[27015] in CVS-changelog-for-Kerberos-V5
krb5 commit: Test the inconsistent locking fix and svc unavail
daemon@ATHENA.MIT.EDU (Greg Hudson)
Wed Sep 12 15:03:56 2012
Date: Wed, 12 Sep 2012 15:03:34 -0400
From: Greg Hudson <ghudson@mit.edu>
Message-Id: <201209121903.q8CJ3Y1W014456@drugstore.mit.edu>
To: cvs-krb5@mit.edu
Reply-To: krbdev@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cvs-krb5-bounces@mit.edu
https://github.com/krb5/krb5/commit/b2e7deb7cb2d9c37f00599778f4a102feaf6149d
commit b2e7deb7cb2d9c37f00599778f4a102feaf6149d
Author: Nicolas Williams <nico@cryptonector.com>
Date: Tue Sep 11 22:27:12 2012 -0500
Test the inconsistent locking fix and svc unavail
Test the fix for https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
Also test that krb5kdc can return svc unavailable
src/tests/Makefile.in | 1 +
src/tests/t_kdb_locking.py | 39 +++++++++++++++++++++++++++++++++++++++
2 files changed, 40 insertions(+), 0 deletions(-)
diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in
index b78f92a..26576fd 100644
--- a/src/tests/Makefile.in
+++ b/src/tests/Makefile.in
@@ -68,6 +68,7 @@ check-pytests:: hist
$(RUNPYTEST) $(srcdir)/t_anonpkinit.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_lockout.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_kadm5_hook.py $(PYTESTFLAGS)
+ $(RUNPYTEST) $(srcdir)/t_kdb_locking.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_keyrollover.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_allowed_keysalts.py $(PYTESTFLAGS)
$(RUNPYTEST) $(srcdir)/t_renew.py $(PYTESTFLAGS)
diff --git a/src/tests/t_kdb_locking.py b/src/tests/t_kdb_locking.py
new file mode 100644
index 0000000..89da97b
--- /dev/null
+++ b/src/tests/t_kdb_locking.py
@@ -0,0 +1,39 @@
+#!/usr/bin/python
+
+# This is a regression test for
+# https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
+#
+# We start a KDC, remove the kadm5 lock file, use the KDC, re-create the
+# kadm5 lock file, and use kadmin.local. The kinit should fail, and the
+# kadmin.local should succeed.
+
+
+import os
+
+from k5test import *
+
+kdc_conf = {
+ 'all' : { 'libdefaults' : { 'default_realm' : 'KRBTEST.COM'}}
+}
+
+p = 'foo'
+realm = K5Realm(kdc_conf=kdc_conf, create_user=False)
+realm.addprinc(p, p)
+
+kadm5_lock = os.path.join(realm.testdir, 'master-db.kadm5.lock')
+if not os.path.exists(kadm5_lock):
+ fail('kadm5 lock file not created: ' + kadm5_lock)
+os.unlink(kadm5_lock)
+
+output = realm.kinit(p, p, [], expected_code=1)
+if 'A service is not available' not in output:
+ fail('krb5kdc should have returned service not available error')
+
+f = open(kadm5_lock, 'w')
+f.close()
+
+output = realm.run_kadminl('modprinc -allow_tix ' + p)
+if 'Cannot lock database' in output:
+ fail('krb5kdc still holds a lock on the principal db')
+
+success('KDB locking tests')
_______________________________________________
cvs-krb5 mailing list
cvs-krb5@mit.edu
https://mailman.mit.edu/mailman/listinfo/cvs-krb5
