summaryrefslogtreecommitdiffstats
path: root/ipatests
Commit message (Collapse)AuthorAgeFilesLines
* ipatests: Fix incorrect order of operations when restoring backupTomas Babej2014-02-251-1/+1
| | | | | | | | | | When restoring files from backup, we do use an incorrect order of operations - we first restore SELinux context and then copy the files from backup, when we need to do the exact opposite. https://fedorahosted.org/freeipa/ticket/4133 Reviewed-By: Jan Pazdziora <jpazdziora@redhat.com>
* Fix test_host_plugin for DNS Classless Reverse zonesMartin Basti2014-02-121-2/+2
| | | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4143 Reviewed-by: Martin Kosek <mkosek@redhat.com>
* DNS tests for classless reverse domainsMartin Basti2014-02-123-19/+302
| | | | | | Ticket: https://fedorahosted.org/freeipa/ticket/4143 Reviewed-by: Martin Kosek <mkosek@redhat.com>
* ipatests: Do not require group name resolution for the non-posix testsTomas Babej2014-02-111-4/+16
| | | | | | | | | | In the non-posix tests on the legacy clients, the testuser does not belong to the testgroup (since this is represented by the NIS group membership). Relax the regular expression check for the output of the id testuser. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Change expected home directories returned by getentTomas Babej2014-02-112-8/+20
| | | | | | | | | | | | | The hardcoded values for the home directories for the AD users did not properly scale up from the POSIX attrs only test scanario. When using POSIX attrs, the home dir is returned as whatever is set in the AD (/home/username by default). Without using POSIX attributes, the /home/domain/username form is taken by default. Refactor the tests to take this behaviour into account. Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Add test cases for subdomain users on legacy clientsTomas Babej2014-02-111-9/+113
| | | | | | | | | | | Adds test cases for: * getent subdomain user on legacy client * getent subdomain group on legacy client * getent id subdomain user on legacy client * ssh into legacy client with subdomain user * ssh into legacy client with disabled subdomain user Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
* ipatests: Stop sssd service before deleting the cacheTomas Babej2014-02-101-2/+2
| | | | | | | | In the integration tests, we do not stop the sssd service before deleting the cache, but rather start it. We need to stop sssd before deleting the cache. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Make sure we re-kinit as admin before adding the disabledipauserTomas Babej2014-02-101-0/+2
| | | | | | | | | When we add the disabledipauser during the setup class part of the BaseTestLegacyClient, we need to make sure that we re-kinit admin since we do ntpsync with the AD just before that, which can render the previous ticket invalid. Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Perform a connection test before preparing the clientTomas Babej2014-02-101-0/+4
| | | | | | | | | | | | When the host is down, the preparation of the host fails. This produces misleading errors, since the test framework reports that the actual command being executed failed, when in fact (in case of SSHTransport), the cause of failure was unability to establish a SSH session. https://fedorahosted.org/freeipa/ticket/4132 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: legacy_clients: Test legacy clients with non-posix trustTomas Babej2014-02-101-13/+76
| | | | | | | | | Adds test cases for legacy client support with IPA that has estabilish trust with AD that does not leverage POSIX attributes defined on AD. https://fedorahosted.org/freeipa/ticket/4134 Reviewed-By: Nathaniel McCallum <npmccallum@redhat.com>
* ipatests: Run restoring backup files and restoring their context in one sessionTomas Babej2014-02-051-10/+14
| | | | | | | | | | | | | | Restoring backup files and restoring their context were two separate commands, what means that in case we use SSHTrasport, which creates a separate SSH session for each command, we try to restore the SELinux context of the changed files in a new session. This causes problems, if the access to files themselves are necessary for the creation of the new SSH session. https://fedorahosted.org/freeipa/ticket/4133 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: Add records for all hosts in master's domainTomas Babej2014-02-053-0/+62
| | | | | | | | | | | | | | All the hosts in the domain have IPA master set as their only nameserver. However, the IPA master does not create records for these machines by default. This is not an big issue for clients or replicas, since those records do get created in other ways, but external hosts using their internal hostnames will not resolve. Adds an A record for each host in master's domain. https://fedorahosted.org/freeipa/ticket/4130 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* ipatests: test_legacy_clients: Change "test group" to "testgroup"Tomas Babej2014-02-051-2/+2
| | | | | | | | | | The integration test for legacy clients used incorrectly "test group" instead of "testgroup" as group used on AD for test purposes. This is inconsistent with the usage of "testuser". https://fedorahosted.org/freeipa/ticket/4131 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
* integration tests OpenSSHTransport: Expand tilde to home in ↵Petr Viktorin2014-02-051-1/+2
| | | | | | | | | root_ssh_key_filename Expand paths beginning with a tilde, such as the default ~/.ssh/id_rsa, to the home directory. https://fedorahosted.org/freeipa/ticket/4115
* ipatests: Check for legacy_client attribute presence if unapplying fixesTomas Babej2014-01-201-1/+5
| | | | | | | | | | When legacy client tests fail during IPA installation, the legacy client test produces an additional misleading error (the real cause is reported as well). This happens due the fact that we try to cleanup host that was not yet defined. We need to check for this attribute being defined before unapplying fixes there. https://fedorahosted.org/freeipa/ticket/4124
* ipatests: Remove sudo calls from tasksTomas Babej2014-01-201-2/+2
| | | | | | | | Sudo calls are not necessary since we log in as a root. Additionally, sudo requires tty in default configuration, which is not acquired when using OpenSSH transport. https://fedorahosted.org/freeipa/ticket/4125
* Stop adding a default password policy referenceSimo Sorce2014-01-1610-73/+0
| | | | | | | | | | | | | | | | | | Both the password plugin and the kdb driver code automatically fall back to the default password policy. so stop adding an explicit reference to user objects and instead rely on the fallback. This way users created via the framework and users created via winsync plugin behave the same way wrt password policies and no surprises will happen. Also in case we need to change the default password policy DN this will allow just code changes instead of having to change each user entry created, and distinguish between the default policy and explicit admin changes. Related: https://fedorahosted.org/freeipa/ticket/4085 Patch backported/updated by Martin Kosek to accomodate different ipatests structure in ipa-3-3 branch.
* Change the way we determine if the host has a password set.Rob Crittenden2014-01-151-0/+27
| | | | | | | | | | When creating a host with a password we don't set a Kerberos principal or add the Kerberos objectclasses. Those get added when the host is enrolled. If one passed in --password= (so no password) then we incorrectly thought the user was in fact setting a password, so the principal and objectclasses weren't updated. https://fedorahosted.org/freeipa/ticket/4102
* test_webui: Allow False values in configuration for no_ca, no_dns, has_trustsPetr Viktorin2013-12-101-3/+3
| | | | | | | | | | | | The driver only checked if the corresponding value was in the config, so no_dns: False had the same effect as no_dns: True Change the check to take the value into consideration. This makes false-y values like False (from YAML) and empty string (from environment) work as if the value was not specified.
* test_integration: Log external hostname in Host.ldap_connectPetr Viktorin2013-12-061-1/+1
| | | | This may make debugging easier if the address is set incorrectly.
* test_integration: Support external names for hostsPetr Viktorin2013-12-062-7/+16
| | | | | | | | | | | | The framework had a concept of external hostnames, which the controller uses to contact the test machines, but they were not loaded from configuration. Load external names from configuration. This makes tests pass in setups where internal and external hostnames are different, and the internal hostnames are not initially resolvable from the controller.
* ipatests: test_trust: use domain name instead of realm for user lookupsTomas Babej2013-11-011-3/+6
|
* ipatests: Add integration tests for legacy clientsTomas Babej2013-11-011-0/+261
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Add support for extra roles referenced by a keywordTomas Babej2013-10-316-40/+158
| | | | | | | | | | | | | | | | | | Adds support for host definition by a environment variables of the following form: ROLE_<keyword>_envX, where X is the number of the environment for which host referenced by a role <keyword> should be defined. Adds a required_extra_roles attribute to the IntegrationTest class, which can test developer use to specify the extra roles that this particular test requires. If not all required extra roles are available, the test will be skipped. All extra (and static) roles are accessible to the IntegrationTests via the host_by_role method, which returns a host of given role. Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Do not use /usr/bin hardcoded pathsTomas Babej2013-10-311-6/+7
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Restore SELinux context after restoring files from backupTomas Babej2013-10-311-0/+12
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* ipatests: Extend clear_sssd_cache to support non-systemd platformsTomas Babej2013-10-311-6/+16
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3833
* Fix password expiration notificationPetr Vobornik2013-10-302-14/+131
| | | | | | - was broken by navigation and application controller refactoring https://fedorahosted.org/freeipa/ticket/4003
* beakerlib plugin: Don't try to submit logs if they are missingPetr Viktorin2013-10-301-0/+1
|
* Tests: mkdir_recursive: Don't fail when top-level directory doesn't existPetr Viktorin2013-10-301-4/+4
| | | | | | When the directory directly under root (e.g. /etc) did not exist, mkdir_recursive failed. Fix the issue.
* Add test for external CA installationAna Krivokapic2013-10-291-0/+107
| | | | https://fedorahosted.org/freeipa/ticket/3819
* ipatests: Add AD integration test caseTomas Babej2013-10-251-0/+188
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Add AD-integration related tasksTomas Babej2013-10-243-5/+324
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Add WinHost classTomas Babej2013-10-241-0/+19
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Create util module for ipatestsTomas Babej2013-10-241-0/+60
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Extend IntegrationTest with multiple AD domain supportTomas Babej2013-10-241-10/+18
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Extend domain object with 'ad' role support and WinHostsTomas Babej2013-10-241-20/+25
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* ipatests: Add Active Directory support to configurationTomas Babej2013-10-242-3/+47
| | | | Part of: https://fedorahosted.org/freeipa/ticket/3834
* test_simple_replication: Fix waiting for replicationPetr Viktorin2013-10-182-2/+4
| | | | | | | | | | | The integration tests must wait for replication to happen before checking results. In some cases, the tests have failed because the checks that detect completed replication were insufficient. This fixes the code to: - Wait for replication to be completed on both servers - In the case of an error, continue waiting -- it might be the case that the DS is temporarily unreachable
* Use new CLI options in certinstall testsPetr Viktorin2013-10-181-12/+33
| | | | | | | | | | The --pin and --dirman-password options simplified ipa-certinstall usage. Use them in tests. Also add tests for the old way of calling the command. https://fedorahosted.org/freeipa/ticket/3869 http://www.freeipa.org/page/V3/ipa-server-certinstall_CLI_cleanup
* test_caless.TestCertInstall: Fix 'test_no_ds_password' test casePetr Viktorin2013-10-181-1/+1
| | | | The test installed the HTTP cert instead of the DS one.
* ipatests: Extend the order plugin to properly handle inheritanceTomas Babej2013-10-171-1/+24
| | | | | | | | | | | When trying to create a new ordered test case by inheriting from already defined test case, by overriding few of its methods, the execution order of the tests is as follows: - first all non-overriden test methods from the parent test class - then all overriden tests methods This patch makes sure that methods are executed in the logical order, that is, the order defined in the parent class.
* Add tests for installing with empty PKCS#12 passwordPetr Viktorin2013-10-041-14/+87
|
* frontend: report arguments errors with better detailAlexander Bokovoy2013-10-041-1/+1
| | | | | When reporting argument errors, show also a context -- what is processed, what is the name of the command.
* ipatests.test_cmdline.test_help: Re-raise unexpected exceptions on failurePetr Viktorin2013-10-031-1/+2
| | | | | | If an exception is expected, but another one is raised, the CLITestContext raised a generic AssertionError. Pass through the original exception instead
* ipatests.test_integration.host: Add logging to ldap_connect()Petr Vobornik2013-10-031-2/+4
|
* ipatests.beakerlib_plugin: Add argument of generated tests to test captionsPetr Viktorin2013-10-032-1/+9
| | | | | | | | | | | To differentiate between individual tests in BeakerLib output, the argument needs to be added to the test name. Since Nose doesn't provide a way to get the argument in a plugin, a `test_argument` attribute must be added to the test function to support this, simlarly to how `description` is used to set individual "docstrings". Add test_argument to the generated tests in the CA-less suite.
* ipatests.order_plugin: Exclude test generators from the orderPetr Viktorin2013-10-031-1/+14
| | | | | | | Ordered test generators were not announced in plugin hooks, so e.g. the Beakerlib or collect plugin did not announce them. Exclude test generators from ordering.
* ipatests.beakerlib_plugin: Warn instead of failing when some logs are missingPetr Viktorin2013-10-031-2/+1
|
* ipatests.test_integration.test_caless: Fix mkdir_recursive callPetr Viktorin2013-10-031-1/+1
|
generated by cgit (git 2.34.1) at 2025-09-03 22:39:44 +0000