diff options
Diffstat (limited to 'src/tests')
| -rw-r--r-- | src/tests/Makefile.in | 1 | ||||
| -rw-r--r-- | src/tests/t_kprop.py | 44 |
2 files changed, 45 insertions, 0 deletions
diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in index f23ac443a..92d8d6889 100644 --- a/src/tests/Makefile.in +++ b/src/tests/Makefile.in @@ -76,6 +76,7 @@ check-pytests:: gcred hist kdbtest $(RUNPYTEST) $(srcdir)/t_general.py $(PYTESTFLAGS) $(RUNPYTEST) $(srcdir)/t_dump.py $(PYTESTFLAGS) $(RUNPYTEST) $(srcdir)/t_iprop.py $(PYTESTFLAGS) + $(RUNPYTEST) $(srcdir)/t_kprop.py $(PYTESTFLAGS) $(RUNPYTEST) $(srcdir)/t_anonpkinit.py $(PYTESTFLAGS) $(RUNPYTEST) $(srcdir)/t_policy.py $(PYTESTFLAGS) $(RUNPYTEST) $(srcdir)/t_kadm5_hook.py $(PYTESTFLAGS) diff --git a/src/tests/t_kprop.py b/src/tests/t_kprop.py new file mode 100644 index 000000000..ff6290236 --- /dev/null +++ b/src/tests/t_kprop.py @@ -0,0 +1,44 @@ +#!/usr/bin/python +from k5test import * + +conf_slave = {'dbmodules': {'db': {'database_name': '$testdir/db.slave'}}} + +# kprop/kpropd are the only users of krb5_auth_con_initivector, so run +# this test over all enctypes to exercise mkpriv cipher state. +for realm in multipass_realms(create_user=False): + slave = realm.special_env('slave', True, kdc_conf=conf_slave) + + # Set up the kpropd acl file. + acl_file = os.path.join(realm.testdir, 'kpropd-acl') + acl = open(acl_file, 'w') + acl.write(realm.host_princ + '\n') + acl.close() + + # Create the slave db. + dumpfile = os.path.join(realm.testdir, 'dump') + realm.run([kdb5_util, 'dump', dumpfile]) + realm.run([kdb5_util, 'load', dumpfile], slave) + realm.run([kdb5_util, 'stash', '-P', 'master'], slave) + + # Make some changes to the master db. + realm.addprinc('wakawaka') + + # Start kpropd. + kpropd = realm.start_kpropd(slave, ['-d', '-t']) + + realm.run([kdb5_util, 'dump', dumpfile]) + realm.run([kprop, '-f', dumpfile, '-P', str(realm.kprop_port()), hostname]) + output('*** kpropd output follows\n') + while True: + line = kpropd.stdout.readline() + if line == '': + break + output('kpropd: ' + line) + if 'Rejected connection' in line: + fail('kpropd rejected connection from kprop') + + out = realm.run_kadminl('listprincs', slave) + if 'wakawaka' not in out: + fail('Slave does not have all principals from master') + +success('kprop tests') |