diff options
author | Lukas Slebodnik <lslebodn@redhat.com> | 2015-08-04 11:59:35 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-08-05 12:51:35 +0200 |
commit | c3baf4d7c0cbd139d96fd04f6b3c175d2f99de6c (patch) | |
tree | 566dd97a3bbd2c1b05c15a57ed9ac8c927adc3dc /src/tests | |
parent | e693e9c67e0b4c5b38ba7ce7d04f718b2da2e2d0 (diff) | |
download | sssd-c3baf4d7c0cbd139d96fd04f6b3c175d2f99de6c.tar.gz sssd-c3baf4d7c0cbd139d96fd04f6b3c175d2f99de6c.tar.xz sssd-c3baf4d7c0cbd139d96fd04f6b3c175d2f99de6c.zip |
test_memory_cache: Test mmap cache after initgroups
Reviewed-by: Michal Židek <mzidek@redhat.com>
Diffstat (limited to 'src/tests')
-rw-r--r-- | src/tests/intg/test_memory_cache.py | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/src/tests/intg/test_memory_cache.py b/src/tests/intg/test_memory_cache.py index 12ce3c505..c809a4b6d 100644 --- a/src/tests/intg/test_memory_cache.py +++ b/src/tests/intg/test_memory_cache.py @@ -19,6 +19,7 @@ import os import stat import ent +import grp import config import signal import subprocess @@ -481,3 +482,91 @@ def test_initgroups_case_insensitive_with_mc3(ldap_conn, assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last, primary_gid, expected_gids) + + +def run_simple_test_with_initgroups(): + ent.assert_passwd_by_name( + 'user1', + dict(name='user1', passwd='*', uid=1001, gid=2001, + gecos='1001', shell='/bin/bash')) + ent.assert_passwd_by_uid( + 1001, + dict(name='user1', passwd='*', uid=1001, gid=2001, + gecos='1001', shell='/bin/bash')) + + ent.assert_group_by_name( + "group1", + dict(mem=ent.contains_only("user1", "user11", "user21"))) + ent.assert_group_by_gid( + 2001, + dict(mem=ent.contains_only("user1", "user11", "user21"))) + + # unrelated group to user1 + ent.assert_group_by_name( + "group2", + dict(mem=ent.contains_only("user2", "user12", "user22"))) + ent.assert_group_by_gid( + 2002, + dict(mem=ent.contains_only("user2", "user12", "user22"))) + + assert_initgroups_equal("user1", 2001, [2000, 2001]) + + +def test_invalidation_of_gids_after_initgroups(ldap_conn, sanity_rfc2307): + + # the sssd cache was empty and not all user's group were + # resolved with getgr{nm,gid}. Therefore there is a change in + # group membership => user groups should be invalidated + run_simple_test_with_initgroups() + assert_initgroups_equal("user1", 2001, [2000, 2001]) + + stop_sssd() + + ent.assert_passwd_by_name( + 'user1', + dict(name='user1', passwd='*', uid=1001, gid=2001, + gecos='1001', shell='/bin/bash')) + ent.assert_passwd_by_uid( + 1001, + dict(name='user1', passwd='*', uid=1001, gid=2001, + gecos='1001', shell='/bin/bash')) + + # unrelated group to user1 must be returned + ent.assert_group_by_name( + "group2", + dict(mem=ent.contains_only("user2", "user12", "user22"))) + ent.assert_group_by_gid( + 2002, + dict(mem=ent.contains_only("user2", "user12", "user22"))) + + assert_initgroups_equal("user1", 2001, [2000, 2001]) + + # user groups must be invalidated + for group in ["group1", "group0x"]: + with pytest.raises(KeyError): + grp.getgrnam(group) + + for gid in [2000, 2001]: + with pytest.raises(KeyError): + grp.getgrgid(gid) + + +def test_initgroups_without_change_in_membership(ldap_conn, sanity_rfc2307): + + # the sssd cache was empty and not all user's group were + # resolved with getgr{nm,gid}. Therefore there is a change in + # group membership => user groups should be invalidated + run_simple_test_with_initgroups() + + # invalidate cache + subprocess.call(["sss_cache", "-E"]) + + # all users and groups will be just refreshed from LDAP + # but there will not be a change in group membership + # user groups should not be invlaidated + run_simple_test_with_initgroups() + + stop_sssd() + + # everything should be in memory cache + run_simple_test_with_initgroups() |