_with_different_values') @pytest.mark.usefixtures("enable_kcm", "create_many_user_principals") def test_kcm_peruid_quota_increase(self, multihost): """ @@ -310,6 +320,7 @@ class TestSanityKCM(object): multihost.master[0].run_command( f'su -l {user} -c "kdestroy -A"', raiseonerr=False) + @pytest.mark.converted('test_kcm.py', 'test_kcm__configure_max_uid_ccaches_with_different_values') @pytest.mark.usefixtures("enable_kcm") def test_kcm_payload_low_quota(self, multihost): """ diff --git a/src/tests/test_CA/Makefile.in b/src/tests/test_CA/Makefile.in index 70ce67a..8bba45e 100644 --- a/src/tests/test_CA/Makefile.in +++ b/src/tests/test_CA/Makefile.in @@ -310,6 +310,7 @@ HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@ HAVE_SELINUX = @HAVE_SELINUX@ HAVE_SEMANAGE = @HAVE_SEMANAGE@ HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@ +IDMAP_SAMBA_LIBS = @IDMAP_SAMBA_LIBS@ INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@ INI_CONFIG_LIBS = @INI_CONFIG_LIBS@ INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@ diff --git a/src/tests/test_CA/intermediate_CA/Makefile.am b/src/tests/test_CA/intermediate_CA/Makefile.am index b439f82..50fcddb 100644 --- a/src/tests/test_CA/intermediate_CA/Makefile.am +++ b/src/tests/test_CA/intermediate_CA/Makefile.am @@ -33,7 +33,7 @@ SSSD_test_CA.pem: ln -s $(builddir)/../$@ SSSD_test_intermediate_CA_req.pem: $(openssl_intermediate_ca_key) $(openssl_intermediate_ca_config) SSSD_test_CA.pem - $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -extensions v3_ca -out $@ + $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -out $@ SSSD_test_intermediate_CA.pem: SSSD_test_intermediate_CA_req.pem $(openssl_root_ca_config) $(openssl_root_ca_key) cd .. && $(OPENSSL) ca -config ${openssl_root_ca_config} -batch -notext -keyfile $(openssl_root_ca_key) -in $(abs_builddir)/$< -days 200 -extensions v3_intermediate_ca -out $(abs_builddir)/$@ diff --git a/src/tests/test_CA/intermediate_CA/Makefile.in b/src/tests/test_CA/intermediate_CA/Makefile.in index 06be94a..6bfa038 100644 --- a/src/tests/test_CA/intermediate_CA/Makefile.in +++ b/src/tests/test_CA/intermediate_CA/Makefile.in @@ -251,6 +251,7 @@ HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@ HAVE_SELINUX = @HAVE_SELINUX@ HAVE_SEMANAGE = @HAVE_SEMANAGE@ HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@ +IDMAP_SAMBA_LIBS = @IDMAP_SAMBA_LIBS@ INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@ INI_CONFIG_LIBS = @INI_CONFIG_LIBS@ INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@ @@ -756,7 +757,7 @@ SSSD_test_CA.pem: ln -s $(builddir)/../$@ SSSD_test_intermediate_CA_req.pem: $(openssl_intermediate_ca_key) $(openssl_intermediate_ca_config) SSSD_test_CA.pem - $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -extensions v3_ca -out $@ + $(OPENSSL) req -batch -config ${openssl_intermediate_ca_config} -new -nodes -key $< -sha256 -out $@ SSSD_test_intermediate_CA.pem: SSSD_test_intermediate_CA_req.pem $(openssl_root_ca_config) $(openssl_root_ca_key) cd .. && $(OPENSSL) ca -config ${openssl_root_ca_config} -batch -notext -keyfile $(openssl_root_ca_key) -in $(abs_builddir)/$< -days 200 -extensions v3_intermediate_ca -out $(abs_builddir)/$@ diff --git a/src/tests/test_ECC_CA/Makefile.in b/src/tests/test_ECC_CA/Makefile.in index 3283a80..b1f0041 100644 --- a/src/tests/test_ECC_CA/Makefile.in +++ b/src/tests/test_ECC_CA/Makefile.in @@ -251,6 +251,7 @@ HAVE_PYTHON3_BINDINGS = @HAVE_PYTHON3_BINDINGS@ HAVE_SELINUX = @HAVE_SELINUX@ HAVE_SEMANAGE = @HAVE_SEMANAGE@ HAVE_UID_WRAPPER = @HAVE_UID_WRAPPER@ +IDMAP_SAMBA_LIBS = @IDMAP_SAMBA_LIBS@ INI_CONFIG_CFLAGS = @INI_CONFIG_CFLAGS@ INI_CONFIG_LIBS = @INI_CONFIG_LIBS@ INI_CONFIG_V0_CFLAGS = @INI_CONFIG_V0_CFLAGS@ |