summaryrefslogtreecommitdiffstats
path: root/src/tests
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2016-03-17 08:19:18 +0100
committerJakub Hrozek <jhrozek@redhat.com>2016-07-07 10:26:01 +0200
commit2dcf7b9b65df21f2aee6cdf051a7fbdef6dfe034 (patch)
treeddea07a4ba5ce486464137c8dcc8d39d7b98b11a /src/tests
parent27bf39ed3e197497cf4aca58038d788ea5b5ddbc (diff)
downloadsssd-2dcf7b9b65df21f2aee6cdf051a7fbdef6dfe034.tar.gz
sssd-2dcf7b9b65df21f2aee6cdf051a7fbdef6dfe034.tar.xz
sssd-2dcf7b9b65df21f2aee6cdf051a7fbdef6dfe034.zip
NSS: Fix NSS responder to cope with fully-qualified usernames
Adds a utility function sized_output_name() which wraps the output_name() function and returns the sized_struct structure. This function is used when formatting the output name for the client, but also when saving/deleting the memory cache entries. Its sister function sized_member_name() is very similar, but infers the domain name from memberuid or ghost attribute. Because all names internally are used in the same format, the logic to append domain or format the usename for output in the fill_XXX() family of functions is much simpler. In general, adding a domain suffix no longer relies in the domain being a subdomain, but only the dom->fqnames The parse_member() function was removed because it is no longer required. The nss test was amended to store names in the internal fqdn format on input and checks for either shortnames or qualified names with the right format created using sss_tc_fqname() on output. Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/tests')
-rw-r--r--src/tests/cmocka/test_nss_srv.c1295
1 files changed, 825 insertions, 470 deletions
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c
index a043a8076..c894164a8 100644
--- a/src/tests/cmocka/test_nss_srv.c
+++ b/src/tests/cmocka/test_nss_srv.c
@@ -352,7 +352,170 @@ static void check_initgr_packet(uint8_t *body, size_t blen,
}
}
+static errno_t store_user(struct nss_test_ctx *ctx,
+ struct sss_domain_info *dom,
+ struct passwd *user,
+ struct sysdb_attrs *attrs,
+ time_t cache_update)
+{
+ errno_t ret;
+ char *fqname;
+
+ fqname = sss_create_internal_fqname(ctx,
+ user->pw_name,
+ dom->name);
+ if (fqname == NULL) {
+ return ENOMEM;
+ }
+
+ /* Prime the cache with a valid user */
+ ret = sysdb_store_user(dom,
+ fqname,
+ user->pw_passwd,
+ user->pw_uid,
+ user->pw_gid,
+ user->pw_gecos,
+ user->pw_dir,
+ user->pw_shell,
+ NULL, attrs,
+ NULL, 300, cache_update);
+ talloc_free(fqname);
+ return ret;
+}
+
+static errno_t set_user_attr(struct nss_test_ctx *ctx,
+ struct sss_domain_info *dom,
+ struct passwd *user,
+ struct sysdb_attrs *attrs)
+{
+ errno_t ret;
+ char *fqname;
+
+ fqname = sss_create_internal_fqname(ctx,
+ user->pw_name,
+ dom->name);
+ if (fqname == NULL) {
+ return ENOMEM;
+ }
+
+ ret = sysdb_set_user_attr(nss_test_ctx->tctx->dom,
+ fqname,
+ attrs, SYSDB_MOD_REP);
+ talloc_free(fqname);
+ return ret;
+}
+
+static int get_user(TALLOC_CTX *mem_ctx,
+ struct sss_domain_info *domain,
+ const char *shortname,
+ struct ldb_result **_res)
+{
+ errno_t ret;
+ char *fqname;
+
+ fqname = sss_create_internal_fqname(mem_ctx, shortname,
+ domain->name);
+ if (fqname == NULL) {
+ return ENOMEM;
+ }
+
+ ret = sysdb_getpwnam(mem_ctx, domain, fqname, _res);
+ talloc_free(fqname);
+ return ret;
+}
+
+static void assert_users_equal(struct passwd *a, struct passwd *b)
+{
+ assert_int_equal(a->pw_uid, b->pw_uid);
+ assert_int_equal(a->pw_gid, b->pw_gid);
+ assert_string_equal(a->pw_name, b->pw_name);
+ assert_string_equal(a->pw_shell, b->pw_shell);
+ assert_string_equal(a->pw_passwd, b->pw_passwd);
+}
+
+static errno_t store_group(struct nss_test_ctx *ctx,
+ struct sss_domain_info *dom,
+ struct group *group,
+ time_t cache_update)
+{
+ errno_t ret;
+ char *fqname;
+
+ fqname = sss_create_internal_fqname(ctx,
+ group->gr_name,
+ dom->name);
+ if (fqname == NULL) {
+ return ENOMEM;
+ }
+
+ ret = sysdb_add_group(dom,
+ fqname,
+ group->gr_gid,
+ NULL, 300, 0);
+ talloc_free(fqname);
+ return ret;
+}
+
+static void assert_groups_equal(struct group *expected,
+ struct group *gr, const int nmem)
+{
+ int i;
+
+ assert_int_equal(gr->gr_gid, expected->gr_gid);
+ assert_string_equal(gr->gr_name, expected->gr_name);
+ assert_string_equal(gr->gr_passwd, expected->gr_passwd);
+
+ for (i = 0; i < nmem; i++) {
+ assert_string_equal(gr->gr_mem[i], expected->gr_mem[i]);
+ }
+}
+
+static errno_t store_group_member(struct nss_test_ctx *ctx,
+ const char *shortname_group,
+ struct sss_domain_info *group_dom,
+ const char *shortname_member,
+ struct sss_domain_info *member_dom,
+ enum sysdb_member_type type)
+{
+ errno_t ret;
+ char *group_fqname = NULL;
+ char *member_fqname = NULL;
+
+ group_fqname = sss_create_internal_fqname(ctx,
+ shortname_group,
+ group_dom->name);
+ if (group_fqname == NULL) {
+ return ENOMEM;
+ }
+
+ member_fqname = sss_create_internal_fqname(ctx,
+ shortname_member,
+ member_dom->name);
+ if (member_fqname == NULL) {
+ talloc_free(group_fqname);
+ return ENOMEM;
+ }
+
+ ret = sysdb_add_group_member(group_dom,
+ group_fqname,
+ member_fqname,
+ SYSDB_MEMBER_USER, false);
+ talloc_free(group_fqname);
+ talloc_free(member_fqname);
+ return ret;
+}
+
+
/* ====================== The tests =============================== */
+struct passwd getpwnam_usr = {
+ .pw_name = discard_const("testuser"),
+ .pw_uid = 123,
+ .pw_gid = 456,
+ .pw_dir = discard_const("/home/testuser"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
/* Check getting cached and valid user from cache. Account callback will
* not be called and test_nss_getpwnam_check will make sure the user is
@@ -368,11 +531,7 @@ static int test_nss_getpwnam_check(uint32_t status, uint8_t *body, size_t blen)
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 123);
- assert_int_equal(pwd.pw_gid, 456);
- assert_string_equal(pwd.pw_name, "testuser");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
- assert_string_equal(pwd.pw_passwd, "*");
+ assert_users_equal(&pwd, &getpwnam_usr);
return EOK;
}
@@ -380,11 +539,8 @@ void test_nss_getpwnam(void **state)
{
errno_t ret;
- /* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testuser@"TEST_DOM_NAME, 123, 456, "test user",
- "/home/testuser", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwnam_usr, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuser");
@@ -441,22 +597,21 @@ void test_nss_getpwnam_neg(void **state)
assert_int_equal(nss_test_ctx->ncache_hits, 1);
}
+struct passwd getpwnam_search_usr = {
+ .pw_name = discard_const("testuser_search"),
+ .pw_uid = 567,
+ .pw_gid = 890,
+ .pw_dir = discard_const("/home/testuser_search"),
+ .pw_gecos = discard_const("test search user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_search_acct_cb(void *pvt)
{
- errno_t ret;
- char *fqname;
struct nss_test_ctx *ctx = talloc_get_type(pvt, struct nss_test_ctx);
- fqname = sss_create_internal_fqname(ctx->tctx, "testuser_search",
- ctx->tctx->dom->name);
- assert_non_null(fqname);
- ret = sysdb_add_user(ctx->tctx->dom,
- fqname, 567, 890, "test search",
- "/home/testsearch", "/bin/sh", NULL,
- NULL, 300, 0);
- assert_int_equal(ret, EOK);
-
- return EOK;
+ return store_user(ctx, ctx->tctx->dom, &getpwnam_search_usr, NULL, 0);
}
static int test_nss_getpwnam_search_check(uint32_t status,
@@ -470,10 +625,7 @@ static int test_nss_getpwnam_search_check(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 567);
- assert_int_equal(pwd.pw_gid, 890);
- assert_string_equal(pwd.pw_name, "testuser_search");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
+ assert_users_equal(&pwd, &getpwnam_search_usr);
return EOK;
}
@@ -488,8 +640,8 @@ void test_nss_getpwnam_search(void **state)
mock_fill_user();
set_cmd_cb(test_nss_getpwnam_search_check);
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- "testuser_search", &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ "testuser_search", &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 0);
@@ -502,8 +654,8 @@ void test_nss_getpwnam_search(void **state)
assert_int_equal(ret, EOK);
/* test_nss_getpwnam_search_check will check the user attributes */
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- "testuser_search", &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ "testuser_search", &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
}
@@ -513,19 +665,23 @@ void test_nss_getpwnam_search(void **state)
*
* The user's shell attribute is updated.
*/
+
+struct passwd getpwnam_update = {
+ .pw_name = discard_const("testuser_update"),
+ .pw_uid = 10,
+ .pw_gid = 11,
+ .pw_dir = discard_const("/home/testuser"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_update_acct_cb(void *pvt)
{
- errno_t ret;
struct nss_test_ctx *ctx = talloc_get_type(pvt, struct nss_test_ctx);
- ret = sysdb_store_user(ctx->tctx->dom,
- "testuser_update@"TEST_DOM_NAME,
- NULL, 10, 11, "test user",
- "/home/testuser", "/bin/ksh", NULL,
- NULL, NULL, 300, 0);
- assert_int_equal(ret, EOK);
-
- return EOK;
+ getpwnam_update.pw_shell = discard_const("/bin/ksh");
+ return store_user(ctx, ctx->tctx->dom, &getpwnam_update, NULL, 0);
}
static int test_nss_getpwnam_update_check(uint32_t status,
@@ -539,10 +695,7 @@ static int test_nss_getpwnam_update_check(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 10);
- assert_int_equal(pwd.pw_gid, 11);
- assert_string_equal(pwd.pw_name, "testuser_update");
- assert_string_equal(pwd.pw_shell, "/bin/ksh");
+ assert_users_equal(&pwd, &getpwnam_update);
return EOK;
}
@@ -551,17 +704,9 @@ void test_nss_getpwnam_update(void **state)
errno_t ret;
struct ldb_result *res;
const char *shell;
- char *username;
- username = sss_create_internal_fqname(nss_test_ctx,
- "testuser_update",
- nss_test_ctx->tctx->dom->name);
- assert_non_null(username);
- /* Prime the cache with a valid but expired user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- username, 10, 11, "test user",
- "/home/testuser", "/bin/sh", NULL,
- NULL, 1, 1);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwnam_update, NULL, 1);
assert_int_equal(ret, EOK);
/* Mock client input */
@@ -585,8 +730,8 @@ void test_nss_getpwnam_update(void **state)
assert_int_equal(ret, EOK);
/* Check the user was updated in the cache */
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- username , &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ "testuser_update" , &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
@@ -597,6 +742,16 @@ void test_nss_getpwnam_update(void **state)
/* Check that a FQDN is returned if the domain is FQDN-only and a
* FQDN is requested
*/
+struct passwd getpwnam_fqdn = {
+ .pw_name = discard_const("testuser_fqdn"),
+ .pw_uid = 124,
+ .pw_gid = 457,
+ .pw_dir = discard_const("/home/testuser"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_check_fqdn(uint32_t status,
uint8_t *body, size_t blen)
{
@@ -610,10 +765,8 @@ static int test_nss_getpwnam_check_fqdn(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 124);
- assert_int_equal(pwd.pw_gid, 457);
- assert_string_equal(pwd.pw_name, "testuser_fqdn@"TEST_DOM_NAME);
- assert_string_equal(pwd.pw_shell, "/bin/sh");
+ getpwnam_fqdn.pw_name = discard_const("testuser_fqdn@"TEST_DOM_NAME);
+ assert_users_equal(&pwd, &getpwnam_fqdn);
return EOK;
}
@@ -621,12 +774,8 @@ void test_nss_getpwnam_fqdn(void **state)
{
errno_t ret;
- /* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testuser_fqdn@"TEST_DOM_NAME,
- 124, 457, "test user",
- "/home/testuser", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwnam_fqdn, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuser_fqdn@"TEST_DOM_NAME);
@@ -647,6 +796,16 @@ void test_nss_getpwnam_fqdn(void **state)
/* Check that a user with a space in his username is returned fine.
*/
+struct passwd getpwnam_space = {
+ .pw_name = discard_const("space user"),
+ .pw_uid = 225,
+ .pw_gid = 558,
+ .pw_dir = discard_const("/home/testuser"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_check_space(uint32_t status,
uint8_t *body, size_t blen)
{
@@ -658,10 +817,7 @@ static int test_nss_getpwnam_check_space(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 225);
- assert_int_equal(pwd.pw_gid, 558);
- assert_string_equal(pwd.pw_name, "space user");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
+ assert_users_equal(&pwd, &getpwnam_space);
return EOK;
}
@@ -670,10 +826,8 @@ void test_nss_getpwnam_space(void **state)
errno_t ret;
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "space user@"TEST_DOM_NAME, 225, 558, "space user",
- "/home/testuser", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwnam_space, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("space user");
@@ -760,6 +914,16 @@ void test_nss_getpwnam_space_sub_query(void **state)
* Check that FQDN processing is able to handle arbitrarily sized
* delimeter
*/
+struct passwd getpwnam_fancy_fqdn = {
+ .pw_name = discard_const("testuser_fqdn_fancy"),
+ .pw_uid = 125,
+ .pw_gid = 458,
+ .pw_dir = discard_const("/home/testuser"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_check_fancy_fqdn(uint32_t status,
uint8_t *body, size_t blen)
{
@@ -785,11 +949,8 @@ void test_nss_getpwnam_fqdn_fancy(void **state)
errno_t ret;
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testuser_fqdn_fancy@"TEST_DOM_NAME,
- 125, 458, "test user",
- "/home/testuser", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwnam_fancy_fqdn, NULL, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuser_fqdn_fancy@"TEST_DOM_NAME);
@@ -812,6 +973,16 @@ void test_nss_getpwnam_fqdn_fancy(void **state)
* not be called and test_nss_getpwuid_check will make sure the id is
* the same as the test entered before starting
*/
+struct passwd getpwuid_usr = {
+ .pw_name = discard_const("testuser1"),
+ .pw_uid = 101,
+ .pw_gid = 401,
+ .pw_dir = discard_const("/home/testuser1"),
+ .pw_gecos = discard_const("test user1"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwuid_check(uint32_t status, uint8_t *body, size_t blen)
{
struct passwd pwd;
@@ -822,27 +993,20 @@ static int test_nss_getpwuid_check(uint32_t status, uint8_t *body, size_t blen)
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 101);
- assert_int_equal(pwd.pw_gid, 401);
- assert_string_equal(pwd.pw_name, "testuser1");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
- assert_string_equal(pwd.pw_passwd, "*");
+ assert_users_equal(&pwd, &getpwuid_usr);
return EOK;
}
void test_nss_getpwuid(void **state)
{
errno_t ret;
+ uint32_t id = 101;
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testuser1@"TEST_DOM_NAME,
- 101, 401, "test user1",
- "/home/testuser1", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwuid_usr, NULL, 0);
assert_int_equal(ret, EOK);
- uint32_t id = 101;
mock_input_id(nss_test_ctx, id);
will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETPWUID);
mock_fill_user();
@@ -864,9 +1028,9 @@ void test_nss_getpwuid(void **state)
void test_nss_getpwuid_neg(void **state)
{
errno_t ret;
+ uid_t uid_neg = 102;
- uint8_t id = 102;
- mock_input_id(nss_test_ctx, id);
+ mock_input_id(nss_test_ctx, uid_neg);
mock_account_recv_simple();
assert_int_equal(nss_test_ctx->ncache_hits, 0);
@@ -886,7 +1050,7 @@ void test_nss_getpwuid_neg(void **state)
*/
nss_test_ctx->tctx->done = false;
- mock_input_id(nss_test_ctx, id);
+ mock_input_id(nss_test_ctx, uid_neg);
ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_GETPWUID,
nss_test_ctx->nss_cmds);
assert_int_equal(ret, EOK);
@@ -898,19 +1062,24 @@ void test_nss_getpwuid_neg(void **state)
assert_int_equal(nss_test_ctx->ncache_hits, 1);
}
+/* Test that lookup by UID for a user that does
+ * not exist in the cache fetches the user from DP
+ */
+struct passwd getpwuid_srch = {
+ .pw_name = discard_const("exampleuser_search"),
+ .pw_uid = 107,
+ .pw_gid = 987,
+ .pw_dir = discard_const("/home/examplesearch"),
+ .pw_gecos = discard_const("example search"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwuid_search_acct_cb(void *pvt)
{
- errno_t ret;
struct nss_test_ctx *ctx = talloc_get_type(pvt, struct nss_test_ctx);
- ret = sysdb_add_user(ctx->tctx->dom,
- "exampleuser_search@"TEST_DOM_NAME,
- 107, 987, "example search",
- "/home/examplesearch", "/bin/sh", NULL,
- NULL, 300, 0);
- assert_int_equal(ret, EOK);
-
- return EOK;
+ return store_user(ctx, ctx->tctx->dom, &getpwuid_srch, NULL, 0);
}
static int test_nss_getpwuid_search_check(uint32_t status,
@@ -924,10 +1093,7 @@ static int test_nss_getpwuid_search_check(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 107);
- assert_int_equal(pwd.pw_gid, 987);
- assert_string_equal(pwd.pw_name, "exampleuser_search");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
+ assert_users_equal(&pwd, &getpwuid_srch);
return EOK;
}
@@ -936,15 +1102,14 @@ void test_nss_getpwuid_search(void **state)
errno_t ret;
struct ldb_result *res;
- uint8_t id = 107;
- mock_input_id(nss_test_ctx, id);
+ mock_input_id(nss_test_ctx, getpwuid_srch.pw_uid);
mock_account_recv(0, 0, NULL, test_nss_getpwuid_search_acct_cb, nss_test_ctx);
will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETPWUID);
mock_fill_user();
set_cmd_cb(test_nss_getpwuid_search_check);
ret = sysdb_getpwuid(nss_test_ctx, nss_test_ctx->tctx->dom,
- 107, &res);
+ getpwuid_srch.pw_uid, &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 0);
@@ -958,7 +1123,7 @@ void test_nss_getpwuid_search(void **state)
/* test_nss_getpwuid_search_check will check the id attributes */
ret = sysdb_getpwuid(nss_test_ctx, nss_test_ctx->tctx->dom,
- 107, &res);
+ getpwuid_srch.pw_uid, &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
}
@@ -968,19 +1133,22 @@ void test_nss_getpwuid_search(void **state)
*
* The user's shell attribute is updated.
*/
+struct passwd getpwuid_update = {
+ .pw_name = discard_const("exampleuser_update"),
+ .pw_uid = 109,
+ .pw_gid = 11000,
+ .pw_dir = discard_const("/home/exampleuser"),
+ .pw_gecos = discard_const("example user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwuid_update_acct_cb(void *pvt)
{
- errno_t ret;
struct nss_test_ctx *ctx = talloc_get_type(pvt, struct nss_test_ctx);
- ret = sysdb_store_user(ctx->tctx->dom,
- "exampleuser_update@"TEST_DOM_NAME,
- NULL, 109, 11000, "example user",
- "/home/exampleuser", "/bin/ksh", NULL,
- NULL, NULL, 300, 0);
- assert_int_equal(ret, EOK);
-
- return EOK;
+ getpwuid_update.pw_shell = discard_const("/bin/ksh");
+ return store_user(ctx, ctx->tctx->dom, &getpwuid_update, NULL, 0);
}
static int test_nss_getpwuid_update_check(uint32_t status,
@@ -994,10 +1162,7 @@ static int test_nss_getpwuid_update_check(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 109);
- assert_int_equal(pwd.pw_gid, 11000);
- assert_string_equal(pwd.pw_name, "exampleuser_update");
- assert_string_equal(pwd.pw_shell, "/bin/ksh");
+ assert_users_equal(&pwd, &getpwuid_update);
return EOK;
}
@@ -1008,16 +1173,12 @@ void test_nss_getpwuid_update(void **state)
const char *shell;
/* Prime the cache with a valid but expired user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "exampleuser_update@"TEST_DOM_NAME,
- 109, 11000, "example user",
- "/home/exampleuser", "/bin/sh", NULL,
- NULL, 1, 1);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getpwuid_update, NULL, 1);
assert_int_equal(ret, EOK);
/* Mock client input */
- uint8_t id = 109;
- mock_input_id(nss_test_ctx, id);
+ mock_input_id(nss_test_ctx, getpwuid_update.pw_uid);
/* Mock client command */
will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETPWUID);
/* Call this function when id is updated by the mock DP request */
@@ -1038,7 +1199,7 @@ void test_nss_getpwuid_update(void **state)
/* Check the user was updated in the cache */
ret = sysdb_getpwuid(nss_test_ctx, nss_test_ctx->tctx->dom,
- 109, &res);
+ getpwuid_update.pw_uid, &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
@@ -1101,19 +1262,12 @@ void test_nss_setup(struct sss_test_conf_param params[],
}
-static int test_nss_getgrnam_check(struct group *expected, struct group *gr, const int nmem)
-{
- int i;
-
- assert_int_equal(gr->gr_gid, expected->gr_gid);
- assert_string_equal(gr->gr_name, expected->gr_name);
- assert_string_equal(gr->gr_passwd, expected->gr_passwd);
-
- for (i = 0; i < nmem; i++) {
- assert_string_equal(gr->gr_mem[i], expected->gr_mem[i]);
- }
- return EOK;
-}
+struct group getgrnam_no_members = {
+ .gr_gid = 1123,
+ .gr_name = discard_const("testgroup"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
static int test_nss_getgrnam_no_members_check(uint32_t status,
uint8_t *body, size_t blen)
@@ -1121,12 +1275,6 @@ static int test_nss_getgrnam_no_members_check(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- struct group expected = {
- .gr_gid = 1123,
- .gr_name = discard_const("testgroup"),
- .gr_passwd = discard_const("*"),
- .gr_mem = NULL,
- };
assert_int_equal(status, EOK);
@@ -1134,9 +1282,7 @@ static int test_nss_getgrnam_no_members_check(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 0);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
- assert_int_equal(ret, EOK);
-
+ assert_groups_equal(&getgrnam_no_members, &gr, nmem);
return EOK;
}
@@ -1148,12 +1294,11 @@ void test_nss_getgrnam_no_members(void **state)
errno_t ret;
/* Prime the cache with a valid group */
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testgroup@"TEST_DOM_NAME, 1123,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &getgrnam_no_members, 0);
assert_int_equal(ret, EOK);
- mock_input_user_or_group("testgroup");
+ mock_input_user_or_group(getgrnam_no_members.gr_name);
will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETGRNAM);
mock_fill_group_with_members(0);
@@ -1168,17 +1313,45 @@ void test_nss_getgrnam_no_members(void **state)
assert_int_equal(ret, EOK);
}
+struct passwd testmember1 = {
+ .pw_name = discard_const("testmember1"),
+ .pw_uid = 2001,
+ .pw_gid = 456,
+ .pw_dir = discard_const("/home/testmember1"),
+ .pw_gecos = discard_const("test member1"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct passwd testmember2 = {
+ .pw_name = discard_const("testmember2"),
+ .pw_uid = 2002,
+ .pw_gid = 456,
+ .pw_dir = discard_const("/home/testmember2"),
+ .pw_gecos = discard_const("test member2"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testgroup_members = {
+ .gr_gid = 1124,
+ .gr_name = discard_const("testgroup_members"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_getgrnam_members_check(uint32_t status,
uint8_t *body, size_t blen)
{
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "testmember1", "testmember2" };
+ const char *exp_members[] = { testmember1.pw_name,
+ testmember2.pw_name };
struct group expected = {
- .gr_gid = 1124,
- .gr_name = discard_const("testgroup_members"),
- .gr_passwd = discard_const("*"),
+ .gr_gid = testgroup_members.gr_gid,
+ .gr_name = testgroup_members.gr_name,
+ .gr_passwd = testgroup_members.gr_passwd,
.gr_mem = discard_const(exp_members)
};
@@ -1188,9 +1361,7 @@ static int test_nss_getgrnam_members_check(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 2);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
- assert_int_equal(ret, EOK);
-
+ assert_groups_equal(&expected, &gr, nmem);
return EOK;
}
@@ -1201,36 +1372,32 @@ void test_nss_getgrnam_members(void **state)
{
errno_t ret;
- /* Prime the cache with a valid group and some members */
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testgroup_members@"TEST_DOM_NAME, 1124,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testgroup_members, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testmember1@"TEST_DOM_NAME,
- 2001, 456, "test member1",
- "/home/testmember2", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testmember1, NULL, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testmember2@"TEST_DOM_NAME,
- 2002, 456, "test member2",
- "/home/testmember2", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testmember2, NULL, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testgroup_members@"TEST_DOM_NAME,
- "testmember1@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testgroup_members.gr_name,
+ nss_test_ctx->tctx->dom,
+ testmember1.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testgroup_members@"TEST_DOM_NAME,
- "testmember2@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testgroup_members.gr_name,
+ nss_test_ctx->tctx->dom,
+ testmember2.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testgroup_members");
@@ -1254,14 +1421,29 @@ static int test_nss_getgrnam_members_check_fqdn(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "testmember1@"TEST_DOM_NAME,
- "testmember2@"TEST_DOM_NAME };
+ const char *exp_members[2];
struct group expected = {
- .gr_gid = 1124,
- .gr_name = discard_const("testgroup_members@"TEST_DOM_NAME),
- .gr_passwd = discard_const("*"),
+ .gr_gid = testgroup_members.gr_gid,
+ .gr_passwd = testgroup_members.gr_passwd,
.gr_mem = discard_const(exp_members)
};
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(nss_test_ctx);
+ assert_non_null(tmp_ctx);
+
+ exp_members[0] = sss_tc_fqname(tmp_ctx, nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom, testmember1.pw_name);
+ assert_non_null(exp_members[0]);
+ exp_members[1] = sss_tc_fqname(tmp_ctx, nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom, testmember2.pw_name);
+ assert_non_null(exp_members[1]);
+
+ expected.gr_name = sss_tc_fqname(tmp_ctx,
+ nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom,
+ testgroup_members.gr_name);
+ assert_non_null(expected.gr_name);
assert_int_equal(status, EOK);
@@ -1269,9 +1451,10 @@ static int test_nss_getgrnam_members_check_fqdn(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 2);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&expected, &gr, nmem);
assert_int_equal(ret, EOK);
+ talloc_free(tmp_ctx);
return EOK;
}
@@ -1302,20 +1485,64 @@ void test_nss_getgrnam_members_fqdn(void **state)
assert_int_equal(ret, EOK);
}
+/* Test that requesting a valid, cached group with subdomain members returns
+ * a valid * group structure with those members present as fully
+ * qualified names
+ */
+struct passwd submember1 = {
+ .pw_name = discard_const("submember1"),
+ .pw_uid = 4001,
+ .pw_gid = 456,
+ .pw_dir = discard_const("/home/submember1"),
+ .pw_gecos = discard_const("sub member1"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct passwd submember2 = {
+ .pw_name = discard_const("submember2"),
+ .pw_uid = 4002,
+ .pw_gid = 456,
+ .pw_dir = discard_const("/home/submember2"),
+ .pw_gecos = discard_const("sub member2"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testsubdomgroup = {
+ .gr_gid = 2002,
+ .gr_name = discard_const("testsubdomgroup"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_getgrnam_members_check_subdom(uint32_t status,
uint8_t *body, size_t blen)
{
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "submember1@"TEST_SUBDOM_NAME,
- "submember2@"TEST_SUBDOM_NAME };
+ const char *exp_members[2];
struct group expected = {
- .gr_gid = 2124,
- .gr_name = discard_const("testsubdomgroup@"TEST_SUBDOM_NAME),
- .gr_passwd = discard_const("*"),
+ .gr_gid = testsubdomgroup.gr_gid,
+ .gr_passwd = testsubdomgroup.gr_passwd,
.gr_mem = discard_const(exp_members)
};
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(nss_test_ctx);
+ assert_non_null(tmp_ctx);
+
+ exp_members[0] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember1.pw_name);
+ assert_non_null(exp_members[0]);
+ exp_members[1] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember2.pw_name);
+ assert_non_null(exp_members[1]);
+
+ expected.gr_name = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, testsubdomgroup.gr_name);
+ assert_non_null(expected.gr_name);
assert_int_equal(status, EOK);
@@ -1323,70 +1550,46 @@ static int test_nss_getgrnam_members_check_subdom(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 2);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&expected, &gr, nmem);
assert_int_equal(ret, EOK);
+ talloc_free(tmp_ctx);
return EOK;
}
-/* Test that requesting a valid, cached group with some members returns a valid
- * group structure with those members present as fully qualified names
- */
void test_nss_getgrnam_members_subdom(void **state)
{
errno_t ret;
- char *submember1;
- char *submember2;
- char *testsubdomgroup;
- submember1 = sss_create_internal_fqname(nss_test_ctx, "submember1",
- nss_test_ctx->subdom->name);
- submember2 = sss_create_internal_fqname(nss_test_ctx, "submember2",
- nss_test_ctx->subdom->name);
- testsubdomgroup = sss_create_internal_fqname(nss_test_ctx,
- "testsubdomgroup",
- nss_test_ctx->subdom->name);
- assert_non_null(submember1);
- assert_non_null(submember2);
- assert_non_null(testsubdomgroup);
-
- nss_test_ctx->tctx->dom->fqnames = true;
-
- /* Add a group from a subdomain and two members from the same subdomain
- */
- ret = sysdb_add_group(nss_test_ctx->subdom,
- testsubdomgroup,
- 2124, NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->subdom,
+ &testsubdomgroup, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->subdom,
- submember1,
- 4001, 456, "test subdomain member1",
- "/home/submember1", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->subdom,
+ &submember1, NULL, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->subdom,
- submember2,
- 2002, 456, "test subdomain member2",
- "/home/submember2", "/bin/sh", NULL,
- NULL, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->subdom,
+ &submember2, NULL, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->subdom,
- testsubdomgroup,
- submember1,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testsubdomgroup.gr_name,
+ nss_test_ctx->subdom,
+ submember1.pw_name,
+ nss_test_ctx->subdom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->subdom,
- testsubdomgroup,
- submember2,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testsubdomgroup.gr_name,
+ nss_test_ctx->subdom,
+ submember2.pw_name,
+ nss_test_ctx->subdom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
-
- mock_input_user_or_group(testsubdomgroup);
+ mock_input_user_or_group("testsubdomgroup@"TEST_SUBDOM_NAME);
will_return(__wrap_sss_packet_get_cmd, SSS_NSS_GETGRNAM);
mock_fill_group_with_members(2);
@@ -1399,8 +1602,6 @@ void test_nss_getgrnam_members_subdom(void **state)
/* Wait until the test finishes with EOK */
ret = test_ev_loop(nss_test_ctx->tctx);
- /* Restore FQDN settings */
- nss_test_ctx->tctx->dom->fqnames = false;
assert_int_equal(ret, EOK);
}
@@ -1410,15 +1611,23 @@ static int test_nss_getgrnam_check_mix_dom(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "testmember1",
- "testmember2",
- "submember1@"TEST_SUBDOM_NAME };
+ const char *exp_members[3];
struct group expected = {
- .gr_gid = 1124,
- .gr_name = discard_const("testgroup_members"),
- .gr_passwd = discard_const("*"),
+ .gr_name = testgroup_members.gr_name,
+ .gr_gid = testgroup_members.gr_gid,
+ .gr_passwd = testgroup_members.gr_passwd,
.gr_mem = discard_const(exp_members)
};
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(nss_test_ctx);
+ assert_non_null(tmp_ctx);
+
+ exp_members[0] = testmember1.pw_name;
+ exp_members[1] = testmember2.pw_name;
+ exp_members[2] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember1.pw_name);
+ assert_non_null(exp_members[2]);
assert_int_equal(status, EOK);
@@ -1426,29 +1635,23 @@ static int test_nss_getgrnam_check_mix_dom(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 3);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&expected, &gr, nmem);
assert_int_equal(ret, EOK);
+ talloc_free(tmp_ctx);
return EOK;
}
void test_nss_getgrnam_mix_dom(void **state)
{
errno_t ret;
- const char *group_strdn = NULL;
- const char *add_groups[] = { NULL, NULL };
-
- /* Add a subdomain user to a parent domain group */
- group_strdn = sysdb_group_strdn(nss_test_ctx,
- nss_test_ctx->tctx->dom->name,
- "testgroup_members");
- assert_non_null(group_strdn);
- add_groups[0] = group_strdn;
- ret = sysdb_update_members_dn(nss_test_ctx->subdom,
- "submember1@"TEST_SUBDOM_NAME,
- SYSDB_MEMBER_USER,
- add_groups, NULL);
+ ret = store_group_member(nss_test_ctx,
+ testgroup_members.gr_name,
+ nss_test_ctx->tctx->dom,
+ submember1.pw_name,
+ nss_test_ctx->subdom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testgroup_members");
@@ -1472,15 +1675,32 @@ static int test_nss_getgrnam_check_mix_dom_fqdn(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "testmember1@"TEST_DOM_NAME,
- "testmember2@"TEST_DOM_NAME,
- "submember1@"TEST_SUBDOM_NAME };
+ const char *exp_members[3];
struct group expected = {
- .gr_gid = 1124,
- .gr_name = discard_const("testgroup_members@"TEST_DOM_NAME),
- .gr_passwd = discard_const("*"),
+ .gr_gid = testgroup_members.gr_gid,
+ .gr_passwd = testgroup_members.gr_passwd,
.gr_mem = discard_const(exp_members)
};
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(nss_test_ctx);
+ assert_non_null(tmp_ctx);
+
+ exp_members[0] = sss_tc_fqname(tmp_ctx, nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom, testmember1.pw_name);
+ assert_non_null(exp_members[0]);
+ exp_members[1] = sss_tc_fqname(tmp_ctx, nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom, testmember2.pw_name);
+ assert_non_null(exp_members[1]);
+ exp_members[2] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember1.pw_name);
+ assert_non_null(exp_members[2]);
+
+ expected.gr_name = sss_tc_fqname(tmp_ctx,
+ nss_test_ctx->tctx->dom->names,
+ nss_test_ctx->tctx->dom,
+ testgroup_members.gr_name);
+ assert_non_null(expected.gr_name);
assert_int_equal(status, EOK);
@@ -1488,9 +1708,10 @@ static int test_nss_getgrnam_check_mix_dom_fqdn(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 3);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&expected, &gr, nmem);
assert_int_equal(ret, EOK);
+ talloc_free(tmp_ctx);
return EOK;
}
@@ -1524,15 +1745,31 @@ static int test_nss_getgrnam_check_mix_subdom(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- const char *exp_members[] = { "submember1@"TEST_SUBDOM_NAME,
- "submember2@"TEST_SUBDOM_NAME,
- "testmember1@"TEST_DOM_NAME };
+ const char *exp_members[3];
struct group expected = {
- .gr_gid = 2124,
- .gr_name = discard_const("testsubdomgroup@"TEST_SUBDOM_NAME),
- .gr_passwd = discard_const("*"),
+ .gr_gid = testsubdomgroup.gr_gid,
+ .gr_passwd = testsubdomgroup.gr_passwd,
.gr_mem = discard_const(exp_members)
};
+ TALLOC_CTX *tmp_ctx;
+
+ tmp_ctx = talloc_new(nss_test_ctx);
+ assert_non_null(tmp_ctx);
+
+ exp_members[0] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember1.pw_name);
+ assert_non_null(exp_members[0]);
+ exp_members[1] = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, submember2.pw_name);
+ assert_non_null(exp_members[1]);
+ /* Important: this member is from a non-qualified domain, so his name will
+ * not be qualified either
+ */
+ exp_members[2] = testmember1.pw_name;
+
+ expected.gr_name = sss_tc_fqname(tmp_ctx, nss_test_ctx->subdom->names,
+ nss_test_ctx->subdom, testsubdomgroup.gr_name);
+ assert_non_null(expected.gr_name);
assert_int_equal(status, EOK);
@@ -1540,32 +1777,23 @@ static int test_nss_getgrnam_check_mix_subdom(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 3);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&expected, &gr, nmem);
assert_int_equal(ret, EOK);
+ talloc_free(tmp_ctx);
return EOK;
}
void test_nss_getgrnam_mix_subdom(void **state)
{
errno_t ret;
- const char *group_strdn = NULL;
- const char *add_groups[] = { NULL, NULL };
- char *testmember1_fqname = sss_create_internal_fqname(nss_test_ctx,
- "testmember1",
- TEST_DOM_NAME);
- /* Add a parent domain user to a subdomain group */
- group_strdn = sysdb_group_strdn(nss_test_ctx,
- nss_test_ctx->subdom->name,
- "testsubdomgroup");
- assert_non_null(group_strdn);
- add_groups[0] = group_strdn;
-
- ret = sysdb_update_members_dn(nss_test_ctx->tctx->dom,
- testmember1_fqname,
- SYSDB_MEMBER_USER,
- add_groups, NULL);
+ ret = store_group_member(nss_test_ctx,
+ testsubdomgroup.gr_name,
+ nss_test_ctx->subdom,
+ testmember1.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testsubdomgroup@"TEST_SUBDOM_NAME);
@@ -1583,18 +1811,19 @@ void test_nss_getgrnam_mix_subdom(void **state)
assert_int_equal(ret, EOK);
}
+struct group space_group = {
+ .gr_gid = 2123,
+ .gr_name = discard_const("space group"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_getgrnam_space_check(uint32_t status,
uint8_t *body, size_t blen)
{
int ret;
uint32_t nmem;
struct group gr;
- struct group expected = {
- .gr_gid = 2123,
- .gr_name = discard_const("space group"),
- .gr_passwd = discard_const("*"),
- .gr_mem = NULL,
- };
assert_int_equal(status, EOK);
@@ -1602,7 +1831,7 @@ static int test_nss_getgrnam_space_check(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 0);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ assert_groups_equal(&space_group, &gr, nmem);
assert_int_equal(ret, EOK);
return EOK;
@@ -1616,9 +1845,8 @@ void test_nss_getgrnam_space(void **state)
errno_t ret;
/* Prime the cache with a valid group */
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "space group@"TEST_DOM_NAME, 2123,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &space_group, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("space group");
@@ -1642,12 +1870,6 @@ static int test_nss_getgrnam_space_sub_check(uint32_t status,
int ret;
uint32_t nmem;
struct group gr;
- struct group expected = {
- .gr_gid = 2123,
- .gr_name = discard_const("space_group"),
- .gr_passwd = discard_const("*"),
- .gr_mem = NULL,
- };
assert_int_equal(status, EOK);
@@ -1655,7 +1877,8 @@ static int test_nss_getgrnam_space_sub_check(uint32_t status,
assert_int_equal(ret, EOK);
assert_int_equal(nmem, 0);
- ret = test_nss_getgrnam_check(&expected, &gr, nmem);
+ space_group.gr_name = discard_const("space_group");
+ assert_groups_equal(&space_group, &gr, nmem);
assert_int_equal(ret, EOK);
return EOK;
@@ -1916,33 +2139,43 @@ static int test_nss_getorigbyname_check(uint32_t status, uint8_t *body,
return EOK;
}
+struct passwd orig_name = {
+ .pw_name = discard_const("testuserorig"),
+ .pw_uid = 1234,
+ .pw_gid = 5678,
+ .pw_dir = discard_const("/home/testuserorig"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
void test_nss_getorigbyname(void **state)
{
errno_t ret;
struct sysdb_attrs *attrs;
- char *fqname;
+ char *fqorigname;
- fqname = sss_create_internal_fqname(nss_test_ctx, "testuserorig",
- nss_test_ctx->tctx->dom->name);
- assert_non_null(fqname);
attrs = sysdb_new_attrs(nss_test_ctx);
assert_non_null(attrs);
ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, "S-1-2-3-4");
assert_int_equal(ret, EOK);
+ fqorigname = sss_create_internal_fqname(attrs, "orig_name",
+ nss_test_ctx->tctx->dom->name);
+ assert_non_null(fqorigname);
+
ret = sysdb_attrs_add_string(attrs, ORIGINALAD_PREFIX SYSDB_NAME,
- "orig_name");
+ fqorigname);
+ talloc_free(fqorigname);
assert_int_equal(ret, EOK);
ret = sysdb_attrs_add_uint32(attrs, ORIGINALAD_PREFIX SYSDB_UIDNUM, 1234);
assert_int_equal(ret, EOK);
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- fqname, 1234, 5689, "test user orig",
- "/home/testuserorig", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &orig_name, attrs, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuserorig");
@@ -2026,15 +2259,21 @@ static int test_nss_getorigbyname_extra_check(uint32_t status, uint8_t *body,
return EOK;
}
+struct passwd orig_extra = {
+ .pw_name = discard_const("testuserorigextra"),
+ .pw_uid = 2345,
+ .pw_gid = 6789,
+ .pw_dir = discard_const("/home/testuserorigextra"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
void test_nss_getorigbyname_extra_attrs(void **state)
{
errno_t ret;
struct sysdb_attrs *attrs;
- char *fqname;
-
- fqname = sss_create_internal_fqname(nss_test_ctx, "testuserorigextra",
- nss_test_ctx->tctx->dom->name);
- assert_non_null(fqname);
+ char *fqorigname;
attrs = sysdb_new_attrs(nss_test_ctx);
assert_non_null(attrs);
@@ -2042,8 +2281,13 @@ void test_nss_getorigbyname_extra_attrs(void **state)
ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, "S-1-2-3-4");
assert_int_equal(ret, EOK);
+ fqorigname = sss_create_internal_fqname(attrs, "orig_name",
+ nss_test_ctx->tctx->dom->name);
+ assert_non_null(fqorigname);
+
ret = sysdb_attrs_add_string(attrs, ORIGINALAD_PREFIX SYSDB_NAME,
- "orig_name");
+ fqorigname);
+ talloc_free(fqorigname);
assert_int_equal(ret, EOK);
ret = sysdb_attrs_add_uint32(attrs, ORIGINALAD_PREFIX SYSDB_UIDNUM, 1234);
@@ -2058,12 +2302,8 @@ void test_nss_getorigbyname_extra_attrs(void **state)
ret = sysdb_attrs_add_string(attrs, "not_extra", "abc");
assert_int_equal(ret, EOK);
- /* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- fqname, 2345, 6789,
- "test user orig extra",
- "/home/testuserorigextra", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &orig_extra, attrs, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuserorigextra");
@@ -2081,7 +2321,6 @@ void test_nss_getorigbyname_extra_attrs(void **state)
assert_int_equal(ret, EOK);
}
-
static int test_nss_getorigbyname_multi_check(uint32_t status, uint8_t *body,
size_t blen)
{
@@ -2157,15 +2396,22 @@ static int test_nss_getorigbyname_multi_check(uint32_t status, uint8_t *body,
return EOK;
}
+
+struct passwd orig_multi = {
+ .pw_name = discard_const("testuserorigmulti"),
+ .pw_uid = 3456,
+ .pw_gid = 7890,
+ .pw_dir = discard_const("/home/testuserorigmulti"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
void test_nss_getorigbyname_multi_value_attrs(void **state)
{
errno_t ret;
struct sysdb_attrs *attrs;
- char *fqname;
-
- fqname = sss_create_internal_fqname(nss_test_ctx, "testuserorigmulti",
- nss_test_ctx->tctx->dom->name);
- assert_non_null(fqname);
+ char *fqorigname;
attrs = sysdb_new_attrs(nss_test_ctx);
assert_non_null(attrs);
@@ -2173,8 +2419,13 @@ void test_nss_getorigbyname_multi_value_attrs(void **state)
ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, "S-1-2-3-4");
assert_int_equal(ret, EOK);
+ fqorigname = sss_create_internal_fqname(attrs, "orig_name",
+ nss_test_ctx->tctx->dom->name);
+ assert_non_null(fqorigname);
+
ret = sysdb_attrs_add_string(attrs, ORIGINALAD_PREFIX SYSDB_NAME,
- "orig_name");
+ fqorigname);
+ talloc_free(fqorigname);
assert_int_equal(ret, EOK);
ret = sysdb_attrs_add_uint32(attrs, ORIGINALAD_PREFIX SYSDB_UIDNUM, 1234);
@@ -2189,12 +2440,8 @@ void test_nss_getorigbyname_multi_value_attrs(void **state)
ret = sysdb_attrs_add_string(attrs, SYSDB_ORIG_MEMBEROF, "cn=123");
assert_int_equal(ret, EOK);
- /* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- fqname, 3456, 7890,
- "test user orig multi value",
- "/home/testuserorigextra", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &orig_multi, attrs, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testuserorigmulti");
@@ -2212,6 +2459,16 @@ void test_nss_getorigbyname_multi_value_attrs(void **state)
assert_int_equal(ret, EOK);
}
+struct passwd upn_user = {
+ .pw_name = discard_const("upnuser"),
+ .pw_uid = 34567,
+ .pw_gid = 45678,
+ .pw_dir = discard_const("/home/testuserorig"),
+ .pw_gecos = discard_const("test user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getpwnam_upn_check(uint32_t status,
uint8_t *body,
size_t blen)
@@ -2224,11 +2481,7 @@ static int test_nss_getpwnam_upn_check(uint32_t status,
ret = parse_user_packet(body, blen, &pwd);
assert_int_equal(ret, EOK);
- assert_int_equal(pwd.pw_uid, 34567);
- assert_int_equal(pwd.pw_gid, 45678);
- assert_string_equal(pwd.pw_name, "upnuser");
- assert_string_equal(pwd.pw_shell, "/bin/sh");
- assert_string_equal(pwd.pw_passwd, "*");
+ assert_users_equal(&pwd, &upn_user);
return EOK;
}
@@ -2236,11 +2489,6 @@ void test_nss_getpwnam_upn(void **state)
{
errno_t ret;
struct sysdb_attrs *attrs;
- char *upnuser;
-
- upnuser = sss_create_internal_fqname(nss_test_ctx, "upnuser",
- nss_test_ctx->tctx->dom->name);
- assert_non_null(upnuser);
attrs = sysdb_new_attrs(nss_test_ctx);
assert_non_null(attrs);
@@ -2249,10 +2497,8 @@ void test_nss_getpwnam_upn(void **state)
assert_int_equal(ret, EOK);
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- upnuser, 34567, 45678, "up user",
- "/home/upnuser", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &upn_user, attrs, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group("upnuser@upndomain.test");
@@ -2319,6 +2565,30 @@ static int test_nss_initgr_check(uint32_t status, uint8_t *body, size_t blen)
return EOK;
}
+struct passwd testinitgr_usr = {
+ .pw_name = discard_const("testinitgr"),
+ .pw_uid = 321,
+ .pw_gid = 654,
+ .pw_dir = discard_const("/home/testinitgr"),
+ .pw_gecos = discard_const("test initgroups"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testinitgr_gr1 = {
+ .gr_gid = 3211,
+ .gr_name = discard_const("testinitgr_gr1"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
+struct group testinitgr_gr2 = {
+ .gr_gid = 3212,
+ .gr_name = discard_const("testinitgr_gr2"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
void test_nss_initgroups(void **state)
{
errno_t ret;
@@ -2334,33 +2604,32 @@ void test_nss_initgroups(void **state)
ret = sysdb_attrs_add_string(attrs, SYSDB_UPN, "upninitgr@upndomain.test");
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testinitgr@"TEST_DOM_NAME,
- 321, 654, "test initgroups",
- "/home/testinitgr", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_usr, attrs, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_gr1@"TEST_DOM_NAME, 3211,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_gr1, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_gr2@"TEST_DOM_NAME, 3212,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_gr2, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_gr1@"TEST_DOM_NAME,
- "testinitgr@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_gr1.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_gr2@"TEST_DOM_NAME,
- "testinitgr@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_gr2.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testinitgr");
@@ -2424,6 +2693,30 @@ void test_nss_initgr_neg(void **state)
test_initgr_neg_by_name("testinitgr_neg", false);
}
+struct passwd testinitgr_srch_usr = {
+ .pw_name = discard_const("testinitgr_srch"),
+ .pw_uid = 421,
+ .pw_gid = 654,
+ .pw_dir = discard_const("/home/testinitgr_srch"),
+ .pw_gecos = discard_const("test initgroups"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testinitgr_srch_gr1 = {
+ .gr_gid = 4211,
+ .gr_name = discard_const("testinitgr_srch_gr1"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
+struct group testinitgr_srch_gr2 = {
+ .gr_gid = 4212,
+ .gr_name = discard_const("testinitgr_srch_gr2"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_initgr_search_acct_cb(void *pvt)
{
errno_t ret;
@@ -2436,36 +2729,34 @@ static int test_nss_initgr_search_acct_cb(void *pvt)
time(NULL) + 300);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testinitgr_srch@"TEST_DOM_NAME,
- 421, 654, "test initgroups",
- "/home/testinitgr", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_srch_usr, attrs, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_srch_gr1@"TEST_DOM_NAME, 4211,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_srch_gr1, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_srch_gr2@"TEST_DOM_NAME, 4212,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_srch_gr2, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_srch_gr1@"TEST_DOM_NAME,
- "testinitgr_srch@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_srch_gr1.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_srch_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_srch_gr2@"TEST_DOM_NAME,
- "testinitgr_srch@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_srch_gr2.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_srch_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
-
return EOK;
}
@@ -2490,8 +2781,8 @@ void test_nss_initgr_search(void **state)
mock_fill_initgr_user();
set_cmd_cb(test_nss_initgr_search_check);
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- "testinitgr_srch", &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ "testinitgr_srch", &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 0);
@@ -2504,12 +2795,36 @@ void test_nss_initgr_search(void **state)
assert_int_equal(ret, EOK);
/* test_nss_getpwnam_search_check will check the user attributes */
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- "testinitgr_srch", &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ "testinitgr_srch", &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
}
+struct passwd testinitgr_update_usr = {
+ .pw_name = discard_const("testinitgr_update"),
+ .pw_uid = 521,
+ .pw_gid = 654,
+ .pw_dir = discard_const("/home/testinitgr_update"),
+ .pw_gecos = discard_const("test initgroups"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testinitgr_update_gr1 = {
+ .gr_gid = 5211,
+ .gr_name = discard_const("testinitgr_update_gr1"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
+struct group testinitgr_update_gr2 = {
+ .gr_gid = 5212,
+ .gr_name = discard_const("testinitgr_update_gr2"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_initgr_update_acct_cb(void *pvt)
{
errno_t ret;
@@ -2522,20 +2837,22 @@ static int test_nss_initgr_update_acct_cb(void *pvt)
time(NULL) + 300);
assert_int_equal(ret, EOK);
- ret = sysdb_set_user_attr(nss_test_ctx->tctx->dom,
- "testinitgr_update@"TEST_DOM_NAME,
- attrs, SYSDB_MOD_REP);
+ ret = set_user_attr(nss_test_ctx,
+ nss_test_ctx->tctx->dom,
+ &testinitgr_update_usr,
+ attrs);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_check_gr2@"TEST_DOM_NAME, 5212,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_update_gr2, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_check_gr2@"TEST_DOM_NAME,
- "testinitgr_update@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_update_gr2.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_update_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
return EOK;
@@ -2562,22 +2879,20 @@ void test_nss_initgr_update(void **state)
time(NULL) - 1);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testinitgr_update@"TEST_DOM_NAME,
- 521, 654, "test initgroups",
- "/home/testinitgr", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_update_usr, attrs, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_update_gr1@"TEST_DOM_NAME, 5211,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_update_gr1, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_update_gr1@"TEST_DOM_NAME,
- "testinitgr_update@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_update_gr1.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_update_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testinitgr_update");
@@ -2586,7 +2901,6 @@ void test_nss_initgr_update(void **state)
mock_fill_initgr_user();
set_cmd_cb(test_nss_initgr_update_check);
-
/* Query for that user, call a callback when command finishes */
ret = sss_cmd_execute(nss_test_ctx->cctx, SSS_NSS_INITGR,
nss_test_ctx->nss_cmds);
@@ -2597,6 +2911,30 @@ void test_nss_initgr_update(void **state)
assert_int_equal(ret, EOK);
}
+struct passwd testinitgr_2attr_usr = {
+ .pw_name = discard_const("testinitgr_2attr"),
+ .pw_uid = 521,
+ .pw_gid = 654,
+ .pw_dir = discard_const("/home/testinitgr_2attr"),
+ .pw_gecos = discard_const("test initgroups"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
+struct group testinitgr_2attr_gr1 = {
+ .gr_gid = 5221,
+ .gr_name = discard_const("testinitgr_2attr_gr11"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
+struct group testinitgr_2attr_gr2 = {
+ .gr_gid = 5222,
+ .gr_name = discard_const("testinitgr_2attr_gr12"),
+ .gr_passwd = discard_const("*"),
+ .gr_mem = NULL,
+};
+
static int test_nss_initgr_update_acct_2expire_attributes_cb(void *pvt)
{
errno_t ret;
@@ -2609,20 +2947,20 @@ static int test_nss_initgr_update_acct_2expire_attributes_cb(void *pvt)
time(NULL) + 300);
assert_int_equal(ret, EOK);
- ret = sysdb_set_user_attr(nss_test_ctx->tctx->dom,
- "testinitgr_2attr@"TEST_DOM_NAME,
- attrs, SYSDB_MOD_REP);
+ ret = set_user_attr(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_2attr_usr, attrs);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_2attr_gr12@"TEST_DOM_NAME, 5222,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_2attr_gr2, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_2attr_gr12@"TEST_DOM_NAME,
- "testinitgr_2attr@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_2attr_gr2.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_2attr_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
return EOK;
@@ -2661,22 +2999,20 @@ void test_nss_initgr_update_two_expire_attributes(void **state)
time(NULL) + 100);
assert_int_equal(ret, EOK);
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testinitgr_2attr@"TEST_DOM_NAME,
- 522, 655, "test initgroups2",
- "/home/testinitgr_2attr", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_2attr_usr, attrs, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group(nss_test_ctx->tctx->dom,
- "testinitgr_2attr_gr11@"TEST_DOM_NAME, 5221,
- NULL, 300, 0);
+ ret = store_group(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testinitgr_2attr_gr1, 0);
assert_int_equal(ret, EOK);
- ret = sysdb_add_group_member(nss_test_ctx->tctx->dom,
- "testinitgr_2attr_gr11@"TEST_DOM_NAME,
- "testinitgr_2attr@"TEST_DOM_NAME,
- SYSDB_MEMBER_USER, false);
+ ret = store_group_member(nss_test_ctx,
+ testinitgr_2attr_gr1.gr_name,
+ nss_test_ctx->tctx->dom,
+ testinitgr_2attr_usr.pw_name,
+ nss_test_ctx->tctx->dom,
+ SYSDB_MEMBER_USER);
assert_int_equal(ret, EOK);
mock_input_user_or_group("testinitgr_2attr");
@@ -2803,6 +3139,16 @@ static int nss_test_teardown(void **state)
return 0;
}
+struct passwd testbysid = {
+ .pw_name = discard_const("testsiduser"),
+ .pw_uid = 12345,
+ .pw_gid = 6890,
+ .pw_dir = discard_const("/home/testsiduser"),
+ .pw_gecos = discard_const("test bysid lookup"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getnamebysid_check(uint32_t status, uint8_t *body, size_t blen)
{
size_t rp = 2 * sizeof(uint32_t); /* num_results and reserved */
@@ -2815,7 +3161,7 @@ static int test_nss_getnamebysid_check(uint32_t status, uint8_t *body, size_t bl
assert_int_equal(id_type, SSS_ID_TYPE_UID);
name = (const char *) body + rp;
- assert_string_equal(name, "testsiduser");
+ assert_string_equal(name, testbysid.pw_name);
return EOK;
}
@@ -2836,12 +3182,8 @@ static void test_nss_getnamebysid(void **state)
ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, user_sid);
assert_int_equal(ret, EOK);
- /* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testsiduser@"TEST_DOM_NAME,
- 12345, 6890, "test sid user",
- "/home/testsiduser", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testbysid, attrs, 0);
assert_int_equal(ret, EOK);
mock_input_user_or_group(user_sid);
@@ -2904,6 +3246,16 @@ void test_nss_getnamebysid_neg(void **state)
assert_int_equal(nss_test_ctx->ncache_hits, 1);
}
+struct passwd testbysid_update = {
+ .pw_name = discard_const("testsidbyname_update"),
+ .pw_uid = 123456,
+ .pw_gid = 789,
+ .pw_dir = discard_const("/home/testsidbyname_update"),
+ .pw_gecos = discard_const("test bysid lookup"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
static int test_nss_getnamebysid_update_check(uint32_t status,
uint8_t *body,
size_t blen)
@@ -2928,11 +3280,9 @@ static int test_nss_getnamebysid_update_acct_cb(void *pvt)
errno_t ret;
struct nss_test_ctx *ctx = talloc_get_type(pvt, struct nss_test_ctx);
- ret = sysdb_store_user(ctx->tctx->dom,
- "testsidbyname_update@"TEST_DOM_NAME, NULL,
- 123456, 789, "test user",
- "/home/testsidbyname_update", "/bin/ksh", NULL,
- NULL, NULL, 300, 0);
+ testbysid_update.pw_shell = discard_const("/bin/ksh");
+ ret = store_user(ctx, nss_test_ctx->tctx->dom,
+ &testbysid_update, NULL, 0);
assert_int_equal(ret, EOK);
return EOK;
@@ -2957,11 +3307,8 @@ void test_nss_getnamebysid_update(void **state)
assert_int_equal(ret, EOK);
/* Prime the cache with a valid but expired user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testsidbyname_update@"TEST_DOM_NAME,
- 123456, 789, "test user",
- "/home/testsidbyname_update", "/bin/sh", NULL,
- attrs, 1, 1);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testbysid_update, attrs, 1);
assert_int_equal(ret, EOK);
/* Mock client input */
@@ -2986,8 +3333,8 @@ void test_nss_getnamebysid_update(void **state)
assert_int_equal(ret, EOK);
/* Check the user was updated in the cache */
- ret = sysdb_getpwnam(nss_test_ctx, nss_test_ctx->tctx->dom,
- "testsidbyname_update", &res);
+ ret = get_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ testbysid_update.pw_name, &res);
assert_int_equal(ret, EOK);
assert_int_equal(res->count, 1);
@@ -2995,6 +3342,16 @@ void test_nss_getnamebysid_update(void **state)
assert_string_equal(shell, "/bin/ksh");
}
+struct passwd testbycert = {
+ .pw_name = discard_const("testcertuser"),
+ .pw_uid = 23456,
+ .pw_gid = 6890,
+ .pw_dir = discard_const("/home/testcertuser"),
+ .pw_gecos = discard_const("test cert user"),
+ .pw_shell = discard_const("/bin/sh"),
+ .pw_passwd = discard_const("*"),
+};
+
#define TEST_TOKEN_CERT \
"MIIECTCCAvGgAwIBAgIBCDANBgkqhkiG9w0BAQsFADA0MRIwEAYDVQQKDAlJUEEu" \
"REVWRUwxHjAcBgNVBAMMFUNlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNTA2MjMx" \
@@ -3031,7 +3388,7 @@ static int test_nss_getnamebycert_check(uint32_t status, uint8_t *body, size_t b
assert_int_equal(id_type, SSS_ID_TYPE_UID);
name = (const char *)body + rp;
- assert_string_equal(name, "testcertuser");
+ assert_string_equal(name, testbycert.pw_name);
return EOK;
}
@@ -3054,10 +3411,8 @@ static void test_nss_getnamebycert(void **state)
assert_int_equal(ret, EOK);
/* Prime the cache with a valid user */
- ret = sysdb_add_user(nss_test_ctx->tctx->dom,
- "testcertuser", 23456, 6890, "test cert user",
- "/home/testcertuser", "/bin/sh", NULL,
- attrs, 300, 0);
+ ret = store_user(nss_test_ctx, nss_test_ctx->tctx->dom,
+ &testbycert, attrs, 0);
assert_int_equal(ret, EOK);
talloc_free(attrs);
generated by cgit (git 2.34.1) at 2024-05-13 22:05:52 +0000