[28846] in CVS-changelog-for-Kerberos-V5
krb5 commit: Add kpropd -t iprop-mode tests
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Apr 13 18:00:03 2015
Date: Mon, 13 Apr 2015 17:59:53 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201504132159.t3DLxrr3027104@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/fa76eebe09c09063b64715da4b7bcb7a969848da
commit fa76eebe09c09063b64715da4b7bcb7a969848da
Author: Greg Hudson <ghudson@mit.edu>
Date: Wed Apr 8 18:12:31 2015 -0400
Add kpropd -t iprop-mode tests
Add a run_kpropd_once() method to K5Realm(), and add tests to
t_iprop.py for the cases where no updates are needed, where
incremental updates are needed, and where a full resync is needed
followed by a poll for updates.
ticket: 8161
src/tests/t_iprop.py | 46 ++++++++++++++++++++++++++++++++++++++++++++++
src/util/k5test.py | 19 ++++++++++++++-----
2 files changed, 60 insertions(+), 5 deletions(-)
diff --git a/src/tests/t_iprop.py b/src/tests/t_iprop.py
index 78938fc..1ed8dbd 100755
--- a/src/tests/t_iprop.py
+++ b/src/tests/t_iprop.py
@@ -352,4 +352,50 @@ kpropd2.send_signal(signal.SIGUSR1)
wait_for_prop(kpropd2, True, 2, 0)
check_ulog(0, 0, 0, [], slave2)
+# Stop the kprop daemons so we can test kpropd -t.
+stop_daemon(kpropd1)
+stop_daemon(kpropd2)
+
+# Test the case where no updates are needed.
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'KDC is synchronized' not in out:
+ fail('Expected synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+
+# Make a change on the master; this will cause a full resync since the
+# master was recently reinitialized.
+realm.run([kadminl, 'modprinc', '-maxlife', '5 minutes', pr1])
+check_ulog(1, 1, 1, [pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+ 'KDC is synchronized' not in out):
+ fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 1, [], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:05:00' not in out:
+ fail('slave1 does not have modification from master after kpropd -t')
+
+# Make another change and get it via incremental update.
+realm.run([kadminl, 'modprinc', '-maxlife', '15 minutes', pr1])
+check_ulog(2, 1, 2, [pr1, pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'Got incremental updates (sno=2 ' not in out:
+ fail('Expected incremental updates from kpropd -t')
+check_ulog(1, 2, 2, [pr1], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:15:00' not in out:
+ fail('slave1 does not have modification from master after kpropd -t')
+
+# Propagate a policy change via full resync.
+realm.run([kadminl, 'addpol', '-minclasses', '3', 'testpol'])
+check_ulog(0, 0, 0, [])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+ 'KDC is synchronized' not in out):
+ fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+out = realm.run([kadminl, 'getpol', 'testpol'], env=slave1)
+if 'Minimum number of password character classes: 3' not in out:
+ fail('slave1 does not have policy from master after kpropd -t')
+
success('iprop tests')
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 935ec55..5aedff8 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -309,6 +309,11 @@ Scripts may use the following realm methods and attributes:
is given, it contains a list of additional kpropd arguments.
Returns a handle to the kpropd process.
+* realm.run_kpropd_once(env, args=[]): Run kpropd once, using the -t
+ flag. Pass an environment created with realm.special_env() for the
+ slave. If args is given, it contains a list of additional kpropd
+ arguments. Returns the kpropd output.
+
* realm.realm: The realm's name.
* realm.testdir: The realm's storage directory (absolute path).
@@ -925,16 +930,20 @@ class K5Realm(object):
stop_daemon(self._kadmind_proc)
self._kadmind_proc = None
- def start_kpropd(self, env, args=[]):
- global krb5kdc
+ def _kpropd_args(self):
slavedump_path = os.path.join(self.testdir, 'incoming-slave-datatrans')
kpropdacl_path = os.path.join(self.testdir, 'kpropd-acl')
- proc = _start_daemon([kpropd, '-D', '-P', str(self.kprop_port()),
- '-f', slavedump_path, '-p', kdb5_util,
- '-a', kpropdacl_path] + args, env, 'ready')
+ return [kpropd, '-D', '-P', str(self.kprop_port()),
+ '-f', slavedump_path, '-p', kdb5_util, '-a', kpropdacl_path]
+
+ def start_kpropd(self, env, args=[]):
+ proc = _start_daemon(self._kpropd_args() + args, env, 'ready')
self._kpropd_procs.append(proc)
return proc
+ def run_kpropd_once(self, env, args=[]):
+ return self.run(self._kpropd_args() + ['-t'] + args, env=env)
+
def stop(self):
if self._kdc_proc:
self.stop_kdc()
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
