report.html

Report generated on 24-Dec-2020 at 00:12:13 by pytest-html v3.1.1

Environment

389-ds-base 1.4.4.9-1.fc33
Packages {"pluggy": "0.13.1", "py": "1.10.0", "pytest": "5.4.3"}
Platform Linux-5.8.18-300.fc33.x86_64-x86_64-with-glibc2.32
Plugins {"html": "3.1.1", "libfaketime": "0.1.2", "metadata": "1.11.0"}
Python 3.9.1
cyrus-sasl 2.1.27-6.fc33
nspr 4.29.0-1.fc33
nss 3.59.0-3.fc33
openldap 2.4.50-5.fc33

Summary

2091 tests ran in 18371.56 seconds.

1972 passed, 22 skipped, 91 failed, 11 errors, 20 expected failures, 8 unexpected passes

Results

Result Test Duration Links
Error suites/gssapi/simple_gssapi_test.py::test_gssapi_bind::setup 0.00
request = <SubRequest 'topology_st_gssapi' for <Function test_gssapi_bind>>

@pytest.fixture(scope="module")
def topology_st_gssapi(request):
"""Create a DS standalone instance with GSSAPI enabled.

This will alter the instance to remove the secure port, to allow
GSSAPI to function.
"""
hostname = socket.gethostname().split('.', 1)

# Assert we have a domain setup in some kind.
> assert len(hostname) == 2
E AssertionError

/usr/local/lib/python3.9/site-packages/lib389/topologies.py:271: AssertionError
Error suites/gssapi/simple_gssapi_test.py::test_invalid_sasl_map::setup 0.00
request = <SubRequest 'topology_st_gssapi' for <Function test_gssapi_bind>>

@pytest.fixture(scope="module")
def topology_st_gssapi(request):
"""Create a DS standalone instance with GSSAPI enabled.

This will alter the instance to remove the secure port, to allow
GSSAPI to function.
"""
hostname = socket.gethostname().split('.', 1)

# Assert we have a domain setup in some kind.
> assert len(hostname) == 2
E AssertionError

/usr/local/lib/python3.9/site-packages/lib389/topologies.py:271: AssertionError
Error suites/gssapi/simple_gssapi_test.py::test_missing_user::setup 0.00
request = <SubRequest 'topology_st_gssapi' for <Function test_gssapi_bind>>

@pytest.fixture(scope="module")
def topology_st_gssapi(request):
"""Create a DS standalone instance with GSSAPI enabled.

This will alter the instance to remove the secure port, to allow
GSSAPI to function.
"""
hostname = socket.gethostname().split('.', 1)

# Assert we have a domain setup in some kind.
> assert len(hostname) == 2
E AssertionError

/usr/local/lib/python3.9/site-packages/lib389/topologies.py:271: AssertionError
Error suites/gssapi/simple_gssapi_test.py::test_support_mech::setup 0.00
request = <SubRequest 'topology_st_gssapi' for <Function test_gssapi_bind>>

@pytest.fixture(scope="module")
def topology_st_gssapi(request):
"""Create a DS standalone instance with GSSAPI enabled.

This will alter the instance to remove the secure port, to allow
GSSAPI to function.
"""
hostname = socket.gethostname().split('.', 1)

# Assert we have a domain setup in some kind.
> assert len(hostname) == 2
E AssertionError

/usr/local/lib/python3.9/site-packages/lib389/topologies.py:271: AssertionError
Error suites/gssapi/simple_gssapi_test.py::test_rejected_mech::setup 0.00
request = <SubRequest 'topology_st_gssapi' for <Function test_gssapi_bind>>

@pytest.fixture(scope="module")
def topology_st_gssapi(request):
"""Create a DS standalone instance with GSSAPI enabled.

This will alter the instance to remove the secure port, to allow
GSSAPI to function.
"""
hostname = socket.gethostname().split('.', 1)

# Assert we have a domain setup in some kind.
> assert len(hostname) == 2
E AssertionError

/usr/local/lib/python3.9/site-packages/lib389/topologies.py:271: AssertionError
Error suites/import/import_test.py::test_fast_slow_import::setup 0.09
request = <SubRequest '_toggle_private_import_mem' for <Function test_fast_slow_import>>
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>

@pytest.fixture(scope="function")
def _toggle_private_import_mem(request, topo):
config = LDBMConfig(topo.standalone)
> config.replace_many(
('nsslapd-db-private-import-mem', 'on'),
('nsslapd-import-cache-autosize', '0'))

suites/import/import_test.py:341:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:303: in replace_many
return self._instance.modify_ext_s(self._dn, mods, serverctrls=self._server_controls,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:612: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:609: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method modify_ext of LDAP object at 0x7fe0331b18d0>
args = ('cn=config,cn=ldbm database,cn=plugins,cn=config', [(2, 'nsslapd-db-private-import-mem', [b'on']), (2, 'nsslapd-import-cache-autosize', [b'0'])], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Error suites/replication/regression_test.py::test_csngen_state_not_updated_if_different_uuid::teardown 47.28
def fin():
# Kill the hanging process at the end of test to prevent failures in the following tests
if DEBUGGING:
[_kill_ns_slapd(inst) for inst in topology]
else:
[_kill_ns_slapd(inst) for inst in topology]
assert _remove_ssca_db(topology)
> [inst.delete() for inst in topology if inst.exists()]

suites/replication/regression_test.py:157:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/regression_test.py:157: in <listcomp>
[inst.delete() for inst in topology if inst.exists()]
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:905: in delete
remove_ds_instance(self)
/usr/local/lib/python3.9/site-packages/lib389/instance/remove.py:42: in remove_ds_instance
remove_paths['backup_dir'] = dirsrv.ds_paths.backup_dir
/usr/local/lib/python3.9/site-packages/lib389/paths.py:162: in __getattr__
ent = self._instance.getEntry(dn, attrlist=[attr,])
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1699: in getEntry
restype, obj = self.result(res)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:147: in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:756: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:760: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe032e43fd0>
func = <built-in method result4 of LDAP object at 0x7fe04441e8d0>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
------------------------------Captured stderr call------------------------------
ldiffile: /var/lib/dirsrv/slapd-master1/ldif/norepl.ldif
-------------------------------Captured log call--------------------------------
INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is NOT working (expect bf6eff0f-0784-420c-a12a-d7674f354ee8 / got description=b6777f83-802a-4f24-967b-4dba647b1b0b) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39202 is NOT working (expect 418b14fc-1580-4d4b-aefc-bb25a506c7a1 / got description=b6777f83-802a-4f24-967b-4dba647b1b0b) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39202 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39201 is NOT working (expect 67acf6a9-47dc-4d96-b672-964b5b17bf70 / got description=bf6eff0f-0784-420c-a12a-d7674f354ee8) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39201 is working
----------------------------Captured stderr teardown----------------------------
kill: cannot find process "None" kill: cannot find process "None"
Error tickets/ticket48973_test.py::test_ticket48973_init::setup 1.09
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:837: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:807: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1242: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation...
Error tickets/ticket48973_test.py::test_ticket48973_ces_not_indexed::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:837: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:807: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1242: AssertionError
Error tickets/ticket48973_test.py::test_ticket48973_homeDirectory_indexing::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:837: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:807: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1242: AssertionError
Error tickets/ticket48973_test.py::test_ticket48973_homeDirectory_caseExactIA5Match_caseIgnoreIA5Match_indexing::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:837: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:807: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1242: AssertionError
Failed suites/acl/keywords_part2_test.py::test_access_from_certain_network_only_ip 14.12
topo = <lib389.topologies.TopologyMain object at 0x7fe0449f2e50>
add_user = None, aci_of_user = None

def test_access_from_certain_network_only_ip(topo, add_user, aci_of_user):
"""
User can access the data when connecting from certain network only as per the ACI.

:id: 4ec38296-7ac5-11e8-9816-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Turn access log buffering off to make less time consuming
topo.standalone.config.set('nsslapd-accesslog-logbuffering', 'off')

# Find the ip from ds logs , as we need to know the exact ip used by ds to run the instances.
# Wait till Access Log is generated
topo.standalone.restart()

# Add ACI
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
domain.add("aci", f'(target = "ldap:///{IP_OU_KEY}")(targetattr=\"*\")(version 3.0; aci "IP aci"; '
f'allow(all)userdn = "ldap:///{NETSCAPEIP_KEY}" and ip = "::1" ;)')

# create a new connection for the test
conn = UserAccount(topo.standalone, NETSCAPEIP_KEY).bind(PW_DM)
# Perform Operation
org = OrganizationalUnit(conn, IP_OU_KEY)
> org.replace("seeAlso", "cn=1")

suites/acl/keywords_part2_test.py:76:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0449f28b0>
func = <built-in method result4 of LDAP object at 0x7fe0449dbb70>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=ip,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/acl/keywords_part2_test.py::test_connectin_from_an_unauthorized_network 0.42
topo = <lib389.topologies.TopologyMain object at 0x7fe0449f2e50>
add_user = None, aci_of_user = None

def test_connectin_from_an_unauthorized_network(topo, add_user, aci_of_user):
"""
User cannot access the data when connectin from an unauthorized network as per the ACI.

:id: 52d1ecce-7ac5-11e8-9ad9-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""

# Add ACI
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
domain.add("aci", f'(target = "ldap:///{IP_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "IP aci"; '
f'allow(all) userdn = "ldap:///{NETSCAPEIP_KEY}" '
f'and ip != "::1" ;)')

# create a new connection for the test
conn = UserAccount(topo.standalone, NETSCAPEIP_KEY).bind(PW_DM)
# Perform Operation
org = OrganizationalUnit(conn, IP_OU_KEY)
with pytest.raises(ldap.INSUFFICIENT_ACCESS):
> org.replace("seeAlso", "cn=1")
E Failed: DID NOT RAISE <class 'ldap.INSUFFICIENT_ACCESS'>

suites/acl/keywords_part2_test.py:119: Failed
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_any_machine 0.21
topo = <lib389.topologies.TopologyMain object at 0x7fe0448b0880>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_any_machine(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from any machine as per the ACI.

:id: 28cbc008-7ac5-11e8-934e-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX)\
.add("aci", f'(target ="ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{FULLDNS_KEY}" and dns = "*" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, FULLDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:245:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe044749bb0>
func = <built-in method result4 of LDAP object at 0x7fe0446095a0>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_internal_ds_network_only 0.15
topo = <lib389.topologies.TopologyMain object at 0x7fe0448b0880>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_internal_ds_network_only(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from internal ICNC network only as per the ACI.

:id: 2cac2136-7ac5-11e8-8328-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
dns_name = socket.getfqdn()
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", [f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; '
f'allow(all) userdn = "ldap:///{SUNDNS_KEY}" and dns = "*redhat.com" ;)',
f'(target = "ldap:///{DNS_OU_KEY}")(targetattr="*")'
f'(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{SUNDNS_KEY}" and dns = "{dns_name}" ;)'])

# Create a new connection for this test.
conn = UserAccount(topo.standalone, SUNDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:277:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe043e2fb50>
func = <built-in method result4 of LDAP object at 0x7fe044616360>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_some_network_only 0.26
topo = <lib389.topologies.TopologyMain object at 0x7fe0448b0880>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_some_network_only(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from some network only as per the ACI.

:id: 3098512a-7ac5-11e8-af85-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
dns_name = socket.getfqdn()
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX)\
.add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" '
f'and dns = "{dns_name}" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:307:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe043e17a90>
func = <built-in method result4 of LDAP object at 0x7fe044838930>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_from_an_unauthorized_network 0.12
topo = <lib389.topologies.TopologyMain object at 0x7fe0448b0880>
add_user = None, aci_of_user = None

def test_from_an_unauthorized_network(topo, add_user, aci_of_user):
"""User cannot access the data when connecting from an unauthorized network as per the ACI.

:id: 34cf9726-7ac5-11e8-bc12-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" and dns != "red.iplanet.com" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:333:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0449db850>
func = <built-in method result4 of LDAP object at 0x7fe0447495a0>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_cannot_access_the_data_when_connecting_from_an_unauthorized_network_2 0.19
topo = <lib389.topologies.TopologyMain object at 0x7fe0448b0880>
add_user = None, aci_of_user = None

def test_user_cannot_access_the_data_when_connecting_from_an_unauthorized_network_2(
topo, add_user, aci_of_user):
"""User cannot access the data when connecting from an unauthorized network as per the ACI.

:id: 396bdd44-7ac5-11e8-8014-8c16451d917b
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" '
f'and dnsalias != "www.redhat.com" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:361:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0449cb880>
func = <built-in method result4 of LDAP object at 0x7fe044cad060>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/backups/backup_test.py::test_db_home_dir_online_backup 5.52
topo = <lib389.topologies.TopologyMain object at 0x7fe042d99b80>

@pytest.mark.bz1851967
@pytest.mark.ds4112
@pytest.mark.skipif(ds_is_older('1.4.1'), reason="Not implemented")
def test_db_home_dir_online_backup(topo):
"""Test that if the dbhome directory is set causing an online backup to fail,
the dblayer_backup function should go to error processing section.

:id: cfc495d6-2a58-4e4e-aa40-39a15c71f973
:setup: Standalone Instance
:steps:
1. Change the dbhome to directory to eg-/tmp/test
2. Perform an online back-up
3. Check for the correct errors in the log
:expectedresults:
1. Success
2. Failure
3. Success
"""
bdb_ldbmconfig = BDB_LDBMConfig(topo.standalone)
dseldif = DSEldif(topo.standalone)
topo.standalone.stop()
with tempfile.TemporaryDirectory() as backup_dir:
dseldif.replace(bdb_ldbmconfig.dn, 'nsslapd-db-home-directory', f'{backup_dir}')
topo.standalone.start()
> topo.standalone.tasks.db2bak(backup_dir=f'{backup_dir}', args={TASK_WAIT: True})

suites/backups/backup_test.py:97:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe042d994f0>
backup_dir = '/tmp/tmpqbujq98w', args = {'wait': True}

def db2bak(self, backup_dir=None, args=None):
'''
Perform a backup by creating a db2bak task

@param backup_dir - backup directory
@param args - is a dictionary that contains modifier of the task
wait: True/[False] - If True, waits for the completion of the
task before to return

@return exit code

@raise ValueError: if bename name does not exist
'''

# Checking the parameters
if not backup_dir:
raise ValueError("You must specify a backup directory.")

# build the task entry
cn = "backup_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_BACKUP_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsArchiveDir': backup_dir,
'nsDatabaseType': 'ldbm database'
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the backup task (%s)", dn)
return -1

exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:630: ValueError
Failed suites/basic/basic_test.py::test_basic_backup 1.33
topology_st = <lib389.topologies.TopologyMain object at 0x7fe042d40940>
import_example_ldif = None

def test_basic_backup(topology_st, import_example_ldif):
"""Tests online and offline backup and restore

:id: 0e9d91f8-8748-40b6-ab03-fbd1998eb985

:setup: Standalone instance and import example.ldif

:steps:
1. Test online backup using db2bak.
2. Test online restore using bak2db.
3. Test offline backup using db2bak.
4. Test offline restore using bak2db.

:expectedresults:
1. Online backup should PASS.
2. Online restore should PASS.
3. Offline backup should PASS.
4. Offline restore should PASS.
"""

log.info('Running test_basic_backup...')

backup_dir = topology_st.standalone.get_bak_dir() + '/backup_test'

# Test online backup
try:
> topology_st.standalone.tasks.db2bak(backup_dir=backup_dir,
args={TASK_WAIT: True})

suites/basic/basic_test.py:356:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe04422c0d0>
backup_dir = '/var/lib/dirsrv/slapd-standalone1/bak/backup_test'
args = {'wait': True}

def db2bak(self, backup_dir=None, args=None):
'''
Perform a backup by creating a db2bak task

@param backup_dir - backup directory
@param args - is a dictionary that contains modifier of the task
wait: True/[False] - If True, waits for the completion of the
task before to return

@return exit code

@raise ValueError: if bename name does not exist
'''

# Checking the parameters
if not backup_dir:
raise ValueError("You must specify a backup directory.")

# build the task entry
cn = "backup_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_BACKUP_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsArchiveDir': backup_dir,
'nsDatabaseType': 'ldbm database'
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the backup task (%s)", dn)
return -1

exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:630: ValueError

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe042d40940>
import_example_ldif = None

def test_basic_backup(topology_st, import_example_ldif):
"""Tests online and offline backup and restore

:id: 0e9d91f8-8748-40b6-ab03-fbd1998eb985

:setup: Standalone instance and import example.ldif

:steps:
1. Test online backup using db2bak.
2. Test online restore using bak2db.
3. Test offline backup using db2bak.
4. Test offline restore using bak2db.

:expectedresults:
1. Online backup should PASS.
2. Online restore should PASS.
3. Offline backup should PASS.
4. Offline restore should PASS.
"""

log.info('Running test_basic_backup...')

backup_dir = topology_st.standalone.get_bak_dir() + '/backup_test'

# Test online backup
try:
topology_st.standalone.tasks.db2bak(backup_dir=backup_dir,
args={TASK_WAIT: True})
except ValueError:
log.fatal('test_basic_backup: Online backup failed')
> assert False
E assert False

suites/basic/basic_test.py:360: AssertionError
-------------------------------Captured log call--------------------------------
CRITICAL tests.suites.basic.basic_test:basic_test.py:359 test_basic_backup: Online backup failed
Failed suites/basic/basic_test.py::test_bind_invalid_entry 1.17
topology_st = <lib389.topologies.TopologyMain object at 0x7fe042d40940>

def test_bind_invalid_entry(topology_st):
"""Test the failing bind does not return information about the entry

:id: 5cd9b083-eea6-426b-84ca-83c26fc49a6f

:setup: Standalone instance

:steps:
1: bind as non existing entry
2: check that bind info does not report 'No such entry'

:expectedresults:
1: pass
2: pass
"""

> topology_st.standalone.restart()

suites/basic/basic_test.py:1496:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1222: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1081: in start
subprocess.check_output(["systemctl", "start", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['systemctl', 'start', 'dirsrv@standalone1'],)
kwargs = {'stderr': -2, 'stdout': -1}
process = <Popen: returncode: 1 args: ['systemctl', 'start', 'dirsrv@standalone1']>
stdout = b'Job for dirsrv@standalone1.service failed because the control process exited with error code.\nSee "systemctl status dirsrv@standalone1.service" and "journalctl -xe" for details.\n'
stderr = None, retcode = 1

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@standalone1']' returned non-zero exit status 1.

/usr/lib64/python3.9/subprocess.py:524: CalledProcessError
Failed suites/clu/schema_test.py::test_origins_with_extra_parenthesis 11.39
topo = <lib389.topologies.TopologyMain object at 0x7fe0449db040>

def test_origins_with_extra_parenthesis(topo):
"""Test the custom schema with extra parenthesis in X-ORIGIN can be parsed
into JSON

:id: 4230f83b-0dc3-4bc4-a7a8-5ab0826a4f05
:setup: Standalone Instance
:steps:
1. Add attribute with X-ORIGIN that contains extra parenthesis
2. Querying for that attribute with JSON flag
:expectedresults:
1. Success
2. Success
"""

ATTR_NAME = 'testAttribute'
X_ORG_VAL = 'test (TEST)'
schema = Schema(topo.standalone)

# Add new attribute
parameters = {
'names': [ATTR_NAME],
'oid': '1.1.1.1.1.1.1.22222',
'desc': 'Test extra parenthesis in X-ORIGIN',
'x_origin': X_ORG_VAL,
'syntax': '1.3.6.1.4.1.1466.115.121.1.15',
'syntax_len': None,
'x_ordered': None,
'collective': None,
'obsolete': None,
'single_value': None,
'no_user_mod': None,
'equality': None,
'substr': None,
'ordering': None,
'usage': None,
'sup': None
}
> schema.add_attributetype(parameters)

suites/clu/schema_test.py:49:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:321: in add_attributetype
return self._add_schema_object(parameters, AttributeType)
/usr/local/lib/python3.9/site-packages/lib389/schema.py:215: in _add_schema_object
return self.add(attr_name, str(schema_object))
/usr/lib64/python3.9/site-packages/ldap/schema/models.py:320: in __str__
result.append(self.key_list('X-ORIGIN',self.x_origin,quoted=1))
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <ldap.schema.models.AttributeType object at 0x7fe044974c70>
key = 'X-ORIGIN', values = 'test (TEST)', sep = ' ', quoted = 1

def key_list(self,key,values,sep=' ',quoted=0):
> assert type(values)==tuple,TypeError("values has to be a tuple, was %r" % values)
E AssertionError: values has to be a tuple, was 'test (TEST)'

/usr/lib64/python3.9/site-packages/ldap/schema/models.py:79: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/disk_monitoring/disk_monitoring_test.py::test_enable_external_libs_debug_log 0.11
topo = <lib389.topologies.TopologyMain object at 0x7fe04414e070>, setup = None
reset_logs = None

@disk_monitoring_ack
def test_enable_external_libs_debug_log(topo, setup, reset_logs):
"""Check that OpenLDAP logs are successfully enabled and disabled when
disk threshold is reached

:id: 121b2b24-ecba-48e2-9ee2-312d929dc8c6
:setup: Standalone instance
:steps: 1. Set nsslapd-external-libs-debug-enabled to "on"
2. Go straight below 1/2 of the threshold
3. Verify that the external libs debug setting is disabled
4. Go back above 1/2 of the threshold
5. Verify that the external libs debug setting is enabled back
:expectedresults: 1. Success
2. Success
3. Success
4. Success
5. Success
"""
try:
# Verify that verbose logging was set to default level
assert topo.standalone.config.set('nsslapd-disk-monitoring', 'on')
assert topo.standalone.config.set('nsslapd-disk-monitoring-logging-critical', 'off')
> assert topo.standalone.config.set('nsslapd-external-libs-debug-enabled', 'on')

suites/disk_monitoring/disk_monitoring_test.py:162:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.config.Config object at 0x7fe0458c1130>
key = 'nsslapd-external-libs-debug-enabled', value = [b'on'], action = 2

def set(self, key, value, action=ldap.MOD_REPLACE):
"""Perform a specified action on a key with value

:param key: an attribute name
:type key: str
:param value: an attribute value
:type value: str
:param action: - ldap.MOD_REPLACE - by default
- ldap.MOD_ADD
- ldap.MOD_DELETE
:type action: int

:returns: result of modify_s operation
:raises: ValueError - if instance is not online
"""

if action == ldap.MOD_ADD:
action_txt = "ADD"
elif action == ldap.MOD_REPLACE:
action_txt = "REPLACE"
elif action == ldap.MOD_DELETE:
action_txt = "DELETE"
else:
# This should never happen (bug!)
action_txt = "UNKNOWN"

if value is None or len(value) < 512:
self._log.debug("%s set %s: (%r, %r)" % (self._dn, action_txt, key, display_log_value(key, value)))
else:
self._log.debug("%s set %s: (%r, value too large)" % (self._dn, action_txt, key))
if self._instance.state != DIRSRV_STATE_ONLINE:
raise ValueError("Invalid state. Cannot set properties on instance that is not ONLINE.")

if isinstance(value, list):
# value = map(lambda x: ensure_bytes(x), value)
value = ensure_list_bytes(value)
elif value is not None:
value = [ensure_bytes(value)]

> return self._instance.modify_ext_s(self._dn, [(action, key, value)],
serverctrls=self._server_controls, clientctrls=self._client_controls,
escapehatch='i am sure')

/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=config', [(2, 'nsslapd-external-libs-debug-enabled', [b'on'])])
kwargs = {'clientctrls': None, 'serverctrls': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe04414e820>, dn = 'cn=config'
modlist = [(2, 'nsslapd-external-libs-debug-enabled', [b'on'])]
serverctrls = None, clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (5,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe04414e820>, msgid = 5, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (5, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe04414e820>, msgid = 5, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7fe042e03d50>, 5, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe04414e820>
func = <built-in method result4 of LDAP object at 0x7fe042e03d50>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'msgtype': 103, 'msgid': 5, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Unknown attribute nsslapd-external-libs-debug-enabled will be ignored'})
exc_traceback = <traceback object at 0x7fe04424d900>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe04414e820>
func = <built-in method result4 of LDAP object at 0x7fe042e03d50>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 5, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Unknown attribute nsslapd-external-libs-debug-enabled will be ignored'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topo = <lib389.topologies.TopologyMain object at 0x7fe04414e070>, setup = None
reset_logs = None

@disk_monitoring_ack
def test_enable_external_libs_debug_log(topo, setup, reset_logs):
"""Check that OpenLDAP logs are successfully enabled and disabled when
disk threshold is reached

:id: 121b2b24-ecba-48e2-9ee2-312d929dc8c6
:setup: Standalone instance
:steps: 1. Set nsslapd-external-libs-debug-enabled to "on"
2. Go straight below 1/2 of the threshold
3. Verify that the external libs debug setting is disabled
4. Go back above 1/2 of the threshold
5. Verify that the external libs debug setting is enabled back
:expectedresults: 1. Success
2. Success
3. Success
4. Success
5. Success
"""
try:
# Verify that verbose logging was set to default level
assert topo.standalone.config.set('nsslapd-disk-monitoring', 'on')
assert topo.standalone.config.set('nsslapd-disk-monitoring-logging-critical', 'off')
assert topo.standalone.config.set('nsslapd-external-libs-debug-enabled', 'on')
assert topo.standalone.config.set('nsslapd-errorlog-level', '8')
topo.standalone.restart()
subprocess.call(['dd', 'if=/dev/zero', 'of={}/foo'.format(topo.standalone.ds_paths.log_dir), 'bs=1M', 'count={}'.format(HALF_THR_FILL_SIZE)])
# Verify that logging is disabled
_withouterrorlog(topo, "topo.standalone.config.get_attr_val_utf8('nsslapd-external-libs-debug-enabled') != 'off'", 31)
finally:
> os.remove('{}/foo'.format(topo.standalone.ds_paths.log_dir))
E FileNotFoundError: [Errno 2] No such file or directory: '/var/log/dirsrv/slapd-standalone1/foo'

suites/disk_monitoring/disk_monitoring_test.py:169: FileNotFoundError
Failed suites/ds_logs/ds_logs_test.py::test_enable_external_libs_debug_log 2.13
topology_st = <lib389.topologies.TopologyMain object at 0x7fe044268400>

def test_enable_external_libs_debug_log(topology_st):
"""Check that OpenLDAP logs are successfully enabled and disabled

:id: b04646e3-9a5e-45ae-ad81-2882c1daf23e
:setup: Standalone instance
:steps: 1. Create a user to bind on
2. Set nsslapd-external-libs-debug-enabled to "on"
3. Clean the error log
4. Bind as the user to generate OpenLDAP output
5. Restart the servers to flush the logs
6. Check the error log for OpenLDAP debug log
7. Set nsslapd-external-libs-debug-enabled to "on"
8. Clean the error log
9. Bind as the user to generate OpenLDAP output
10. Restart the servers to flush the logs
11. Check the error log for OpenLDAP debug log
:expectedresults: 1. Success
2. Success
3. Success
4. Success
5. Success
6. Logs are present
7. Success
8. Success
9. Success
10. Success
11. No logs are present
"""

standalone = topology_st.standalone

log.info('Create a user to bind on')
users = UserAccounts(standalone, DEFAULT_SUFFIX)
user = users.ensure_state(properties={
'uid': 'test_audit_log',
'cn': 'test',
'sn': 'user',
'uidNumber': '1000',
'gidNumber': '1000',
'homeDirectory': '/home/test',
'userPassword': PASSWORD
})

log.info('Set nsslapd-external-libs-debug-enabled to "on"')
> standalone.config.set('nsslapd-external-libs-debug-enabled', 'on')

suites/ds_logs/ds_logs_test.py:1084:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe044268250>
func = <built-in method result4 of LDAP object at 0x7fe044268ae0>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 7, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Unknown attribute nsslapd-external-libs-debug-enabled will be ignored'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log call--------------------------------
INFO tests.suites.ds_logs.ds_logs_test:ds_logs_test.py:1071 Create a user to bind on INFO tests.suites.ds_logs.ds_logs_test:ds_logs_test.py:1083 Set nsslapd-external-libs-debug-enabled to "on"
Failed suites/healthcheck/health_security_test.py::test_healthcheck_certif_expiring_within_30d 8.96
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>

@pytest.mark.ds50873
@pytest.mark.bz1685160
@pytest.mark.xfail(ds_is_older("1.4.1"), reason="Not implemented")
def test_healthcheck_certif_expiring_within_30d(topology_st):
"""Check if HealthCheck returns DSCERTLE0001 code

:id: c2165032-88ba-4978-a4ca-2fecfd8c35d8
:setup: Standalone instance
:steps:
1. Create DS instance
2. Use libfaketime to tell the process the date is within 30 days before certificate expiration
3. Use HealthCheck without --json option
4. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Healthcheck reports DSCERTLE0001 code and related details
4. Healthcheck reports DSCERTLE0001 code and related details
"""

RET_CODE = 'DSCERTLE0001'

standalone = topology_st.standalone

standalone.enable_tls()

# Cert is valid two years from today, so we count the date that is within 30 days before certificate expiration
date_future = datetime.now() + timedelta(days=701)

with libfaketime.fake_time(date_future):
time.sleep(1)
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/health_security_test.py:304:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>
instance = <lib389.DirSrv object at 0x7fe03372d970>
searched_code = 'DSCERTLE0001', json = False, searched_code2 = None

def run_healthcheck_and_flush_log(topology, instance, searched_code, json, searched_code2=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = False
args.list_checks = False
args.check = ['config', 'encryption', 'tls', 'fschecks']
args.dry_run = False

if json:
log.info('Use healthcheck with --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
assert topology.logcap.contains(searched_code)
log.info('Healthcheck returned searched code: %s' % searched_code)

if searched_code2 is not None:
assert topology.logcap.contains(searched_code2)
log.info('Healthcheck returned searched code: %s' % searched_code2)
else:
log.info('Use healthcheck without --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSCERTLE0001')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>.logcap

suites/healthcheck/health_security_test.py:67: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:111 No issues found.
Failed suites/healthcheck/health_security_test.py::test_healthcheck_certif_expired 12.95
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>

@pytest.mark.ds50873
@pytest.mark.bz1685160
@pytest.mark.xfail(ds_is_older("1.4.1"), reason="Not implemented")
def test_healthcheck_certif_expired(topology_st):
"""Check if HealthCheck returns DSCERTLE0002 code

:id: ceff2c22-62c0-4fd9-b737-930a88458d68
:setup: Standalone instance
:steps:
1. Create DS instance
2. Use libfaketime to tell the process the date is after certificate expiration
3. Use HealthCheck without --json option
4. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Healthcheck reports DSCERTLE0002 code and related details
4. Healthcheck reports DSCERTLE0002 code and related details
"""

RET_CODE = 'DSCERTLE0002'

standalone = topology_st.standalone

standalone.enable_tls()

# Cert is valid two years from today, so we count the date that is after expiration
date_future = datetime.now() + timedelta(days=731)

with libfaketime.fake_time(date_future):
time.sleep(1)
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/health_security_test.py:343:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>
instance = <lib389.DirSrv object at 0x7fe03372d970>
searched_code = 'DSCERTLE0002', json = False, searched_code2 = None

def run_healthcheck_and_flush_log(topology, instance, searched_code, json, searched_code2=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = False
args.list_checks = False
args.check = ['config', 'encryption', 'tls', 'fschecks']
args.dry_run = False

if json:
log.info('Use healthcheck with --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
assert topology.logcap.contains(searched_code)
log.info('Healthcheck returned searched code: %s' % searched_code)

if searched_code2 is not None:
assert topology.logcap.contains(searched_code2)
log.info('Healthcheck returned searched code: %s' % searched_code2)
else:
log.info('Use healthcheck without --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSCERTLE0002')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7fe03372d7f0>.logcap

suites/healthcheck/health_security_test.py:67: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 2 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSCERTLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: tls:certificate_expiration INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- Expiring Certificate INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The certificate (Self-Signed-CA) will expire in less than 30 days INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Renew the certificate before it expires to prevent disruptions with TLS connections. INFO LogCapture:health.py:45 [2] DS Lint Error: DSCERTLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: tls:certificate_expiration INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- Expiring Certificate INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The certificate (Server-Cert) will expire in less than 30 days INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Renew the certificate before it expires to prevent disruptions with TLS connections. INFO LogCapture:health.py:124 ===== End Of Report (2 Issues found) =====
Failed suites/import/import_test.py::test_online_import_with_warning 6.85
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>
_import_clean = None

def test_online_import_with_warning(topo, _import_clean):
"""
Import an ldif file with syntax errors, verify skipped entry warning code

:id: 5bf75c47-a283-430e-a65c-3c5fd8dbadb8
:setup: Standalone Instance
:steps:
1. Create standalone Instance
2. Create an ldif file with an entry that violates syntax check (empty givenname)
3. Online import of troublesome ldif file
:expected results:
1. Successful import with skipped entry warning
"""
topo.standalone.restart()

import_task = ImportTask(topo.standalone)
import_ldif1 = _create_syntax_err_ldif(topo)

# Importing the offending ldif file - online
import_task.import_suffix_from_ldif(ldiffile=import_ldif1, suffix=DEFAULT_SUFFIX)

# There is just a single entry in this ldif
import_task.wait(5)

# Check for the task nsTaskWarning attr, make sure its set to skipped entry code
> assert import_task.present('nstaskwarning')
E AssertionError: assert False
E + where False = <bound method DSLdapObject.present of <lib389.tasks.ImportTask object at 0x7fe0331b18b0>>('nstaskwarning')
E + where <bound method DSLdapObject.present of <lib389.tasks.ImportTask object at 0x7fe0331b18b0>> = <lib389.tasks.ImportTask object at 0x7fe0331b18b0>.present

suites/import/import_test.py:237: AssertionError
Failed suites/import/import_test.py::test_ldif2db_syntax_check 4.73
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>
_import_clean = None

def test_ldif2db_syntax_check(topo, _import_clean):
"""ldif2db should return a warning when a skipped entry has occured.
:id: 85e75670-42c5-4062-9edc-7f117c97a06f
:setup:
1. Standalone Instance
2. Ldif entry that violates syntax check rule (empty givenname)
:steps:
1. Create an ldif file which violates the syntax checking rule
2. Stop the server and import ldif file with ldif2db
:expected results:
1. ldif2db import returns a warning to signify skipped entries
"""
import_ldif1 = _create_syntax_err_ldif(topo)
# Import the offending LDIF data - offline
topo.standalone.stop()
ret = topo.standalone.ldif2db('userRoot', None, None, None, import_ldif1)
> assert ret == TaskWarning.WARN_SKIPPED_IMPORT_ENTRY
E assert True == <TaskWarning....PORT_ENTRY: 8>
E +True
E -<TaskWarning.WARN_SKIPPED_IMPORT_ENTRY: 8>

suites/import/import_test.py:301: AssertionErrordef finofaci():
accounts = Accounts(topo.standalone, DEFAULT_SUFFIX)
> for i in accounts.filter('(uid=*)'):

suites/import/import_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1249: in filter
results = self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:864: in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:147: in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:756: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:760: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method result4 of LDAP object at 0x7fe0331b18d0>
args = (6, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/import/import_test.py::test_issue_a_warning_if_the_cache_size_is_smaller 0.08
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>
_import_clean = None

def test_issue_a_warning_if_the_cache_size_is_smaller(topo, _import_clean):
"""Report during startup if nsslapd-cachememsize is too small

:id: 1aa8cbda-9c0e-11ea-9297-8c16451d917b
:setup: Standalone Instance
:steps:
1. Set nsslapd-cache-autosize to 0
2. Change cachememsize
3. Check that cachememsize is sufficiently small
4. Import some users to make id2entry.db big
5. Warning message should be there in error logs
:expected results:
1. Operation successful
2. Operation successful
3. Operation successful
4. Operation successful
5. Operation successful
"""
config = LDBMConfig(topo.standalone)
> backend = Backends(topo.standalone).list()[0]

suites/import/import_test.py:324:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1094: in list
results = self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method search_ext of LDAP object at 0x7fe0331b18d0>
args = ('cn=ldbm database,cn=plugins,cn=config', 2, '(&(objectclass=nsBackendInstance))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWNdef finofaci():
accounts = Accounts(topo.standalone, DEFAULT_SUFFIX)
> for i in accounts.filter('(uid=*)'):

suites/import/import_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1249: in filter
results = self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method search_ext of LDAP object at 0x7fe0331b18d0>
args = ('dc=example,dc=com', 2, '(&(|(objectclass=nsAccount)(objectclass=nsPerson)(objectclass=simpleSecurityObject)(objectcl...Account)(objectclass=shadowAccount)(objectclass=posixGroup)(objectclass=mailRecipient))(uid=*))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/import/import_test.py::test_entry_with_escaped_characters_fails_to_import_and_index 0.09
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>
_import_clean = None

@pytest.mark.bz175063
def test_entry_with_escaped_characters_fails_to_import_and_index(topo, _import_clean):
"""If missing entry_id is found, skip it and continue reading the primary db to be re indexed.

:id: 358c938c-9c0e-11ea-adbc-8c16451d917b
:setup: Standalone Instance
:steps:
1. Import the example data from ldif.
2. Remove some of the other entries that were successfully imported.
3. Now re-index the database.
4. Should not return error.
:expected results:
1. Operation successful
2. Operation successful
3. Operation successful
4. Operation successful
"""
# Import the example data from ldif
> _import_offline(topo, 10)

suites/import/import_test.py:430:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/import/import_test.py:82: in _import_offline
_check_users_before_test(topo, no_no)
suites/import/import_test.py:49: in _check_users_before_test
assert len(accounts.filter('(uid=*)')) < no_no
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1249: in filter
results = self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method search_ext of LDAP object at 0x7fe0331b18d0>
args = ('dc=example,dc=com', 2, '(&(|(objectclass=nsAccount)(objectclass=nsPerson)(objectclass=simpleSecurityObject)(objectcl...Account)(objectclass=shadowAccount)(objectclass=posixGroup)(objectclass=mailRecipient))(uid=*))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWNdef finofaci():
accounts = Accounts(topo.standalone, DEFAULT_SUFFIX)
> for i in accounts.filter('(uid=*)'):

suites/import/import_test.py:64:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1249: in filter
results = self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method search_ext of LDAP object at 0x7fe0331b18d0>
args = ('dc=example,dc=com', 2, '(&(|(objectclass=nsAccount)(objectclass=nsPerson)(objectclass=simpleSecurityObject)(objectcl...Account)(objectclass=shadowAccount)(objectclass=posixGroup)(objectclass=mailRecipient))(uid=*))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/import/import_test.py::test_import_perf_after_failure 0.65
topo = <lib389.topologies.TopologyMain object at 0x7fe0331b1a00>

def test_import_perf_after_failure(topo):
"""Make an import fail by specifying the wrong LDIF file name, then
try the import with the correct name. Make sure the import performance
is what we expect.

:id: d21dc67f-475e-402a-be9e-3eeb9181c156
:setup: Standalone Instance
:steps:
1. Build LDIF file
2. Import invalid LDIF filename
3. Import valid LDIF filename
4. Import completes in a timely manner
:expectedresults:
1. Success
2. Success
3. Success
4. Success
"""

ldif_dir = topo.standalone.get_ldif_dir()
import_ldif = ldif_dir + '/perf_import.ldif'
bad_import_ldif = ldif_dir + '/perf_import_typo.ldif'

# Build LDIF file
dbgen_users(topo.standalone, 30000, import_ldif, DEFAULT_SUFFIX)

# Online import which fails
import_task = ImportTask(topo.standalone)
> import_task.import_suffix_from_ldif(ldiffile=bad_import_ldif, suffix=DEFAULT_SUFFIX)

suites/import/import_test.py:474:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/tasks.py:351: in import_suffix_from_ldif
self.create(properties=_properties)
/usr/local/lib/python3.9/site-packages/lib389/tasks.py:118: in create
return super(Task, self).create(rdn, properties, basedn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:424: in add_ext_s
msgid = self.add_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:177: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:421: in add_ext
return self._ldap_call(self._l.add_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033233160>
func = <built-in method add_ext of LDAP object at 0x7fe0331b18d0>
args = ('cn=import_2020-12-23T20:21:42.468552,cn=import,cn=tasks,cn=config', [('objectclass', [b'top', b'extensibleObject']),...ludeSuffix', [b'dc=example,dc=com']), ('ttl', [b'86400']), ('cn', [b'import_2020-12-23T20:21:42.468552'])], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/mapping_tree/acceptance_test.py::test_invalid_mt 11.52
topo = <lib389.topologies.TopologyMain object at 0x7fe032e103d0>

def test_invalid_mt(topo):
"""Test that you can not add a new suffix/mapping tree
that does not already have the backend entry created.

:id: caabd407-f541-4695-b13f-8f92af1112a0
:setup: Standalone Instance
:steps:
1. Create a new suffix that specifies an existing backend which has a
different suffix.
2. Create a suffix that has no backend entry at all.
:expectedresults:
1. Should fail with UNWILLING_TO_PERFORM
1. Should fail with UNWILLING_TO_PERFORM
"""

bad_suffix = 'dc=does,dc=not,dc=exist'
mts = MappingTrees(topo.standalone)

properties = {
'cn': bad_suffix,
'nsslapd-state': 'backend',
'nsslapd-backend': 'userroot',
}
with pytest.raises(ldap.UNWILLING_TO_PERFORM):
> mts.create(properties=properties)
E Failed: DID NOT RAISE <class 'ldap.UNWILLING_TO_PERFORM'>

suites/mapping_tree/acceptance_test.py:51: Failed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/openldap_2_389/migrate_test.py::test_migrate_openldap_slapdd 31.49
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03355cca0>

@pytest.mark.skipif(ds_is_older('1.4.3'), reason="Not implemented")
def test_migrate_openldap_slapdd(topology_st):
"""

:id: e9748040-90a0-4d69-bdde-007104f75cc5
:setup: Data directory with an openldap config directory.
:steps:
1. Parse the configuration
2. Execute a full migration plan

:expectedresults:
1. Success
2. Success
"""

inst = topology_st.standalone
config_path = os.path.join(DATADIR1, 'slapd.d')
config = olConfig(config_path)
ldifs = {
"dc=example,dc=com": os.path.join(DATADIR1, 'example_com.slapcat.ldif'),
"dc=example,dc=net": os.path.join(DATADIR1, 'example_net.slapcat.ldif'),
}

migration = Migration(config, inst, ldifs)

print("==== migration plan ====")
print(migration.__unicode__())
print("==== end migration plan ====")

> migration.execute_plan()

suites/openldap_2_389/migrate_test.py:76:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/migrate/plan.py:662: in execute_plan
item.post(self.inst)
/usr/local/lib/python3.9/site-packages/lib389/migrate/plan.py:92: in post
be.reindex(wait=True)
/usr/local/lib/python3.9/site-packages/lib389/backend.py:753: in reindex
reindex_task.reindex(benamebase=bename, attrname=attrs, args=args)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0332651f0>
suffix = 'dc=example,dc=com', benamebase = 'userRoot', attrname = None
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stdout call------------------------------
==== migration plan ==== SchemaAttributeCreate -> ('pseudonym',) SchemaAttributeCreate -> ('email', 'emailAddress', 'pkcs9email') SchemaAttributeCreate -> ('textEncodedORAddress',) SchemaAttributeUnsupported -> ('otherMailbox',) SchemaAttributeCreate -> ('aRecord',) SchemaAttributeCreate -> ('mDRecord',) SchemaAttributeCreate -> ('mXRecord',) SchemaAttributeCreate -> ('nSRecord',) SchemaAttributeCreate -> ('sOARecord',) SchemaAttributeCreate -> ('cNAMERecord',) SchemaAttributeCreate -> ('janetMailbox',) SchemaAttributeCreate -> ('mailPreferenceOption',) SchemaAttributeUnsupported -> ('dSAQuality',) SchemaAttributeUnsupported -> ('singleLevelQuality',) SchemaAttributeUnsupported -> ('subtreeMinimumQuality',) SchemaAttributeUnsupported -> ('subtreeMaximumQuality',) SchemaAttributeCreate -> ('personalSignature',) SchemaAttributeCreate -> ('suseDefaultBase',) SchemaAttributeCreate -> ('suseNextUniqueId',) SchemaAttributeCreate -> ('suseMinUniqueId',) SchemaAttributeCreate -> ('suseMaxUniqueId',) SchemaAttributeCreate -> ('suseDefaultTemplate',) SchemaAttributeCreate -> ('suseSearchFilter',) SchemaAttributeCreate -> ('suseDefaultValue',) SchemaAttributeCreate -> ('suseNamingAttribute',) SchemaAttributeCreate -> ('suseSecondaryGroup',) SchemaAttributeCreate -> ('suseMinPasswordLength',) SchemaAttributeCreate -> ('suseMaxPasswordLength',) SchemaAttributeCreate -> ('susePasswordHash',) SchemaAttributeCreate -> ('suseSkelDir',) SchemaAttributeCreate -> ('susePlugin',) SchemaAttributeCreate -> ('suseMapAttribute',) SchemaAttributeCreate -> ('suseImapServer',) SchemaAttributeCreate -> ('suseImapAdmin',) SchemaAttributeCreate -> ('suseImapDefaultQuota',) SchemaAttributeCreate -> ('suseImapUseSsl',) SchemaClassUnsupported -> 0.9.2342.19200300.100.4.4 ('pilotPerson', 'newPilotPerson') may -> ('userid', 'textEncodedORAddress', 'rfc822Mailbox', 'favouriteDrink', 'roomNumber', 'userClass', 'homeTelephoneNumber', 'homePostalAddress', 'secretary', 'personalTitle', 'preferredDeliveryMethod', 'businessCategory', 'janetMailbox', 'otherMailbox', 'mobileTelephoneNumber', 'pagerTelephoneNumber', 'organizationalStatus', 'mailPreferenceOption', 'personalSignature') must -> () sup -> ('person',) SchemaClassCreate -> 0.9.2342.19200300.100.4.15 ('dNSDomain',) may -> ('ARecord', 'MDRecord', 'MXRecord', 'NSRecord', 'SOARecord', 'CNAMERecord') must -> () sup -> ('domain',) SchemaClassCreate -> 0.9.2342.19200300.100.4.20 ('pilotOrganization',) may -> ('buildingName',) must -> () sup -> ('organization', 'organizationalUnit') SchemaClassUnsupported -> 0.9.2342.19200300.100.4.21 ('pilotDSA',) may -> ('dSAQuality',) must -> () sup -> ('dsa',) SchemaClassUnsupported -> 0.9.2342.19200300.100.4.22 ('qualityLabelledData',) may -> ('subtreeMinimumQuality', 'subtreeMaximumQuality') must -> ('dsaQuality',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:2 ('suseModuleConfiguration',) may -> ('suseDefaultBase',) must -> ('cn',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:3 ('suseUserConfiguration',) may -> ('suseMinPasswordLength', 'suseMaxPasswordLength', 'susePasswordHash', 'suseSkelDir', 'suseNextUniqueId', 'suseMinUniqueId', 'suseMaxUniqueId', 'suseDefaultTemplate', 'suseSearchFilter', 'suseMapAttribute') must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:4 ('suseObjectTemplate',) may -> ('susePlugin', 'suseDefaultValue', 'suseNamingAttribute') must -> ('cn',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:5 ('suseUserTemplate',) may -> ('suseSecondaryGroup',) must -> ('cn',) sup -> ('suseObjectTemplate',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:6 ('suseGroupTemplate',) may -> () must -> ('cn',) sup -> ('suseObjectTemplate',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:7 ('suseGroupConfiguration',) may -> ('suseNextUniqueId', 'suseMinUniqueId', 'suseMaxUniqueId', 'suseDefaultTemplate', 'suseSearchFilter', 'suseMapAttribute') must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:8 ('suseCaConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:9 ('suseDnsConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:10 ('suseDhcpConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:11 ('suseMailConfiguration',) may -> () must -> ('suseImapServer', 'suseImapAdmin', 'suseImapDefaultQuota', 'suseImapUseSsl') sup -> ('suseModuleConfiguration',) DatabaseReindex -> dc=example,dc=com PluginMemberOfEnable PluginMemberOfScope -> dc=example,dc=com PluginMemberOfFixup -> dc=example,dc=com PluginRefintEnable PluginRefintAttributes -> member PluginRefintAttributes -> memberOf PluginRefintScope -> dc=example,dc=com PluginUniqueConfigure -> dc=example,dc=com, mail 401a528e-eaf5-1039-8667-dbfbf2f5e6dd PluginUniqueConfigure -> dc=example,dc=com, uid 401a528e-eaf5-1039-8667-dbfbf2f5e6dd DatabaseCreate -> dc=example,dc=net, 401a7084-eaf5-1039-866c-dbfbf2f5e6dd DatabaseIndexCreate -> objectClass eq, dc=example,dc=net DatabaseReindex -> dc=example,dc=net PluginMemberOfEnable PluginMemberOfScope -> dc=example,dc=net PluginMemberOfFixup -> dc=example,dc=net PluginUniqueConfigure -> dc=example,dc=net, mail 401a7084-eaf5-1039-866c-dbfbf2f5e6dd PluginUniqueConfigure -> dc=example,dc=net, uid 401a7084-eaf5-1039-866c-dbfbf2f5e6dd DatabaseLdifImport -> dc=example,dc=com /export/tests/suites/openldap_2_389/../../data/openldap_2_389/1/example_com.slapcat.ldif DatabaseLdifImport -> dc=example,dc=net /export/tests/suites/openldap_2_389/../../data/openldap_2_389/1/example_net.slapcat.ldif ==== end migration plan ====
-------------------------------Captured log call--------------------------------
INFO lib389.migrate.openldap.config:config.py:264 Examining OpenLDAP Configuration ... INFO lib389.migrate.openldap.config:config.py:285 Completed OpenLDAP Configuration Parsing. INFO lib389.migrate.plan:plan.py:656 migration: 1 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 2 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 3 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 4 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 5 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 6 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 7 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 8 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 9 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 10 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 11 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 12 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 13 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 14 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 15 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 16 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 17 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 18 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 19 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 20 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 21 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 22 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 23 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 24 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 25 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 26 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 27 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 28 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 29 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 30 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 31 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 32 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 33 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 34 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 35 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 36 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 37 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 38 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 39 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 40 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 41 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 42 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 43 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 44 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 45 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 46 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 47 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 48 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 49 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 50 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 51 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 52 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 53 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 54 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 55 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 56 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 57 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 58 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 59 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 60 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 61 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 62 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 63 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 64 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 65 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 66 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 67 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 68 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 69 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 70 / 71 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 71 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 1 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 2 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 3 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 4 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 5 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 6 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 7 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 8 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 9 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 10 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 11 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 12 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 13 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 14 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 15 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 16 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 17 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 18 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 19 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 20 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 21 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 22 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 23 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 24 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 25 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 26 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 27 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 28 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 29 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 30 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 31 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 32 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 33 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 34 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 35 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 36 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 37 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 38 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 39 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 40 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 41 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 42 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 43 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 44 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 45 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 46 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 47 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 48 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 49 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 50 / 71 complete ... INFO lib389.migrate.plan:plan.py:663 post: 51 / 71 complete ...
Failed suites/openldap_2_389/migrate_test.py::test_migrate_openldap_slapdd_skip_elements 14.93
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03355cca0>

@pytest.mark.skipif(ds_is_older('1.4.3'), reason="Not implemented")
def test_migrate_openldap_slapdd_skip_elements(topology_st):
"""

:id: d5e16aeb-6810-423b-b5e0-f89e0596292e
:setup: Data directory with an openldap config directory.
:steps:
1. Parse the configuration
2. Execute a migration with skipped elements

:expectedresults:
1. Success
2. Success
"""

inst = topology_st.standalone
config_path = os.path.join(DATADIR1, 'slapd.d')
config = olConfig(config_path)
ldifs = {
"dc=example,dc=com": os.path.join(DATADIR1, 'example_com.slapcat.ldif'),
}

# 1.3.6.1.4.1.5322.13.1.1 is namedObject, so check that isn't there

migration = Migration(config, inst, ldifs,
skip_schema_oids=['1.3.6.1.4.1.5322.13.1.1'],
skip_overlays=[olOverlayType.UNIQUE],
)

print("==== migration plan ====")
print(migration.__unicode__())
print("==== end migration plan ====")

> migration.execute_plan()

suites/openldap_2_389/migrate_test.py:117:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/migrate/plan.py:662: in execute_plan
item.post(self.inst)
/usr/local/lib/python3.9/site-packages/lib389/migrate/plan.py:92: in post
be.reindex(wait=True)
/usr/local/lib/python3.9/site-packages/lib389/backend.py:753: in reindex
reindex_task.reindex(benamebase=bename, attrname=attrs, args=args)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe033a1b6a0>
suffix = 'dc=example,dc=com', benamebase = 'userRoot', attrname = None
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
------------------------------Captured stdout call------------------------------
==== migration plan ==== SchemaAttributeUnsupported -> ('otherMailbox',) SchemaAttributeUnsupported -> ('dSAQuality',) SchemaAttributeUnsupported -> ('singleLevelQuality',) SchemaAttributeUnsupported -> ('subtreeMinimumQuality',) SchemaAttributeUnsupported -> ('subtreeMaximumQuality',) SchemaAttributeCreate -> ('suseDefaultBase',) SchemaAttributeCreate -> ('suseNextUniqueId',) SchemaAttributeCreate -> ('suseMinUniqueId',) SchemaAttributeCreate -> ('suseMaxUniqueId',) SchemaAttributeCreate -> ('suseDefaultTemplate',) SchemaAttributeCreate -> ('suseSearchFilter',) SchemaAttributeCreate -> ('suseDefaultValue',) SchemaAttributeCreate -> ('suseNamingAttribute',) SchemaAttributeCreate -> ('suseSecondaryGroup',) SchemaAttributeCreate -> ('suseMinPasswordLength',) SchemaAttributeCreate -> ('suseMaxPasswordLength',) SchemaAttributeCreate -> ('susePasswordHash',) SchemaAttributeCreate -> ('suseSkelDir',) SchemaAttributeCreate -> ('susePlugin',) SchemaAttributeCreate -> ('suseMapAttribute',) SchemaAttributeCreate -> ('suseImapServer',) SchemaAttributeCreate -> ('suseImapAdmin',) SchemaAttributeCreate -> ('suseImapDefaultQuota',) SchemaAttributeCreate -> ('suseImapUseSsl',) SchemaClassUnsupported -> 0.9.2342.19200300.100.4.4 ('pilotPerson', 'newPilotPerson') may -> ('userid', 'textEncodedORAddress', 'rfc822Mailbox', 'favouriteDrink', 'roomNumber', 'userClass', 'homeTelephoneNumber', 'homePostalAddress', 'secretary', 'personalTitle', 'preferredDeliveryMethod', 'businessCategory', 'janetMailbox', 'otherMailbox', 'mobileTelephoneNumber', 'pagerTelephoneNumber', 'organizationalStatus', 'mailPreferenceOption', 'personalSignature') must -> () sup -> ('person',) SchemaClassInconsistent -> ( 0.9.2342.19200300.100.4.20 NAME 'pilotOrganization' SUP organization STRUCTURAL MAY buildingName X-ORIGIN 'user defined' ) to 0.9.2342.19200300.100.4.20 ('pilotOrganization',) may -> ('buildingName',) must -> () sup -> ('organization', 'organizationalUnit') SchemaClassUnsupported -> 0.9.2342.19200300.100.4.21 ('pilotDSA',) may -> ('dSAQuality',) must -> () sup -> ('dsa',) SchemaClassUnsupported -> 0.9.2342.19200300.100.4.22 ('qualityLabelledData',) may -> ('subtreeMinimumQuality', 'subtreeMaximumQuality') must -> ('dsaQuality',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:2 ('suseModuleConfiguration',) may -> ('suseDefaultBase',) must -> ('cn',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:3 ('suseUserConfiguration',) may -> ('suseMinPasswordLength', 'suseMaxPasswordLength', 'susePasswordHash', 'suseSkelDir', 'suseNextUniqueId', 'suseMinUniqueId', 'suseMaxUniqueId', 'suseDefaultTemplate', 'suseSearchFilter', 'suseMapAttribute') must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:4 ('suseObjectTemplate',) may -> ('susePlugin', 'suseDefaultValue', 'suseNamingAttribute') must -> ('cn',) sup -> ('top',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:5 ('suseUserTemplate',) may -> ('suseSecondaryGroup',) must -> ('cn',) sup -> ('suseObjectTemplate',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:6 ('suseGroupTemplate',) may -> () must -> ('cn',) sup -> ('suseObjectTemplate',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:7 ('suseGroupConfiguration',) may -> ('suseNextUniqueId', 'suseMinUniqueId', 'suseMaxUniqueId', 'suseDefaultTemplate', 'suseSearchFilter', 'suseMapAttribute') must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:8 ('suseCaConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:9 ('suseDnsConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:10 ('suseDhcpConfiguration',) may -> () must -> () sup -> ('suseModuleConfiguration',) SchemaClassCreate -> SUSE.YaST.ModuleConfig.OC:11 ('suseMailConfiguration',) may -> () must -> ('suseImapServer', 'suseImapAdmin', 'suseImapDefaultQuota', 'suseImapUseSsl') sup -> ('suseModuleConfiguration',) DatabaseReindex -> dc=example,dc=com PluginMemberOfEnable PluginMemberOfScope -> dc=example,dc=com PluginMemberOfFixup -> dc=example,dc=com PluginRefintEnable PluginRefintAttributes -> member PluginRefintAttributes -> memberOf PluginRefintScope -> dc=example,dc=com PluginUniqueConfigure -> dc=example,dc=com, mail 401a528e-eaf5-1039-8667-dbfbf2f5e6dd PluginUniqueConfigure -> dc=example,dc=com, uid 401a528e-eaf5-1039-8667-dbfbf2f5e6dd DatabaseReindex -> dc=example,dc=net PluginMemberOfEnable PluginMemberOfScope -> dc=example,dc=net PluginMemberOfFixup -> dc=example,dc=net PluginUniqueConfigure -> dc=example,dc=net, mail 401a7084-eaf5-1039-866c-dbfbf2f5e6dd PluginUniqueConfigure -> dc=example,dc=net, uid 401a7084-eaf5-1039-866c-dbfbf2f5e6dd DatabaseLdifImport -> dc=example,dc=com /export/tests/suites/openldap_2_389/../../data/openldap_2_389/1/example_com.slapcat.ldif ==== end migration plan ====
-------------------------------Captured log call--------------------------------
INFO lib389.migrate.openldap.config:config.py:264 Examining OpenLDAP Configuration ... INFO lib389.migrate.openldap.config:config.py:285 Completed OpenLDAP Configuration Parsing. INFO lib389.migrate.plan:plan.py:656 migration: 1 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 2 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 3 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 4 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 5 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 6 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 7 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 8 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 9 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 10 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 11 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 12 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 13 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 14 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 15 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 16 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 17 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 18 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 19 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 20 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 21 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 22 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 23 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 24 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 25 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 26 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 27 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 28 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 29 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 30 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 31 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 32 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 33 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 34 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 35 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 36 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 37 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 38 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 39 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 40 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 41 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 42 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 43 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 44 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 45 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 46 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 47 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 48 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 49 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 50 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 51 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 52 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 53 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 54 / 55 complete ... INFO lib389.migrate.plan:plan.py:656 migration: 55 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 1 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 2 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 3 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 4 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 5 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 6 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 7 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 8 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 9 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 10 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 11 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 12 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 13 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 14 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 15 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 16 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 17 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 18 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 19 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 20 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 21 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 22 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 23 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 24 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 25 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 26 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 27 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 28 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 29 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 30 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 31 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 32 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 33 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 34 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 35 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 36 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 37 / 55 complete ... INFO lib389.migrate.plan:plan.py:663 post: 38 / 55 complete ...
Failed suites/openldap_2_389/password_migrate_test.py::test_migrate_openldap_password_hash 11.68
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03361aac0>

@pytest.mark.skipif(ds_is_older('1.4.3'), reason="Not implemented")
def test_migrate_openldap_password_hash(topology_st):
"""Test import of an openldap password value into the directory and assert
it can bind.

:id: e4898e0d-5d18-4765-9249-84bcbf862fde
:setup: Standalone Instance
:steps:
1. Import a hash
2. Attempt a bind
3. Goto 1

:expectedresults:
1. Success
2. Success
3. Success
"""
inst = topology_st.standalone
inst.config.set('nsslapd-allow-hashed-passwords', 'on')

# You generate these with:
# slappasswd -s password -o module-load=/usr/lib64/openldap/pw-argon2.so -h {ARGON2}
pwds = [
'{CRYPT}ZZKRwXSu3tt8s',
'{SSHA}jdALDtX0+MVMkRsX0ilHz0O6Uos95D4s',
'{MD5}X03MO1qnZdYdgyfeuILPmQ==',
'{SMD5}RnexgcsjdBHMQ1yhB7+sD+a+qDI=',
'{SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g=',
'{SHA256}XohImNooBHFR0OVvjcYpJ3NgPQ1qq73WKhHvch0VQtg=',
'{SSHA256}covFryM35UrKB3gMYxtYpQYTHbTn5kFphjcNHewfj581SLJwjA9jew==',
'{SHA384}qLZLq9CsqRpZvbt3YbQh1PK7OCgNOnW6DyHyvrxFWD1EbFmGYMlM5oDEfRnDB4On',
'{SSHA384}kNjTWdmyy2G1IgJF8WrOpq0N//Yc2Ec5TIQYceuiuHQXRXpC1bfnMqyOx0NxrSREjBWDwUpqXjo=',
'{SHA512}sQnzu7wkTrgkQZF+0G1hi5AI3Qmzvv0bXgc5THBqi7mAsdd4Xll27ASbRt9fEyavWi6m0QP9B8lThf+rDKy8hg==',
'{SSHA512}+7A8kA32q4mCBao4Cbatdyzl5imVwJ62ZAE7UOTP4pfrF90E9R2LabOfJFzx6guaYhTmUEVK2wRKC8bToqspdeTluX2d1BX2',
# Need to check --
'{PBKDF2}10000$IlfapjA351LuDSwYC0IQ8Q$saHqQTuYnjJN/tmAndT.8mJt.6w',
'{PBKDF2-SHA1}10000$ZBEH6B07rgQpJSikyvMU2w$TAA03a5IYkz1QlPsbJKvUsTqNV',
'{PBKDF2-SHA256}10000$henZGfPWw79Cs8ORDeVNrQ$1dTJy73v6n3bnTmTZFghxHXHLsAzKaAy8SksDfZBPIw',
'{PBKDF2-SHA512}10000$Je1Uw19Bfv5lArzZ6V3EPw$g4T/1sqBUYWl9o93MVnyQ/8zKGSkPbKaXXsT8WmysXQJhWy8MRP2JFudSL.N9RklQYgDPxPjnfum/F2f/TrppA',
# '{ARGON2}$argon2id$v=19$m=65536,t=2,p=1$IyTQMsvzB2JHDiWx8fq7Ew$VhYOA7AL0kbRXI5g2kOyyp8St1epkNj7WZyUY4pAIQQ',
]

accounts = nsUserAccounts(inst, basedn=DEFAULT_SUFFIX)
account = accounts.create(properties={
'uid': 'pw_migrate_test_user',
'cn': 'pw_migrate_test_user',
'displayName': 'pw_migrate_test_user',
'uidNumber': '12345',
'gidNumber': '12345',
'homeDirectory': '/var/empty',
})

for pwhash in pwds:
inst.log.debug(f"Attempting -> {pwhash}")
account.set('userPassword', pwhash)
> nconn = account.bind('password')

suites/openldap_2_389/password_migrate_test.py:73:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1027: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1020: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe033166550>
func = <built-in method result4 of LDAP object at 0x7fe03322b690>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INVALID_CREDENTIALS: {'msgtype': 97, 'msgid': 1, 'result': 49, 'desc': 'Invalid credentials', 'ctrls': [], 'info': 'Invalid credentials'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INVALID_CREDENTIALS
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/paged_results/paged_results_test.py::test_search_dns_ip_aci[fqdn] 4.21
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03315a2e0>
create_user = <lib389.idm.user.UserAccount object at 0x7fe03315a430>
aci_subject = 'dns = "localhost.localdomain"'

@pytest.mark.parametrize('aci_subject',
('dns = "{}"'.format(HOSTNAME),
'ip = "{}"'.format(IP_ADDRESS)),
ids=['fqdn','ip'])
def test_search_dns_ip_aci(topology_st, create_user, aci_subject):
"""Verify that after performing multiple simple paged searches
to completion on the suffix with DNS or IP based ACI

:id: bbfddc46-a8c8-49ae-8c90-7265d05b22a9
:parametrized: yes
:setup: Standalone instance, test user for binding,
varying number of users for the search base
:steps:
1. Back up and remove all previous ACI from suffix
2. Add an anonymous ACI for DNS check
3. Bind as test user
4. Search through added users with a simple paged control
5. Perform steps 4 three times in a row
6. Return ACI to the initial state
7. Go through all steps once again, but use IP subject dn
instead of DNS
:expectedresults:
1. Operation should be successful
2. Anonymous ACI should be successfully added
3. Bind should be successful
4. No error happens, all users should be found and sorted
5. Results should remain the same
6. ACI should be successfully returned
7. Results should be the same with ACI with IP subject dn
"""

users_num = 100
page_size = 5
users_list = add_users(topology_st, users_num, DEFAULT_SUFFIX)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

try:
log.info('Back up current suffix ACI')
acis_bck = topology_st.standalone.aci.list(DEFAULT_SUFFIX, ldap.SCOPE_BASE)

log.info('Add test ACI')
ACI_TARGET = '(targetattr != "userPassword")'
ACI_ALLOW = '(version 3.0;acl "Anonymous access within domain"; allow (read,compare,search)'
ACI_SUBJECT = '(userdn = "ldap:///anyone") and (%s);)' % aci_subject
ACI_BODY = ensure_bytes(ACI_TARGET + ACI_ALLOW + ACI_SUBJECT)
topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_REPLACE, 'aci', ACI_BODY)])
log.info('Set user bind')
conn = create_user.bind(TEST_USER_PWD, uri=f'ldap://{IP_ADDRESS}:{topology_st.standalone.port}')

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

log.info('Initiate three searches with a paged results control')
for ii in range(3):
log.info('%d search' % (ii + 1))
all_results = paged_search(conn, DEFAULT_SUFFIX, controls,
search_flt, searchreq_attrlist)
log.info('%d results' % len(all_results))
> assert len(all_results) == len(users_list)
E assert 0 == 100
E +0
E -100

suites/paged_results/paged_results_test.py:569: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:133 Adding 100 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:547 Back up current suffix ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:550 Add test ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:556 Set user bind INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:559 Create simple paged results control instance INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:563 Initiate three searches with a paged results control INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:565 1 search INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:191 Running simple paged result search with - search suffix: dc=example,dc=com; filter: (uid=test*); attr list ['dn', 'sn']; page_size = 5; controls: [<ldap.controls.libldap.SimplePagedResultsControl object at 0x7fe03316b430>]. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 0 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:568 0 results INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:573 Restore ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:155 Deleting 100 users
Failed suites/paged_results/paged_results_test.py::test_search_paged_limits[conf_attr_values1-PASS] 4.34
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03315a2e0>
create_user = <lib389.idm.user.UserAccount object at 0x7fe03315a430>
conf_attr_values = ('5000', '120', '122'), expected_rs = 'PASS'

@pytest.mark.parametrize('conf_attr_values,expected_rs',
((('5000', '100', '100'), ldap.ADMINLIMIT_EXCEEDED),
(('5000', '120', '122'), 'PASS')))
def test_search_paged_limits(topology_st, create_user, conf_attr_values, expected_rs):
"""Verify that nsslapd-idlistscanlimit and
nsslapd-lookthroughlimit can limit the administrator
search abilities.

:id: e0f8b916-7276-4bd3-9e73-8696a4468811
:parametrized: yes
:setup: Standalone instance, test user for binding,
10 users for the search base
:steps:
1. Set nsslapd-sizelimit and nsslapd-pagedsizelimit to 5000
2. Set nsslapd-idlistscanlimit: 120
3. Set nsslapd-lookthroughlimit: 122
4. Bind as test user
5. Search through added users with a simple paged control
using page_size = 10
6. Bind as Directory Manager
7. Set nsslapd-idlistscanlimit: 100
8. Set nsslapd-lookthroughlimit: 100
9. Bind as test user
10. Search through added users with a simple paged control
using page_size = 10
:expectedresults:
1. nsslapd-sizelimit and nsslapd-pagedsizelimit
should be successfully set
2. nsslapd-idlistscanlimit should be successfully set
3. nsslapd-lookthroughlimit should be successfully set
4. Bind should be successful
5. No error happens, all users should be found
6. Bind should be successful
7. nsslapd-idlistscanlimit should be successfully set
8. nsslapd-lookthroughlimit should be successfully set
9. Bind should be successful
10. It should throw ADMINLIMIT_EXCEEDED exception
"""

users_num = 101
page_size = 10
users_list = add_users(topology_st, users_num, DEFAULT_SUFFIX)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']
size_attr_bck = change_conf_attr(topology_st, DN_CONFIG, 'nsslapd-sizelimit', conf_attr_values[0])
pagedsize_attr_bck = change_conf_attr(topology_st, DN_CONFIG, 'nsslapd-pagedsizelimit', conf_attr_values[0])
idlistscan_attr_bck = change_conf_attr(topology_st, 'cn=config,%s' % DN_LDBM, 'nsslapd-idlistscanlimit', conf_attr_values[1])
lookthrough_attr_bck = change_conf_attr(topology_st, 'cn=config,%s' % DN_LDBM, 'nsslapd-lookthroughlimit', conf_attr_values[2])

try:
log.info('Set user bind')
conn = create_user.bind(TEST_USER_PWD)

req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

if expected_rs == ldap.ADMINLIMIT_EXCEEDED:
log.info('Expect to fail with ADMINLIMIT_EXCEEDED')
with pytest.raises(expected_rs):
all_results = paged_search(conn, DEFAULT_SUFFIX, controls, search_flt, searchreq_attrlist)
elif expected_rs == 'PASS':
log.info('Expect to pass')
> all_results = paged_search(conn, DEFAULT_SUFFIX, controls, search_flt, searchreq_attrlist)

suites/paged_results/paged_results_test.py:901:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/paged_results/paged_results_test.py:200: in paged_search
rtype, rdata, rmsgid, rctrls = conn.result3(msgid)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe03368a070>
func = <built-in method result4 of LDAP object at 0x7fe033498390>
args = (12, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ADMINLIMIT_EXCEEDED: {'msgtype': 100, 'msgid': 12, 'result': 11, 'desc': 'Administrative limit exceeded', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: ADMINLIMIT_EXCEEDED
-------------------------------Captured log call--------------------------------
INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:133 Adding 101 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-sizelimit to 5000. Previous value - b'2000'. Modified suffix - cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-pagedsizelimit to 5000. Previous value - b'0'. Modified suffix - cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-idlistscanlimit to 120. Previous value - b'4000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-lookthroughlimit to 122. Previous value - b'5000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:889 Set user bind INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:900 Expect to pass INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:191 Running simple paged result search with - search suffix: dc=example,dc=com; filter: (uid=test*); attr list ['dn', 'sn']; page_size = 10; controls: [<ldap.controls.libldap.SimplePagedResultsControl object at 0x7fe03336a4c0>]. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 0 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 1 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 2 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 3 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 4 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 5 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 6 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 7 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 8 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 9 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:155 Deleting 101 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-sizelimit to b'2000'. Previous value - b'5000'. Modified suffix - cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-pagedsizelimit to b'0'. Previous value - b'5000'. Modified suffix - cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-lookthroughlimit to b'5000'. Previous value - b'122'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-idlistscanlimit to b'4000'. Previous value - b'120'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config.
Failed suites/paged_results/paged_results_test.py::test_search_paged_user_limits[conf_attr_values1-PASS] 4.21
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03315a2e0>
create_user = <lib389.idm.user.UserAccount object at 0x7fe03315a430>
conf_attr_values = ('1000', '120', '122'), expected_rs = 'PASS'

@pytest.mark.parametrize('conf_attr_values,expected_rs',
((('1000', '100', '100'), ldap.ADMINLIMIT_EXCEEDED),
(('1000', '120', '122'), 'PASS')))
def test_search_paged_user_limits(topology_st, create_user, conf_attr_values, expected_rs):
"""Verify that nsPagedIDListScanLimit and nsPagedLookthroughLimit
override nsslapd-idlistscanlimit and nsslapd-lookthroughlimit
while performing search with the simple paged results control.

:id: 69e393e9-1ab8-4f4e-b4a1-06ca63dc7b1b
:parametrized: yes
:setup: Standalone instance, test user for binding,
10 users for the search base
:steps:
1. Set nsslapd-idlistscanlimit: 1000
2. Set nsslapd-lookthroughlimit: 1000
3. Set nsPagedIDListScanLimit: 120
4. Set nsPagedLookthroughLimit: 122
5. Bind as test user
6. Search through added users with a simple paged control
using page_size = 10
7. Bind as Directory Manager
8. Set nsPagedIDListScanLimit: 100
9. Set nsPagedLookthroughLimit: 100
10. Bind as test user
11. Search through added users with a simple paged control
using page_size = 10
:expectedresults:
1. nsslapd-idlistscanlimit should be successfully set
2. nsslapd-lookthroughlimit should be successfully set
3. nsPagedIDListScanLimit should be successfully set
4. nsPagedLookthroughLimit should be successfully set
5. Bind should be successful
6. No error happens, all users should be found
7. Bind should be successful
8. nsPagedIDListScanLimit should be successfully set
9. nsPagedLookthroughLimit should be successfully set
10. Bind should be successful
11. It should throw ADMINLIMIT_EXCEEDED exception
"""

users_num = 101
page_size = 10
users_list = add_users(topology_st, users_num, DEFAULT_SUFFIX)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']
lookthrough_attr_bck = change_conf_attr(topology_st, 'cn=config,%s' % DN_LDBM, 'nsslapd-lookthroughlimit', conf_attr_values[0])
idlistscan_attr_bck = change_conf_attr(topology_st, 'cn=config,%s' % DN_LDBM, 'nsslapd-idlistscanlimit', conf_attr_values[0])
user_idlistscan_attr_bck = change_conf_attr(topology_st, create_user.dn, 'nsPagedIDListScanLimit', conf_attr_values[1])
user_lookthrough_attr_bck = change_conf_attr(topology_st, create_user.dn, 'nsPagedLookthroughLimit', conf_attr_values[2])

try:
log.info('Set user bind')
conn = create_user.bind(TEST_USER_PWD)

req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

if expected_rs == ldap.ADMINLIMIT_EXCEEDED:
log.info('Expect to fail with ADMINLIMIT_EXCEEDED')
with pytest.raises(expected_rs):
all_results = paged_search(conn, DEFAULT_SUFFIX, controls, search_flt, searchreq_attrlist)
elif expected_rs == 'PASS':
log.info('Expect to pass')
> all_results = paged_search(conn, DEFAULT_SUFFIX, controls, search_flt, searchreq_attrlist)

suites/paged_results/paged_results_test.py:975:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/paged_results/paged_results_test.py:200: in paged_search
rtype, rdata, rmsgid, rctrls = conn.result3(msgid)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0330f2c40>
func = <built-in method result4 of LDAP object at 0x7fe03305c5d0>
args = (12, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ADMINLIMIT_EXCEEDED: {'msgtype': 100, 'msgid': 12, 'result': 11, 'desc': 'Administrative limit exceeded', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: ADMINLIMIT_EXCEEDED
-------------------------------Captured log call--------------------------------
INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:133 Adding 101 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-lookthroughlimit to 1000. Previous value - b'5000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-idlistscanlimit to 1000. Previous value - b'4000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsPagedIDListScanLimit to 120. Previous value - None. Modified suffix - uid=simplepaged_test,ou=People,dc=example,dc=com. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsPagedLookthroughLimit to 122. Previous value - None. Modified suffix - uid=simplepaged_test,ou=People,dc=example,dc=com. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:963 Set user bind INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:974 Expect to pass INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:191 Running simple paged result search with - search suffix: dc=example,dc=com; filter: (uid=test*); attr list ['dn', 'sn']; page_size = 10; controls: [<ldap.controls.libldap.SimplePagedResultsControl object at 0x7fe0331491c0>]. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 0 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 1 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 2 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 3 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 4 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 5 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 6 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 7 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 8 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 9 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:155 Deleting 101 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-lookthroughlimit to b'5000'. Previous value - b'1000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsslapd-idlistscanlimit to b'4000'. Previous value - b'1000'. Modified suffix - cn=config,cn=ldbm database,cn=plugins,cn=config. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsPagedIDListScanLimit to None. Previous value - b'120'. Modified suffix - uid=simplepaged_test,ou=People,dc=example,dc=com. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:169 Set nsPagedLookthroughLimit to None. Previous value - b'122'. Modified suffix - uid=simplepaged_test,ou=People,dc=example,dc=com.
Failed suites/password/pwd_algo_test.py::test_pwd_algo_test[GOST_YESCRYPT] 0.09
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0331ea250>
algo = 'GOST_YESCRYPT'

@pytest.mark.parametrize("algo", ALGO_SET)
def test_pwd_algo_test(topology_st, algo):
"""Assert that all of our password algorithms correctly PASS and FAIL varying
password conditions.

:id: fbb308a8-8374-4abd-b786-1f88e56f7650
:parametrized: yes
"""
if algo == 'DEFAULT':
if ds_is_older('1.4.0'):
pytest.skip("Not implemented")
> _test_algo(topology_st.standalone, algo)

suites/password/pwd_algo_test.py:150:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/password/pwd_algo_test.py:39: in _test_algo
inst.config.set('passwordStorageScheme', algo_name)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0456f0fa0>
func = <built-in method result4 of LDAP object at 0x7fe0457092a0>
args = (105, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 103, 'msgid': 105, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'passwordStorageScheme: invalid scheme - GOST_YESCRYPT. Valid schemes are: CLEAR, CRYPT, CRYPT-MD5, CRYPT-SHA256, CRYPT-SHA512, MD5, PBKDF2_SHA256, SHA, SHA256, SHA384, SHA512, SMD5, SSHA, SSHA256, SSHA384, SSHA512'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
Failed suites/replication/changelog_test.py::test_verify_changelog_online_backup 2.09
topo = <lib389.topologies.TopologyMain object at 0x7fe032d99b20>

def test_verify_changelog_online_backup(topo):
"""Check ldap operations in changelog dump file after online backup

:id: 4001c34f-35b4-439e-8c2d-fa7e30375219
:setup: Replication with two masters.
:steps: 1. Add user to server.
2. Take online backup using db2bak task.
3. Restore the database using bak2db task.
4. Perform ldap modify, modrdn and delete operations.
5. Dump the changelog to a file using nsds5task.
6. Check if changelog is updated with ldap operations.
:expectedresults:
1. Add user should PASS.
2. Backup of database should PASS.
3. Restore of database should PASS.
4. Ldap operations should PASS.
5. Changelog should be dumped successfully.
6. Changelog dump file should contain ldap operations
"""

backup_dir = os.path.join(topo.ms['master1'].get_bak_dir(), 'online_backup')
log.info('Run db2bak script to take database backup')
try:
> topo.ms['master1'].tasks.db2bak(backup_dir=backup_dir, args={TASK_WAIT: True})

suites/replication/changelog_test.py:483:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe03315a910>
backup_dir = '/var/lib/dirsrv/slapd-master1/bak/online_backup'
args = {'wait': True}

def db2bak(self, backup_dir=None, args=None):
'''
Perform a backup by creating a db2bak task

@param backup_dir - backup directory
@param args - is a dictionary that contains modifier of the task
wait: True/[False] - If True, waits for the completion of the
task before to return

@return exit code

@raise ValueError: if bename name does not exist
'''

# Checking the parameters
if not backup_dir:
raise ValueError("You must specify a backup directory.")

# build the task entry
cn = "backup_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_BACKUP_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsArchiveDir': backup_dir,
'nsDatabaseType': 'ldbm database'
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the backup task (%s)", dn)
return -1

exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:630: ValueError

During handling of the above exception, another exception occurred:

topo = <lib389.topologies.TopologyMain object at 0x7fe032d99b20>

def test_verify_changelog_online_backup(topo):
"""Check ldap operations in changelog dump file after online backup

:id: 4001c34f-35b4-439e-8c2d-fa7e30375219
:setup: Replication with two masters.
:steps: 1. Add user to server.
2. Take online backup using db2bak task.
3. Restore the database using bak2db task.
4. Perform ldap modify, modrdn and delete operations.
5. Dump the changelog to a file using nsds5task.
6. Check if changelog is updated with ldap operations.
:expectedresults:
1. Add user should PASS.
2. Backup of database should PASS.
3. Restore of database should PASS.
4. Ldap operations should PASS.
5. Changelog should be dumped successfully.
6. Changelog dump file should contain ldap operations
"""

backup_dir = os.path.join(topo.ms['master1'].get_bak_dir(), 'online_backup')
log.info('Run db2bak script to take database backup')
try:
topo.ms['master1'].tasks.db2bak(backup_dir=backup_dir, args={TASK_WAIT: True})
except ValueError:
log.fatal('test_changelog5: Online backup failed')
> assert False
E assert False

suites/replication/changelog_test.py:486: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.replication.changelog_test:changelog_test.py:481 Run db2bak script to take database backup CRITICAL tests.suites.replication.changelog_test:changelog_test.py:485 test_changelog5: Online backup failed
Failed suites/replication/regression_test.py::test_online_init_should_create_keepalive_entries 1.14
topo_m2 = <lib389.topologies.TopologyMain object at 0x7fe033505400>

def test_online_init_should_create_keepalive_entries(topo_m2):
"""Check that keep alive entries are created when initializinf a master from another one

:id: d5940e71-d18a-4b71-aaf7-b9185361fffe
:setup: Two masters replication setup
:steps:
1. Generate ldif without replication data
2 Init both masters from that ldif
3 Check that keep alive entries does not exists
4 Perform on line init of master2 from master1
5 Check that keep alive entries exists
:expectedresults:
1. No error while generating ldif
2. No error while importing the ldif file
3. No keepalive entrie should exists on any masters
4. No error while initializing master2
5. All keepalive entries should exist on every masters

"""

repl = ReplicationManager(DEFAULT_SUFFIX)
m1 = topo_m2.ms["master1"]
m2 = topo_m2.ms["master2"]
# Step 1: Generate ldif without replication data
m1.stop()
m2.stop()
ldif_file = '%s/norepl.ldif' % m1.get_ldif_dir()
m1.db2ldif(bename=DEFAULT_BENAME, suffixes=[DEFAULT_SUFFIX],
excludeSuffixes=None, repl_data=False,
outputfile=ldif_file, encrypt=False)
# Remove replication metadata that are still in the ldif
> _remove_replication_data(ldif_file)

suites/replication/regression_test.py:1025:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

ldif_file = '/var/lib/dirsrv/slapd-master1/ldif/norepl.ldif'

def _remove_replication_data(ldif_file):
""" Remove the replication data from ldif file:
db2lif without -r includes some of the replica data like
- nsUniqueId
- keepalive entries
This function filters the ldif fil to remove these data
"""

> with open(ldif_file) as f:
E FileNotFoundError: [Errno 2] No such file or directory: '/var/lib/dirsrv/slapd-master1/ldif/norepl.ldif'

suites/replication/regression_test.py:122: FileNotFoundError
------------------------------Captured stderr call------------------------------
[23/Dec/2020:22:19:05.750951444 -0500] - INFO - dse_check_file - The config /etc/dirsrv/slapd-master1/dse.ldif can not be accessed. Attempting restore ... (reason: 0) [23/Dec/2020:22:19:05.751002553 -0500] - INFO - dse_check_file - The backup /etc/dirsrv/slapd-master1/dse.ldif.bak can not be accessed. Check it exists and permissions. [23/Dec/2020:22:19:05.751007164 -0500] - ERR - slapd_bootstrap_config - No valid configurations can be accessed! You must restore /etc/dirsrv/slapd-master1/dse.ldif from backup! [23/Dec/2020:22:19:05.751010628 -0500] - EMERG - main - The configuration files in directory /etc/dirsrv/slapd-master1 could not be read or were not found. Please refer to the error log or output for more information.
Failed suites/replication/rfc2307compat_test.py::test_rfc2307compat 40.81
topo_m2 = <lib389.topologies.TopologyMain object at 0x7fe032ab1c10>

def test_rfc2307compat(topo_m2):
""" Test to verify if 10rfc2307compat.ldif does not prevent replication of schema
- Create 2 masters and a test entry
- Move 10rfc2307compat.ldif to be private to M1
- Move 10rfc2307.ldif to be private to M2
- Add 'objectCategory' to the schema of M1
- Force a replication session
- Check 'objectCategory' on M1 and M2
"""
m1 = topo_m2.ms["master1"]
m2 = topo_m2.ms["master2"]

m1.config.loglevel(vals=(ErrorLog.DEFAULT, ErrorLog.REPLICA))
m2.config.loglevel(vals=(ErrorLog.DEFAULT, ErrorLog.REPLICA))

m1.add_s(Entry((
TEST_ENTRY_DN, {
"objectClass": "top",
"objectClass": "extensibleObject",
'uid': TEST_ENTRY_NAME,
'cn': TEST_ENTRY_NAME,
'sn': TEST_ENTRY_NAME,
}
)))

entries = get_repl_entries(topo_m2, TEST_ENTRY_NAME, ["uid"])
assert all(entries), "Entry {} wasn't replicated successfully".format(TEST_ENTRY_DN)

# Clean the old locations (if any)
m1_temp_schema = os.path.join(m1.get_config_dir(), 'schema')
m2_temp_schema = os.path.join(m2.get_config_dir(), 'schema')
m1_schema = os.path.join(m1.get_data_dir(), 'dirsrv/schema')
m1_opt_schema = os.path.join(m1.get_data_dir(), 'dirsrv/data')
m1_temp_backup = os.path.join(m1.get_tmp_dir(), 'schema')

# Does the system schema exist?
if os.path.islink(m1_schema):
# Then we need to put the m1 schema back.
os.unlink(m1_schema)
shutil.copytree(m1_temp_backup, m1_schema)
if not os.path.exists(m1_temp_backup):
shutil.copytree(m1_schema, m1_temp_backup)

shutil.rmtree(m1_temp_schema, ignore_errors=True)
shutil.rmtree(m2_temp_schema, ignore_errors=True)

# Build a new copy
shutil.copytree(m1_schema, m1_temp_schema)
shutil.copytree(m1_schema, m2_temp_schema)
# Ensure 99user.ldif exists
with open(os.path.join(m1_temp_schema, '99user.ldif'), 'w') as f:
f.write('dn: cn=schema')

with open(os.path.join(m2_temp_schema, '99user.ldif'), 'w') as f:
f.write('dn: cn=schema')

# m1 has compat, m2 has legacy.
os.unlink(os.path.join(m2_temp_schema, '10rfc2307compat.ldif'))
> shutil.copy(os.path.join(m1_opt_schema, '10rfc2307.ldif'), m2_temp_schema)

suites/replication/rfc2307compat_test.py:94:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/lib64/python3.9/shutil.py:418: in copy
copyfile(src, dst, follow_symlinks=follow_symlinks)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

src = '/usr/share/dirsrv/data/10rfc2307.ldif'
dst = '/etc/dirsrv/slapd-master2/schema/10rfc2307.ldif'

def copyfile(src, dst, *, follow_symlinks=True):
"""Copy data from src to dst in the most efficient way possible.

If follow_symlinks is not set and src is a symbolic link, a new
symlink will be created instead of copying the file it points to.

"""
sys.audit("shutil.copyfile", src, dst)

if _samefile(src, dst):
raise SameFileError("{!r} and {!r} are the same file".format(src, dst))

file_size = 0
for i, fn in enumerate([src, dst]):
try:
st = _stat(fn)
except OSError:
# File most likely does not exist
pass
else:
# XXX What about other special files? (sockets, devices...)
if stat.S_ISFIFO(st.st_mode):
fn = fn.path if isinstance(fn, os.DirEntry) else fn
raise SpecialFileError("`%s` is a named pipe" % fn)
if _WINDOWS and i == 0:
file_size = st.st_size

if not follow_symlinks and _islink(src):
os.symlink(os.readlink(src), dst)
else:
> with open(src, 'rb') as fsrc, open(dst, 'wb') as fdst:
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/share/dirsrv/data/10rfc2307.ldif'

/usr/lib64/python3.9/shutil.py:264: FileNotFoundError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect baf60aa2-ad5d-49c1-8510-5b6718bfe41a / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect b268e3b9-b18e-4071-b8dc-0945560a1f4b / got description=baf60aa2-ad5d-49c1-8510-5b6718bfe41a) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
Failed suites/replication/tombstone_fixup_test.py::test_precise_tombstone_purging 13.97
topology_m1 = <lib389.topologies.TopologyMain object at 0x7fe032e3aeb0>

def test_precise_tombstone_purging(topology_m1):
""" Test precise tombstone purging

:id: adb86f50-ae76-4ed6-82b4-3cdc30ccab79
:setup: master1 instance
:steps:
1. Create and Delete entry to create a tombstone
2. export ldif, edit, and import ldif
3. Check tombstones do not contain nsTombstoneCSN
4. Run fixup task, and verify tombstones now have nsTombstone CSN
5. Configure tombstone purging
6. Verify tombstones are purged
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
"""

m1 = topology_m1.ms['master1']
m1_tasks = Tasks(m1)

# Create tombstone entry
users = UserAccounts(m1, DEFAULT_SUFFIX)
user = users.create_test_user(uid=1001)
user.delete()

# Verify tombstone was created
tombstones = Tombstones(m1, DEFAULT_SUFFIX)
assert len(tombstones.list()) == 1

# Export db, strip nsTombstoneCSN, and import it
ldif_file = "{}/export.ldif".format(m1.get_ldif_dir())
args = {EXPORT_REPL_INFO: True,
TASK_WAIT: True}
> m1_tasks.exportLDIF(DEFAULT_SUFFIX, None, ldif_file, args)

suites/replication/tombstone_fixup_test.py:60:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe032deb850>
suffix = 'dc=example,dc=com', benamebase = None
output_file = '/var/lib/dirsrv/slapd-master1/ldif/export.ldif'
args = {'repl-info': True, 'wait': True}

def exportLDIF(self, suffix=None, benamebase=None, output_file=None,
args=None):
'''
Export in a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raises ValueError

'output_file' is the output file of the export

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param output_file - file that will contain the exported suffix in LDIF
format
@param args - is a dictionary that contains modifier of the export task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return
repl-info: True/[False] - If True, it adds the replication meta
data (state information, tombstones
and RUV) in the exported file

@return None

@raise ValueError

'''

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not output_file:
raise ValueError("output_file is mandatory")

# Prepare the task entry
cn = "export_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_EXPORT_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsFilename': output_file
})
if benamebase:
entry.setValues('nsInstance', benamebase)
else:
entry.setValues('nsIncludeSuffix', suffix)

if args.get(EXPORT_REPL_INFO, False):
entry.setValues('nsExportReplica', 'true')

# start the task and possibly wait for task completion
self.conn.add_s(entry)
exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:578: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology.
Failed suites/sasl/regression_test.py::test_openldap_no_nss_crypto 58.49
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330bf940>

@pytest.mark.ds47536
def test_openldap_no_nss_crypto(topology_m2):
"""Check that we allow usage of OpenLDAP libraries
that don't use NSS for crypto

:id: 0a622f3d-8ba5-4df2-a1de-1fb2237da40a
:setup: Replication with two masters:
master_1 ----- startTLS -----> master_2;
master_1 <-- TLS_clientAuth -- master_2;
nsslapd-extract-pemfiles set to 'on' on both masters
without specifying cert names
:steps:
1. Add 5 users to master 1 and 2
2. Check that the users were successfully replicated
3. Relocate PEM files on master 1
4. Check PEM files in master 1 config directory
5. Add 5 users more to master 1 and 2
6. Check that the users were successfully replicated
7. Export userRoot on master 1
:expectedresults:
1. Users should be successfully added
2. Users should be successfully replicated
3. Operation should be successful
4. PEM files should be found
5. Users should be successfully added
6. Users should be successfully replicated
7. Operation should be successful
"""

log.info("Ticket 47536 - Allow usage of OpenLDAP libraries that don't use NSS for crypto")

m1 = topology_m2.ms["master1"]
m2 = topology_m2.ms["master2"]
[i.enable_tls() for i in topology_m2]
repl = ReplicationManager(DEFAULT_SUFFIX)
repl.test_replication(m1, m2)

add_entry(m1, 'master1', 'uid=m1user', 0, 5)
add_entry(m2, 'master2', 'uid=m2user', 0, 5)
repl.wait_for_replication(m1, m2)
repl.wait_for_replication(m2, m1)

log.info('##### Searching for entries on master1...')
entries = m1.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, '(uid=*)')
assert 11 == len(entries)

log.info('##### Searching for entries on master2...')
entries = m2.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, '(uid=*)')
assert 11 == len(entries)

relocate_pem_files(topology_m2)

add_entry(m1, 'master1', 'uid=m1user', 10, 5)
add_entry(m2, 'master2', 'uid=m2user', 10, 5)

repl.wait_for_replication(m1, m2)
repl.wait_for_replication(m2, m1)

log.info('##### Searching for entries on master1...')
entries = m1.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, '(uid=*)')
assert 21 == len(entries)

log.info('##### Searching for entries on master2...')
entries = m2.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, '(uid=*)')
assert 21 == len(entries)

output_file = os.path.join(m1.get_ldif_dir(), "master1.ldif")
> m1.tasks.exportLDIF(benamebase='userRoot', output_file=output_file, args={'wait': True})

suites/sasl/regression_test.py:171:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe032e3c760>, suffix = None
benamebase = 'userRoot'
output_file = '/var/lib/dirsrv/slapd-master1/ldif/master1.ldif'
args = {'wait': True}

def exportLDIF(self, suffix=None, benamebase=None, output_file=None,
args=None):
'''
Export in a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raises ValueError

'output_file' is the output file of the export

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param output_file - file that will contain the exported suffix in LDIF
format
@param args - is a dictionary that contains modifier of the export task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return
repl-info: True/[False] - If True, it adds the replication meta
data (state information, tombstones
and RUV) in the exported file

@return None

@raise ValueError

'''

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not output_file:
raise ValueError("output_file is mandatory")

# Prepare the task entry
cn = "export_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_EXPORT_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsFilename': output_file
})
if benamebase:
entry.setValues('nsInstance', benamebase)
else:
entry.setValues('nsIncludeSuffix', suffix)

if args.get(EXPORT_REPL_INFO, False):
entry.setValues('nsExportReplica', 'true')

# start the task and possibly wait for task completion
self.conn.add_s(entry)
exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:578: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect 73d9d769-c544-4e1e-913d-d8eb9d40ec70 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 5ed4e9e6-aafc-4287-b681-cfa4cbae36d4 / got description=73d9d769-c544-4e1e-913d-d8eb9d40ec70) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.suites.sasl.regression_test:regression_test.py:133 Ticket 47536 - Allow usage of OpenLDAP libraries that don't use NSS for crypto INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is NOT working (expect 1945e081-9ad7-49e3-9908-aed76ed41901 / got description=5ed4e9e6-aafc-4287-b681-cfa4cbae36d4) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is working INFO tests.suites.sasl.regression_test:regression_test.py:35 ######################### Adding 5 entries to master1 ###################### INFO tests.suites.sasl.regression_test:regression_test.py:35 ######################### Adding 5 entries to master2 ###################### INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is NOT working (expect f9db6b3d-30fa-487a-b144-49b7fba36151 / got description=1945e081-9ad7-49e3-9908-aed76ed41901) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63702 to ldaps://host-10-0-139-83:63701 is NOT working (expect 406c6537-e946-49e3-9a45-484c080f5eff / got description=f9db6b3d-30fa-487a-b144-49b7fba36151) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://host-10-0-139-83:63702 to ldaps://host-10-0-139-83:63701 is working INFO tests.suites.sasl.regression_test:regression_test.py:146 ##### Searching for entries on master1... INFO tests.suites.sasl.regression_test:regression_test.py:150 ##### Searching for entries on master2... INFO tests.suites.sasl.regression_test:regression_test.py:92 ######################### Relocate PEM files on master1 ###################### INFO tests.suites.sasl.regression_test:regression_test.py:100 ##### restart master1 INFO tests.suites.sasl.regression_test:regression_test.py:47 ######################### Check PEM files (/dev/shm/MyCA, /dev/shm/MyServerCert1, /dev/shm/MyServerKey1) in /dev/shm ###################### INFO tests.suites.sasl.regression_test:regression_test.py:53 /dev/shm/MyCA.pem is successfully generated. INFO tests.suites.sasl.regression_test:regression_test.py:66 /dev/shm/MyServerCert1.pem is successfully generated. INFO tests.suites.sasl.regression_test:regression_test.py:79 /dev/shm/MyServerKey1.pem is successfully generated. INFO tests.suites.sasl.regression_test:regression_test.py:35 ######################### Adding 5 entries to master1 ###################### INFO tests.suites.sasl.regression_test:regression_test.py:35 ######################### Adding 5 entries to master2 ###################### INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is NOT working (expect 32a06661-53cc-4b89-9b5d-fce80dff7954 / got description=406c6537-e946-49e3-9a45-484c080f5eff) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://host-10-0-139-83:63701 to ldaps://host-10-0-139-83:63702 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63702 to ldaps://host-10-0-139-83:63701 is NOT working (expect 59822ac8-69f6-4f54-917b-ad26cb9a44e9 / got description=32a06661-53cc-4b89-9b5d-fce80dff7954) INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://host-10-0-139-83:63702 to ldaps://host-10-0-139-83:63701 is NOT working (expect 59822ac8-69f6-4f54-917b-ad26cb9a44e9 / got description=32a06661-53cc-4b89-9b5d-fce80dff7954) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://host-10-0-139-83:63702 to ldaps://host-10-0-139-83:63701 is working INFO tests.suites.sasl.regression_test:regression_test.py:162 ##### Searching for entries on master1... INFO tests.suites.sasl.regression_test:regression_test.py:166 ##### Searching for entries on master2...
Failed suites/schema/schema_reload_test.py::test_schema_operation 2.29
topo = <lib389.topologies.TopologyMain object at 0x7fe033183be0>

def test_schema_operation(topo):
"""Test that the cases in original schema are preserved.
Test that duplicated schema except cases are not loaded
Test to use a custom schema

:id: e7448863-ac62-4b49-b013-4efa412c0455
:setup: Standalone instance
:steps:
1. Create a test schema with cases
2. Run a schema_reload task
3. Check the attribute is present
4. Case 2: Check duplicated schema except cases are not loaded
5. Case 2-1: Use the custom schema

:expectedresults:
1. Operation should be successful
2. Operation should be successful
3. Operation should be successful
4. Operation should be successful
5. Operation should be successful
"""

log.info('case 1: Test the cases in the original schema are preserved.')

schema_filename = topo.standalone.schemadir + '/98test.ldif'
try:
with open(schema_filename, "w") as schema_file:
schema_file.write("dn: cn=schema\n")
schema_file.write("attributetypes: ( 8.9.10.11.12.13.14 NAME " +
"'MoZiLLaaTTRiBuTe' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 " +
" X-ORIGIN 'Mozilla Dummy Schema' )\n")
schema_file.write("objectclasses: ( 1.2.3.4.5.6.7 NAME 'MozillaObject' " +
"SUP top MUST ( objectclass $ cn ) MAY ( MoZiLLaaTTRiBuTe )" +
" X-ORIGIN 'user defined' )')\n")

except OSError as e:
log.fatal("Failed to create schema file: " +
"{} Error: {}".format(schema_filename, str(e)))


# run the schema reload task with the default schemadir
schema = Schema(topo.standalone)
task = schema.reload(schema_dir=topo.standalone.schemadir)
task.wait()

subschema = topo.standalone.schema.get_subschema()
at_obj = subschema.get_obj(ldap.schema.AttributeType, 'MoZiLLaaTTRiBuTe')

> assert at_obj is not None, "The attribute was not found on server"
E AssertionError: The attribute was not found on server
E assert None is not None

suites/schema/schema_reload_test.py:120: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.schema.schema_reload_test:schema_reload_test.py:94 case 1: Test the cases in the original schema are preserved.
Failed suites/schema/schema_reload_test.py::test_valid_schema 2.35
topo = <lib389.topologies.TopologyMain object at 0x7fe033183be0>

def test_valid_schema(topo):
"""Test schema-reload task with valid schema

:id: 2ab304c0-3e58-4d34-b23b-a14b5997c7a8
:setup: Standalone instance
:steps:
1. Create schema file with valid schema
2. Run schema-reload.pl script
3. Run ldapsearch and check if schema was added
:expectedresults:
1. File creation should work
2. The schema reload task should be successful
3. Searching the server should return the new schema
"""

log.info("Test schema-reload task with valid schema")

# Step 1 - Create schema file
log.info("Create valid schema file (99user.ldif)...")
schema_filename = (topo.standalone.schemadir + "/99user.ldif")
try:
with open(schema_filename, 'w') as schema_file:
schema_file.write("dn: cn=schema\n")
schema_file.write("attributetypes: ( 8.9.10.11.12.13.13 NAME " +
"'ValidAttribute' SYNTAX 1.3.6.1.4.1.1466.115.121.1.15" +
" X-ORIGIN 'Mozilla Dummy Schema' )\n")
schema_file.write("objectclasses: ( 1.2.3.4.5.6.7.8 NAME 'TestObject' " +
"SUP top MUST ( objectclass $ cn ) MAY ( givenName $ " +
"sn $ ValidAttribute ) X-ORIGIN 'user defined' )')\n")
except OSError as e:
log.fatal("Failed to create schema file: " +
"{} Error: {}".format(schema_filename, str(e)))

# Step 2 - Run the schema-reload task
log.info("Run the schema-reload task...")
schema = Schema(topo.standalone)
task = schema.reload(schema_dir=topo.standalone.schemadir)
task.wait()
> assert task.get_exit_code() == 0, "The schema reload task failed"
E AssertionError: The schema reload task failed
E assert 65 == 0
E +65
E -0

suites/schema/schema_reload_test.py:207: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.schema.schema_reload_test:schema_reload_test.py:184 Test schema-reload task with valid schema INFO tests.suites.schema.schema_reload_test:schema_reload_test.py:187 Create valid schema file (99user.ldif)... INFO tests.suites.schema.schema_reload_test:schema_reload_test.py:203 Run the schema-reload task...
Failed suites/syncrepl_plugin/basic_test.py::test_syncrepl_basic 12.39
topology = <lib389.topologies.TopologyMain object at 0x7fe032e54130>

@pytest.mark.skipif(ldap.__version__ < '3.3.1',
reason="python ldap versions less that 3.3.1 have bugs in sync repl that will cause this to fail!")
def test_syncrepl_basic(topology):
""" Test basic functionality of the SyncRepl interface

:id: f9fea826-8ae2-412a-8e88-b8e0ba939b06

:setup: Standalone instance

:steps:
1. Enable Retro Changelog
2. Enable Syncrepl
3. Run the syncstate test to check refresh, add, delete, mod.

:expectedresults:
1. Success
1. Success
1. Success
"""
st = topology.standalone
# Enable RetroChangelog.
rcl = RetroChangelogPlugin(st)
rcl.enable()
# Set the default targetid
rcl.replace('nsslapd-attribute', 'nsuniqueid:targetUniqueId')
# Enable sync repl
csp = ContentSyncPlugin(st)
csp.enable()
# Restart DS
st.restart()
# Setup the syncer
sync = ISyncRepl(st)
# Run the checks
> syncstate_assert(st, sync)

suites/syncrepl_plugin/basic_test.py:145:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

st = <lib389.DirSrv object at 0x7fe032c71eb0>
sync = <tests.suites.syncrepl_plugin.ISyncRepl object at 0x7fe032e540d0>

def syncstate_assert(st, sync):
# How many entries do we have?
# We setup sync under ou=people so we can modrdn out of the scope.
r = st.search_ext_s(
base=OU_PEOPLE,
scope=ldap.SCOPE_SUBTREE,
filterstr='(objectClass=*)',
attrsonly=1,
escapehatch='i am sure'
)

# Initial sync
log.debug("*test* initial")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
# check we caught them all
assert len(r) == len(sync.entries.keys())
assert len(r) == len(sync.present)
assert 0 == len(sync.delete)
if sync.openldap:
assert True == sync.refdel
else:
assert False == sync.refdel

# Add a new entry
account = nsUserAccounts(st, DEFAULT_SUFFIX).create_test_user()

# Find the primary uuid we expect to see in syncrepl.
# This will be None if not present.
acc_uuid = account.get_attr_val_utf8('entryuuid')
if not sync.openldap:
nsid = account.get_attr_val_utf8('nsuniqueid')
# nsunique has a diff format, so we change it up.
# 431cf081-b44311ea-83fdb082-f24d490e
# Add a hyphen V
# 431cf081-b443-11ea-83fdb082-f24d490e
nsid_a = nsid[:13] + '-' + nsid[13:]
# Add a hyphen V
# 431cf081-b443-11ea-83fd-b082-f24d490e
nsid_b = nsid_a[:23] + '-' + nsid_a[23:]
# Remove a hyphen V
# 431cf081-b443-11ea-83fd-b082-f24d490e
acc_uuid = nsid_b[:28] + nsid_b[29:]
# Tada!
# 431cf081-b443-11ea-83fd-b082f24d490e
log.debug(f"--> expected sync uuid (from nsuniqueid): {acc_uuid}")
else:
log.debug(f"--> expected sync uuid (from entryuuid): {acc_uuid}")

# Check
log.debug("*test* add")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
sync.check_cookie()
log.debug(f"sd: {sync.delete}, sp: {sync.present} sek: {sync.entries.keys()}")

assert 1 == len(sync.entries.keys())
assert 1 == len(sync.present)
####################################
assert sync.present == [acc_uuid]
assert 0 == len(sync.delete)
if sync.openldap:
assert True == sync.refdel
else:
assert False == sync.refdel

# Mod
account.replace('description', 'change')
# Check
log.debug("*test* mod")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
sync.check_cookie()
log.debug(f"sd: {sync.delete}, sp: {sync.present} sek: {sync.entries.keys()}")
assert 1 == len(sync.entries.keys())
assert 1 == len(sync.present)
####################################
assert sync.present == [acc_uuid]
assert 0 == len(sync.delete)
if sync.openldap:
assert True == sync.refdel
else:
assert False == sync.refdel

## ModRdn (remain in scope)
account.rename('uid=test1_modrdn')
# newsuperior=None
# Check
log.debug("*test* modrdn (in scope)")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
sync.check_cookie()
log.debug(f"sd: {sync.delete}, sp: {sync.present} sek: {sync.entries.keys()}")
assert 1 == len(sync.entries.keys())
assert 1 == len(sync.present)
####################################
assert sync.present == [acc_uuid]
assert 0 == len(sync.delete)
if sync.openldap:
assert True == sync.refdel
else:
assert False == sync.refdel

# import time
# print("attach now ....")
# time.sleep(45)

## Modrdn (out of scope, then back into scope)
account.rename('uid=test1_modrdn', newsuperior=DEFAULT_SUFFIX)

# Check it's gone.
log.debug("*test* modrdn (move out of scope)")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
sync.check_cookie()
log.debug(f"sd: {sync.delete}, sp: {sync.present} sek: {sync.entries.keys()}")
assert 0 == len(sync.entries.keys())
assert 0 == len(sync.present)
## WARNING: This test MAY FAIL here if you do not have a new enough python-ldap
# due to an ASN.1 parsing bug. You require at least python-ldap 3.3.1
assert 1 == len(sync.delete)
assert sync.delete == [acc_uuid]
if sync.openldap:
assert True == sync.refdel
else:
assert False == sync.refdel

# Put it back
account.rename('uid=test1_modrdn', newsuperior=OU_PEOPLE)
log.debug("*test* modrdn (move in to scope)")
sync.syncrepl_search(base=OU_PEOPLE)
sync.syncrepl_complete()
sync.check_cookie()
log.debug(f"sd: {sync.delete}, sp: {sync.present} sek: {sync.entries.keys()}")
assert 1 == len(sync.entries.keys())
assert 1 == len(sync.present)
####################################
assert sync.present == [acc_uuid]
> assert 0 == len(sync.delete)
E AssertionError

suites/syncrepl_plugin/__init__.py:255: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/tls/ssl_version_test.py::test_ssl_version_range 52.87
topo = <lib389.topologies.TopologyMain object at 0x7fe0330ea2e0>

def test_ssl_version_range(topo):
"""Specify a test case purpose or name here

:id: bc400f54-3966-49c8-b640-abbf4fb2377e
1. Get current default range
2. Set sslVersionMin and verify it is applied after a restart
3. Set sslVersionMax and verify it is applied after a restart
4. Sanity test all the min/max versions
:expectedresults:
1. Success
2. Success
3. Success
4. Success
"""

topo.standalone.enable_tls()
enc = Encryption(topo.standalone)
default_min = enc.get_attr_val_utf8('sslVersionMin')
default_max = enc.get_attr_val_utf8('sslVersionMax')
log.info(f"default min: {default_min} max: {default_max}")
if DEBUGGING:
topo.standalone.config.set('nsslapd-auditlog-logging-enabled', 'on')

# Test that setting the min version is applied after a restart
enc.replace('sslVersionMin', default_max)
enc.replace('sslVersionMax', default_max)
topo.standalone.restart()
min = enc.get_attr_val_utf8('sslVersionMin')
assert min == default_max

# Test that setting the max version is applied after a restart
enc.replace('sslVersionMin', default_min)
enc.replace('sslVersionMax', default_min)
topo.standalone.restart()
max = enc.get_attr_val_utf8('sslVersionMax')
assert max == default_min

# Sanity test all the min/max versions
for attr, versions in [('sslVersionMin', ['TLS1.0', 'TLS1.1', 'TLS1.2', 'TLS1.0']),
('sslVersionMax', ['TLS1.0', 'TLS1.1', 'TLS1.2'])]:
for version in versions:
# Test that the setting is correctly applied after a restart
enc.replace(attr, version)
> topo.standalone.restart()

suites/tls/ssl_version_test.py:60:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1222: in restart
self.start(timeout, post_open)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1125: in start
self.open()
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1024: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1020: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:454: in simple_bind_s
msgid = self.simple_bind(who,cred,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:448: in simple_bind
return self._ldap_call(self._l.simple_bind,who,cred,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0332b3730>
func = <built-in method simple_bind of LDAP object at 0x7fe032df3bd0>
args = ('cn=Directory Manager', 'password', None, None), kwargs = {}
diagnostic_message_success = None, exc_type = None, exc_value = None
exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': [], 'info': 'error:1409442E:SSL routines:ssl3_read_bytes:tlsv1 alert protocol version'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.suites.tls.ssl_version_test:ssl_version_test.py:36 default min: TLS1.2 max: TLS1.3
Failed tickets/ticket47560_test.py::test_ticket47560 19.00
topology_st = <lib389.topologies.TopologyMain object at 0x7fe032d87f40>

def test_ticket47560(topology_st):
"""
This test case does the following:
SETUP
- Create entry cn=group,SUFFIX
- Create entry cn=member,SUFFIX
- Update 'cn=member,SUFFIX' to add "memberOf: cn=group,SUFFIX"
- Enable Memberof Plugins

# Here the cn=member entry has a 'memberOf' but
# cn=group entry does not contain 'cn=member' in its member

TEST CASE
- start the fixupmemberof task
- read the cn=member entry
- check 'memberOf is now empty

TEARDOWN
- Delete entry cn=group,SUFFIX
- Delete entry cn=member,SUFFIX
- Disable Memberof Plugins
"""

def _enable_disable_mbo(value):
"""
Enable or disable mbo plugin depending on 'value' ('on'/'off')
"""
# enable/disable the mbo plugin
if value == 'on':
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
else:
topology_st.standalone.plugins.disable(name=PLUGIN_MEMBER_OF)

log.debug("-------------> _enable_disable_mbo(%s)" % value)

topology_st.standalone.stop(timeout=120)
time.sleep(1)
topology_st.standalone.start(timeout=120)
time.sleep(3)

# need to reopen a connection toward the instance
topology_st.standalone.open()

def _test_ticket47560_setup():
"""
- Create entry cn=group,SUFFIX
- Create entry cn=member,SUFFIX
- Update 'cn=member,SUFFIX' to add "memberOf: cn=group,SUFFIX"
- Enable Memberof Plugins
"""
log.debug("-------- > _test_ticket47560_setup\n")

#
# By default the memberof plugin is disabled create
# - create a group entry
# - create a member entry
# - set the member entry as memberof the group entry
#
entry = Entry(group_DN)
entry.setValues('objectclass', 'top', 'groupOfNames', 'inetUser')
entry.setValues('cn', 'group')
try:
topology_st.standalone.add_s(entry)
except ldap.ALREADY_EXISTS:
log.debug("Entry %s already exists" % (group_DN))

entry = Entry(member_DN)
entry.setValues('objectclass', 'top', 'person', 'organizationalPerson', 'inetorgperson', 'inetUser')
entry.setValues('uid', 'member')
entry.setValues('cn', 'member')
entry.setValues('sn', 'member')
try:
topology_st.standalone.add_s(entry)
except ldap.ALREADY_EXISTS:
log.debug("Entry %s already exists" % (member_DN))

replace = [(ldap.MOD_REPLACE, 'memberof', ensure_bytes(group_DN))]
topology_st.standalone.modify_s(member_DN, replace)

#
# enable the memberof plugin and restart the instance
#
_enable_disable_mbo('on')

#
# check memberof attribute is still present
#
filt = 'uid=member'
ents = topology_st.standalone.search_s(member_DN, ldap.SCOPE_BASE, filt)
assert len(ents) == 1
ent = ents[0]
# print ent
value = ensure_str(ent.getValue('memberof'))
# print "memberof: %s" % (value)
assert value == group_DN

def _test_ticket47560_teardown():
"""
- Delete entry cn=group,SUFFIX
- Delete entry cn=member,SUFFIX
- Disable Memberof Plugins
"""
log.debug("-------- > _test_ticket47560_teardown\n")
# remove the entries group_DN and member_DN
try:
topology_st.standalone.delete_s(group_DN)
except:
log.warning("Entry %s fail to delete" % (group_DN))
try:
topology_st.standalone.delete_s(member_DN)
except:
log.warning("Entry %s fail to delete" % (member_DN))
#
# disable the memberof plugin and restart the instance
#
_enable_disable_mbo('off')

group_DN = "cn=group,%s" % (SUFFIX)
member_DN = "uid=member,%s" % (SUFFIX)

#
# Initialize the test case
#
_test_ticket47560_setup()

#
# start the test
# - start the fixup task
# - check the entry is fixed (no longer memberof the group)
#
log.debug("-------- > Start ticket tests\n")

filt = 'uid=member'
ents = topology_st.standalone.search_s(member_DN, ldap.SCOPE_BASE, filt)
assert len(ents) == 1
ent = ents[0]
log.debug("Unfixed entry %r\n" % ent)

# run the fixup task
> topology_st.standalone.tasks.fixupMemberOf(suffix=SUFFIX, args={TASK_WAIT: True})

tickets/ticket47560_test.py:164:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0453c4940>
suffix = 'dc=example,dc=com', benamebase = None, filt = None
args = {'wait': True}

def fixupMemberOf(self, suffix=None, benamebase=None, filt=None,
args=None):
'''
Trigger a fixup task on 'suffix' (or 'benamebase' that stores that
suffix) related to the entries 'memberof' of groups. It uses an
internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase'
first else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

'filt' is a filter that will select all the entries (under
'suffix') that we need to evaluate/fix. If missing, the default
value is "(|(objectclass=inetuser)(objectclass=inetadmin))"

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend
(e.g. 'userRoot')
@param args - is a dictionary that contains modifier of the
fixupMemberOf task
wait: True/[False] - If True, waits for the completion of the
task before to return

@return exit code

@raise ValueError: if benamebase and suffix are specified, or can
not retrieve the suffix from the mapping tree
entry
'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr))

suffix = ents[0].getValue(attr)

cn = "fixupmemberof_" + time.strftime("%m%d%Y_%H%M%S",
time.localtime())
dn = "cn=%s,%s" % (cn, DN_MBO_TASK)
entry = Entry(dn)
entry.setValues('objectclass', 'top', 'extensibleObject')
entry.setValues('cn', cn)
entry.setValues('basedn', suffix)
if filt:
entry.setValues('filter', filt)

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the memberOf fixup task")
return -1

exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:887: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket47619_test.py::test_ticket47619_reindex 2.35
topology_m1c1 = <lib389.topologies.TopologyMain object at 0x7fe032c74820>

def test_ticket47619_reindex(topology_m1c1):
'''
Reindex all the attributes in ATTRIBUTES
'''
args = {TASK_WAIT: True}
for attr in ATTRIBUTES:
> rc = topology_m1c1.ms["master1"].tasks.reindex(suffix=RETROCL_SUFFIX, attrname=attr, args=args)

tickets/ticket47619_test.py:83:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe032c74610>, suffix = 'cn=changelog'
benamebase = None, attrname = 'street', args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
Failed tickets/ticket47781_test.py::test_ticket47781 15.33
topology_st = <lib389.topologies.TopologyMain object at 0x7fe032da7460>

def test_ticket47781(topology_st):
"""
Testing for a deadlock after doing an online import of an LDIF with
replication data. The replication agreement should be invalid.
"""

log.info('Testing Ticket 47781 - Testing for deadlock after importing LDIF with replication data')

master = topology_st.standalone
repl = ReplicationManager(DEFAULT_SUFFIX)
repl.create_first_master(master)

properties = {RA_NAME: r'meTo_$host:$port',
RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
# The agreement should point to a server that does NOT exist (invalid port)
repl_agreement = master.agreement.create(suffix=DEFAULT_SUFFIX,
host=master.host,
port=5555,
properties=properties)

#
# add two entries
#
log.info('Adding two entries...')

master.add_s(Entry(('cn=entry1,dc=example,dc=com', {
'objectclass': 'top person'.split(),
'sn': 'user',
'cn': 'entry1'})))

master.add_s(Entry(('cn=entry2,dc=example,dc=com', {
'objectclass': 'top person'.split(),
'sn': 'user',
'cn': 'entry2'})))

#
# export the replication ldif
#
log.info('Exporting replication ldif...')
args = {EXPORT_REPL_INFO: True}
exportTask = Tasks(master)
exportTask.exportLDIF(DEFAULT_SUFFIX, None, "/tmp/export.ldif", args)

#
# Restart the server
#
log.info('Restarting server...')
master.stop()
master.start()

#
# Import the ldif
#
log.info('Import replication LDIF file...')
importTask = Tasks(master)
args = {TASK_WAIT: True}
> importTask.importLDIF(DEFAULT_SUFFIX, None, "/tmp/export.ldif", args)

tickets/ticket47781_test.py:85:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe032aaf490>
suffix = 'dc=example,dc=com', benamebase = None, input_file = '/tmp/export.ldif'
args = {'wait': True}

def importLDIF(self, suffix=None, benamebase=None, input_file=None,
args=None):
'''
Import from a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

'input_file' is the ldif input file

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param ldif_input - file that will contain the entries in LDIF format
to import
@param args - is a dictionary that contains modifier of the import task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return

@return None

@raise ValueError

'''
if self.conn.state != DIRSRV_STATE_ONLINE:
raise ValueError("Invalid Server State %s! Must be online" % self.conn.state)

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not input_file:
raise ValueError("input_file is mandatory")

if not os.path.exists(input_file):
> raise ValueError("Import file (%s) does not exist" % input_file)
E ValueError: Import file (/tmp/export.ldif) does not exist

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:487: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:tasks.py:584 Export task export_12232020_224853 for file /tmp/export.ldif completed successfully
Failed tickets/ticket47871_test.py::test_ticket47871_2 63.54
topology_m1c1 = <lib389.topologies.TopologyMain object at 0x7fe0330eaa90>

def test_ticket47871_2(topology_m1c1):
'''
Wait until there is just a last entries
'''
MAX_TRIES = 10
TRY_NO = 1
while TRY_NO <= MAX_TRIES:
time.sleep(6) # at least 1 trimming occurred
ents = topology_m1c1.ms["master1"].search_s(RETROCL_SUFFIX, ldap.SCOPE_ONELEVEL, "(objectclass=*)")
assert len(ents) <= MAX_OTHERS
topology_m1c1.ms["master1"].log.info("\nTry no %d it remains %d entries" % (TRY_NO, len(ents)))
for ent in ents:
topology_m1c1.ms["master1"].log.info("%s" % ent.dn)
if len(ents) > 1:
TRY_NO += 1
else:
break
> assert TRY_NO <= MAX_TRIES
E assert 11 <= 10

tickets/ticket47871_test.py:100: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47871_test.py:93 Try no 1 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 2 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 3 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 4 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 5 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 6 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 7 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 8 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 9 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 10 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog
Failed tickets/ticket47976_test.py::test_ticket47976_2 2.26
topology_st = <lib389.topologies.TopologyMain object at 0x7fe033050790>

def test_ticket47976_2(topology_st):
"""It reimports the database with a very large page size
so all the entries (user and its private group).
"""

log.info('Test complete')
mod = [(ldap.MOD_REPLACE, 'nsslapd-db-page-size', ensure_bytes(str(128 * 1024)))]
topology_st.standalone.modify_s(DN_LDBM, mod)

# Get the the full path and name for our LDIF we will be exporting
log.info('Export LDIF file...')
ldif_dir = topology_st.standalone.get_ldif_dir()
ldif_file = ldif_dir + "/export.ldif"
args = {EXPORT_REPL_INFO: False,
TASK_WAIT: True}
exportTask = Tasks(topology_st.standalone)
try:
> exportTask.exportLDIF(DEFAULT_SUFFIX, None, ldif_file, args)

tickets/ticket47976_test.py:111:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0338ce640>
suffix = 'dc=example,dc=com', benamebase = None
output_file = '/var/lib/dirsrv/slapd-standalone1/ldif/export.ldif'
args = {'repl-info': False, 'wait': True}

def exportLDIF(self, suffix=None, benamebase=None, output_file=None,
args=None):
'''
Export in a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raises ValueError

'output_file' is the output file of the export

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param output_file - file that will contain the exported suffix in LDIF
format
@param args - is a dictionary that contains modifier of the export task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return
repl-info: True/[False] - If True, it adds the replication meta
data (state information, tombstones
and RUV) in the exported file

@return None

@raise ValueError

'''

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not output_file:
raise ValueError("output_file is mandatory")

# Prepare the task entry
cn = "export_" + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = "cn=%s,%s" % (cn, DN_EXPORT_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsFilename': output_file
})
if benamebase:
entry.setValues('nsInstance', benamebase)
else:
entry.setValues('nsIncludeSuffix', suffix)

if args.get(EXPORT_REPL_INFO, False):
entry.setValues('nsExportReplica', 'true')

# start the task and possibly wait for task completion
self.conn.add_s(entry)
exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:578: ValueError

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe033050790>

def test_ticket47976_2(topology_st):
"""It reimports the database with a very large page size
so all the entries (user and its private group).
"""

log.info('Test complete')
mod = [(ldap.MOD_REPLACE, 'nsslapd-db-page-size', ensure_bytes(str(128 * 1024)))]
topology_st.standalone.modify_s(DN_LDBM, mod)

# Get the the full path and name for our LDIF we will be exporting
log.info('Export LDIF file...')
ldif_dir = topology_st.standalone.get_ldif_dir()
ldif_file = ldif_dir + "/export.ldif"
args = {EXPORT_REPL_INFO: False,
TASK_WAIT: True}
exportTask = Tasks(topology_st.standalone)
try:
exportTask.exportLDIF(DEFAULT_SUFFIX, None, ldif_file, args)
except ValueError:
> assert False
E assert False

tickets/ticket47976_test.py:113: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket47976_test:ticket47976_test.py:99 Test complete INFO tests.tickets.ticket47976_test:ticket47976_test.py:104 Export LDIF file...
Failed tickets/ticket47988_test.py::test_ticket47988_init 31.09
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_init(topology_m2):
"""
It adds
- Objectclass with MAY 'member'
- an entry ('bind_entry') with which we bind to test the 'SELFDN' operation
It deletes the anonymous aci

"""

_header(topology_m2, 'test_ticket47988_init')

# enable acl error logging
mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', ensure_bytes(str(8192)))] # REPL
topology_m2.ms["master1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["master2"].modify_s(DN_CONFIG, mod)

mod = [(ldap.MOD_REPLACE, 'nsslapd-accesslog-level', ensure_bytes(str(260)))] # Internal op
topology_m2.ms["master1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["master2"].modify_s(DN_CONFIG, mod)

# add dummy entries
for cpt in range(MAX_OTHERS):
name = "%s%d" % (OTHER_NAME, cpt)
topology_m2.ms["master1"].add_s(Entry(("cn=%s,%s" % (name, SUFFIX), {
'objectclass': "top person".split(),
'sn': name,
'cn': name})))

# check that entry 0 is replicated before
loop = 0
entryDN = "cn=%s0,%s" % (OTHER_NAME, SUFFIX)
while loop <= 10:
try:
ent = topology_m2.ms["master2"].getEntry(entryDN, ldap.SCOPE_BASE, "(objectclass=*)", ['telephonenumber'])
break
except ldap.NO_SUCH_OBJECT:
time.sleep(1)
loop += 1
assert (loop <= 10)

topology_m2.ms["master1"].stop(timeout=10)
topology_m2.ms["master2"].stop(timeout=10)

# install the specific schema M1: ipa3.3, M2: ipa4.1
schema_file = os.path.join(topology_m2.ms["master1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa3.3.tar.gz")
_install_schema(topology_m2.ms["master1"], schema_file)
schema_file = os.path.join(topology_m2.ms["master1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa4.1.tar.gz")
_install_schema(topology_m2.ms["master2"], schema_file)

> topology_m2.ms["master1"].start(timeout=10)

/export/tests/tickets/ticket47988_test.py:157:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1081: in start
subprocess.check_output(["systemctl", "start", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['systemctl', 'start', 'dirsrv@master1'],)
kwargs = {'stderr': -2, 'stdout': -1}
process = <Popen: returncode: 1 args: ['systemctl', 'start', 'dirsrv@master1']>
stdout = b'Job for dirsrv@master1.service failed because the control process exited with error code.\nSee "systemctl status dirsrv@master1.service" and "journalctl -xe" for details.\n'
stderr = None, retcode = 1

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@master1']' returned non-zero exit status 1.

/usr/lib64/python3.9/subprocess.py:524: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect 4d0c00e6-bbb8-4096-9837-872acad01232 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 8a5236e7-99bc-48d9-8a88-9c0209ca85a1 / got description=4d0c00e6-bbb8-4096-9837-872acad01232) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_init INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ################################################### INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/02common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-admin.ldif INFO lib389:ticket47988_test.py:98 replace /etc/dirsrv/slapd-master1/schema/99user.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60nss-ldap.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60autofs.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-web.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60samba.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/10dna-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/05rfc4523.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60basev2.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/10automember-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/05rfc2927.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/10mep-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60ipadns.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/10rfc2307.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-mail.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/05rfc4524.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60trust.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60ipaconfig.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-directory.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60eduperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60mozilla.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/65ipasudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60rfc3712.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60rfc2739.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-value.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60acctpolicy.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/01core389.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60sabayon.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60pam-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/00core.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/25java-object.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60sudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/70ipaotp.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60pureftpd.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/61kerberos-ipav3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60kerberos.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60basev3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/06inetorgperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/30ns-common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/28pilot.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/20subscriber.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/50ns-certificate.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master1/schema/60posix-winsync-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/02common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-admin.ldif INFO lib389:ticket47988_test.py:98 replace /etc/dirsrv/slapd-master2/schema/99user.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60nss-ldap.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60autofs.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-web.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60samba.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/10dna-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/05rfc4523.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60basev2.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/10automember-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/05rfc2927.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/10mep-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60ipadns.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/10rfc2307.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-mail.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/05rfc4524.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60trust.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60ipaconfig.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-directory.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60eduperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60mozilla.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/65ipasudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60rfc3712.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60rfc2739.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-value.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60acctpolicy.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/01core389.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60sabayon.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60pam-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/00core.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/25java-object.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60sudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/70ipaotp.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60pureftpd.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/61kerberos-ipav3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60kerberos.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60basev3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/06inetorgperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/30ns-common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/28pilot.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/20subscriber.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/50ns-certificate.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-master2/schema/60posix-winsync-plugin.ldif
Failed tickets/ticket47988_test.py::test_ticket47988_1 0.11
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_1(topology_m2):
'''
Check that replication is working and pause replication M2->M1
'''
_header(topology_m2, 'test_ticket47988_1')

topology_m2.ms["master1"].log.debug("\n\nCheck that replication is working and pause replication M2->M1\n")
> _do_update_entry(supplier=topology_m2.ms["master2"], consumer=topology_m2.ms["master1"], attempts=5)

/export/tests/tickets/ticket47988_test.py:234:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:184: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331acac0>
func = <built-in method result4 of LDAP object at 0x7fe032a8a390>
args = (26, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_1 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_2 0.12
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_2(topology_m2):
'''
Update M1 schema and trigger update M1->M2
So M1 should learn new/extended definitions that are in M2 schema
'''
_header(topology_m2, 'test_ticket47988_2')

topology_m2.ms["master1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:246:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:604: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:864: in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:147: in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:756: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:760: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0330cf4c0>
func = <built-in method result4 of LDAP object at 0x7fe04570a660>
args = (62, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_2 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_3 0.11
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_3(topology_m2):
'''
Resume replication M2->M1 and check replication is still working
'''
_header(topology_m2, 'test_ticket47988_3')

> _resume_M2_to_M1(topology_m2)

/export/tests/tickets/ticket47988_test.py:283:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:222: in _resume_M2_to_M1
ents = topology_m2.ms["master2"].agreement.list(suffix=SUFFIX)
/usr/local/lib/python3.9/site-packages/lib389/agreement.py:904: in list
replica_entries = self.conn.replica.list(suffix)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:178: in list
ents = self.conn.search_s(base, ldap.SCOPE_SUBTREE, filtr)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331acac0>
func = <built-in method search_ext of LDAP object at 0x7fe032a8a390>
args = ('cn=mapping tree,cn=config', 2, '(&(objectclass=nsds5Replica)(nsDS5ReplicaRoot=dc=example,dc=com))', None, 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_3 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ################################################### INFO lib389:ticket47988_test.py:221 ######################### resume RA M2->M1 ######################
Failed tickets/ticket47988_test.py::test_ticket47988_4 0.14
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_4(topology_m2):
'''
Check schemaCSN is identical on both server
And save the nsschemaCSN to later check they do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_4')

> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:295:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:604: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0330cf4c0>
func = <built-in method search_ext of LDAP object at 0x7fe04570a660>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_4 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_5 0.11
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_5(topology_m2):
'''
Check schemaCSN do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_5')

> _do_update_entry(supplier=topology_m2.ms["master1"], consumer=topology_m2.ms["master2"], attempts=5)

/export/tests/tickets/ticket47988_test.py:313:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:184: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:612: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:609: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0330cf4c0>
func = <built-in method modify_ext of LDAP object at 0x7fe04570a660>
args = ('cn=other_entry0,dc=example,dc=com', [(2, 'telephonenumber', b'111')], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_5 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_6 0.16
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe0330cf100>

def test_ticket47988_6(topology_m2):
'''
Update M1 schema and trigger update M2->M1
So M2 should learn new/extended definitions that are in M1 schema
'''

_header(topology_m2, 'test_ticket47988_6')

topology_m2.ms["master1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> master1_schema_csn = topology_m2.ms["master1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:336:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:604: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0330cf4c0>
func = <built-in method search_ext of LDAP object at 0x7fe04570a660>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_6 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket48005_test.py::test_ticket48005_setup 14.03
topology_st = <lib389.topologies.TopologyMain object at 0x7fe032ba1c40>

def test_ticket48005_setup(topology_st):
'''
allow dump core
generate a test ldif file using dbgen.pl
import the ldif
'''
log.info("Ticket 48005 setup...")
if hasattr(topology_st.standalone, 'prefix'):
prefix = topology_st.standalone.prefix
else:
prefix = None
sysconfig_dirsrv = os.path.join(topology_st.standalone.get_initconfig_dir(), 'dirsrv')
cmdline = 'egrep "ulimit -c unlimited" %s' % sysconfig_dirsrv
p = os.popen(cmdline, "r")
ulimitc = p.readline()
if ulimitc == "":
log.info('No ulimit -c in %s' % sysconfig_dirsrv)
log.info('Adding it')
cmdline = 'echo "ulimit -c unlimited" >> %s' % sysconfig_dirsrv

sysconfig_dirsrv_systemd = sysconfig_dirsrv + ".systemd"
cmdline = 'egrep LimitCORE=infinity %s' % sysconfig_dirsrv_systemd
p = os.popen(cmdline, "r")
lcore = p.readline()
if lcore == "":
log.info('No LimitCORE in %s' % sysconfig_dirsrv_systemd)
log.info('Adding it')
cmdline = 'echo LimitCORE=infinity >> %s' % sysconfig_dirsrv_systemd

topology_st.standalone.restart(timeout=10)

ldif_file = topology_st.standalone.get_ldif_dir() + "/ticket48005.ldif"
os.system('ls %s' % ldif_file)
os.system('rm -f %s' % ldif_file)
if hasattr(topology_st.standalone, 'prefix'):
prefix = topology_st.standalone.prefix
else:
prefix = ""
dbgen_prog = prefix + '/bin/dbgen.pl'
log.info('dbgen_prog: %s' % dbgen_prog)
os.system('%s -s %s -o %s -u -n 10000' % (dbgen_prog, SUFFIX, ldif_file))
cmdline = 'egrep dn: %s | wc -l' % ldif_file
p = os.popen(cmdline, "r")
dnnumstr = p.readline()
num = int(dnnumstr)
log.info("We have %d entries.\n", num)

importTask = Tasks(topology_st.standalone)
args = {TASK_WAIT: True}
> importTask.importLDIF(SUFFIX, None, ldif_file, args)

/export/tests/tickets/ticket48005_test.py:74:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0320c9220>
suffix = 'dc=example,dc=com', benamebase = None
input_file = '/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif'
args = {'wait': True}

def importLDIF(self, suffix=None, benamebase=None, input_file=None,
args=None):
'''
Import from a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

'input_file' is the ldif input file

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param ldif_input - file that will contain the entries in LDIF format
to import
@param args - is a dictionary that contains modifier of the import task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return

@return None

@raise ValueError

'''
if self.conn.state != DIRSRV_STATE_ONLINE:
raise ValueError("Invalid Server State %s! Must be online" % self.conn.state)

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not input_file:
raise ValueError("input_file is mandatory")

if not os.path.exists(input_file):
> raise ValueError("Import file (%s) does not exist" % input_file)
E ValueError: Import file (/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif) does not exist

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:487: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stderr call------------------------------
grep: /etc/sysconfig/dirsrv: No such file or directory grep: /etc/sysconfig/dirsrv.systemd: No such file or directory ls: cannot access '/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif': No such file or directory sh: /bin/dbgen.pl: No such file or directory grep: /var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif: No such file or directory
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48005_test:ticket48005_test.py:31 Ticket 48005 setup... INFO tests.tickets.ticket48005_test:ticket48005_test.py:41 No ulimit -c in /etc/sysconfig/dirsrv INFO tests.tickets.ticket48005_test:ticket48005_test.py:42 Adding it INFO tests.tickets.ticket48005_test:ticket48005_test.py:50 No LimitCORE in /etc/sysconfig/dirsrv.systemd INFO tests.tickets.ticket48005_test:ticket48005_test.py:51 Adding it INFO tests.tickets.ticket48005_test:ticket48005_test.py:64 dbgen_prog: /bin/dbgen.pl INFO tests.tickets.ticket48005_test:ticket48005_test.py:70 We have 0 entries.
Failed tickets/ticket48013_test.py::test_ticket48013 10.90
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031b2f610>

def test_ticket48013(topology_st):
'''
Content Synchonization: Test that invalid cookies are caught
'''

cookies = ('#', '##', 'a#a#a', 'a#a#1')

# Enable dynamic plugins
try:
topology_st.standalone.modify_s(DN_CONFIG, [(ldap.MOD_REPLACE, 'nsslapd-dynamic-plugins', b'on')])
except ldap.LDAPError as e:
log.error('Failed to enable dynamic plugin! {}'.format(e.args[0]['desc']))
assert False

# Enable retro changelog
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)

# Enbale content sync plugin
> topology_st.standalone.plugins.enable(name=PLUGIN_REPL_SYNC)

/export/tests/tickets/ticket48013_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/plugins.py:2105: in enable
plugin.enable()
/usr/local/lib/python3.9/site-packages/lib389/plugins.py:58: in enable
self.set('nsslapd-pluginEnabled', 'on')
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331a1220>
func = <built-in method result4 of LDAP object at 0x7fe031b2ff60>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48194_test.py::test_run_1 5.94
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_1(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: default allowWeakCipher (i.e., off) for +all
"""
_header(topology_st, 'Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'64')])
# Make sure allowWeakCipher is not set.
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_DELETE, 'allowWeakCipher', None)])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_0' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:158:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:151 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_2 5.76
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_2(topology_st):
"""
Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
rsa_aes_128_sha, tls_rsa_aes_128_sha, rsa_aes_256_sha, tls_rsa_aes_256_sha are enabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN,
[(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+rsa_aes_128_sha,+rsa_aes_256_sha')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_1' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)
connectWithOpenssl(topology_st, 'AES256-SHA256', False)
> connectWithOpenssl(topology_st, 'AES128-SHA', True)

/export/tests/tickets/ticket48194_test.py:184:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'AES128-SHA', expect = True

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:108: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:175 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n' INFO lib389.utils:ticket48194_test.py:86 Testing AES256-SHA256 -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher AES256-SHA256 INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n' INFO lib389.utils:ticket48194_test.py:86 Testing AES128-SHA -- expect to handshake successfully INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher AES128-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n'
Failed tickets/ticket48194_test.py::test_run_4 5.98
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_4(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_DELETE, 'nsSSL3Ciphers', b'-all')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_3' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:228:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:221 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_5 5.97
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_5(topology_st):
"""
Check nsSSL3Ciphers: default
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'default')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_4' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:250:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:243 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_6 6.02
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_6(topology_st):
"""
Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN,
[(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+all,-TLS_RSA_WITH_AES_256_CBC_SHA256')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_5' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:274:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:267 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_8 5.91
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>

def test_run_8(topology_st):
"""
Check nsSSL3Ciphers: default + allowWeakCipher: off
Strong Default ciphers are enabled.
"""
_header(topology_st, 'Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off)')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'default'),
(ldap.MOD_REPLACE, 'allowWeakCipher', b'off')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_7' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:297:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031c88b20>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off) INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:290 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48212_test.py::test_ticket48212 16.59
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0319d8d30>

def reindexUidNumber(topology_st):
topology_st.standalone.log.info("\n\n +++++ reindex uidnumber +++++\n")
try:
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=MYSUFFIX, attrname='uidNumber', args=args)

/export/tests/tickets/ticket48212_test.py:50:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0319e0b50>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'uidNumber'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe0319d8d30>

def test_ticket48212(topology_st):
"""
Import posixAccount entries.
Index uidNumber
add nsMatchingRule: integerOrderingMatch
run dbverify to see if it reports the db corruption or not
delete nsMatchingRule: integerOrderingMatch
run dbverify to see if it reports the db corruption or not
if no corruption is reported, the bug fix was verified.
"""
log.info(
'Testing Ticket 48212 - Dynamic nsMatchingRule changes had no effect on the attrinfo thus following reindexing, as well.')

# bind as directory manager
topology_st.standalone.log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

data_dir_path = topology_st.standalone.getDir(__file__, DATA_DIR)
ldif_file = f"{data_dir_path}ticket48212/{_MYLDIF}"
try:
ldif_dir = topology_st.standalone.get_ldif_dir()
shutil.copy(ldif_file, ldif_dir)
ldif_file = ldif_dir + '/' + _MYLDIF
except:
log.fatal('Failed to copy ldif to instance ldif dir')
assert False

topology_st.standalone.log.info(
"\n\n######################### Import Test data (%s) ######################\n" % ldif_file)
args = {TASK_WAIT: True}
importTask = Tasks(topology_st.standalone)
importTask.importLDIF(MYSUFFIX, MYSUFFIXBE, ldif_file, args)
args = {TASK_WAIT: True}

runDbVerify(topology_st)

topology_st.standalone.log.info("\n\n######################### Add index by uidnumber ######################\n")
try:
topology_st.standalone.add_s(Entry((UIDNUMBERDN, {'objectclass': "top nsIndex".split(),
'cn': 'uidnumber',
'nsSystemIndex': 'false',
'nsIndexType': "pres eq".split()})))
except ValueError:
topology_st.standalone.log.fatal("add_s failed: %s", ValueError)

topology_st.standalone.log.info("\n\n######################### reindexing... ######################\n")
> reindexUidNumber(topology_st)

/export/tests/tickets/ticket48212_test.py:102:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe0319d8d30>

def reindexUidNumber(topology_st):
topology_st.standalone.log.info("\n\n +++++ reindex uidnumber +++++\n")
try:
args = {TASK_WAIT: True}
topology_st.standalone.tasks.reindex(suffix=MYSUFFIX, attrname='uidNumber', args=args)
except:
topology_st.standalone.log.fatal("Reindexing failed")
> assert False
E assert False

/export/tests/tickets/ticket48212_test.py:53: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stderr call------------------------------
/bin/sh: /usr/sbin/dbverify: No such file or directory
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48212_test.py:70 Bind as cn=Directory Manager INFO lib389:ticket48212_test.py:83 ######################### Import Test data (/var/lib/dirsrv/slapd-standalone1/ldif/example1k_posix.ldif) ###################### INFO lib389:tasks.py:513 Import task import_12232020_230438 for file /var/lib/dirsrv/slapd-standalone1/ldif/example1k_posix.ldif completed successfully INFO lib389:ticket48212_test.py:19 +++++ dbverify +++++ INFO lib389:ticket48212_test.py:23 Running /usr/sbin/dbverify -Z standalone1 -V INFO lib389:ticket48212_test.py:43 dbverify passed INFO lib389:ticket48212_test.py:92 ######################### Add index by uidnumber ###################### INFO lib389:ticket48212_test.py:101 ######################### reindexing... ###################### INFO lib389:ticket48212_test.py:47 +++++ reindex uidnumber +++++ CRITICAL lib389:ticket48212_test.py:52 Reindexing failed
Failed tickets/ticket48228_test.py::test_ticket48228_test_global_policy 11.17
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0331f7eb0>
user = 'uid=user1,dc=example,dc=com', passwd = 'password', times = 6

def update_passwd(topology_st, user, passwd, times):
# Set the default value
cpw = passwd
for i in range(times):
log.info(" Bind as {%s,%s}" % (user, cpw))
topology_st.standalone.simple_bind_s(user, cpw)
# Now update the value for this iter.
cpw = 'password%d' % i
try:
> topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])

/export/tests/tickets/ticket48228_test.py:136:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user1,dc=example,dc=com', [(2, 'userpassword', b'password0')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x56144db86fb0, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 179,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x56144f1bd380, file '/export/tests/tickets/ticket48228_test.py', line 141, code update_pass...t=[" topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>
dn = 'uid=user1,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user1,dc=example,dc=com', [(2, 'userpassword', b'password0')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>
dn = 'uid=user1,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>, msgid = 10, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>, msgid = 10, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7fe0318270f0>, 10, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>
func = <built-in method result4 of LDAP object at 0x7fe0318270f0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 10, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user1,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7fe032ad3c40>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0331f7ee0>
func = <built-in method result4 of LDAP object at 0x7fe0318270f0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 10, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user1,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe0331f7eb0>

def test_ticket48228_test_global_policy(topology_st):
"""
Check global password policy
"""
log.info(' Set inhistory = 6')
set_global_pwpolicy(topology_st, 6)

log.info(' Bind as directory manager')
log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

log.info(' Add an entry' + USER1_DN)
try:
topology_st.standalone.add_s(
Entry((USER1_DN, {'objectclass': "top person organizationalPerson inetOrgPerson".split(),
'sn': '1',
'cn': 'user 1',
'uid': 'user1',
'givenname': 'user',
'mail': 'user1@example.com',
'userpassword': 'password'})))
except ldap.LDAPError as e:
log.fatal('test_ticket48228: Failed to add user' + USER1_DN + ': error ' + e.message['desc'])
assert False

log.info(' Update the password of ' + USER1_DN + ' 6 times')
> update_passwd(topology_st, USER1_DN, 'password', 6)

/export/tests/tickets/ticket48228_test.py:174:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe0331f7eb0>
user = 'uid=user1,dc=example,dc=com', passwd = 'password', times = 6

def update_passwd(topology_st, user, passwd, times):
# Set the default value
cpw = passwd
for i in range(times):
log.info(" Bind as {%s,%s}" % (user, cpw))
topology_st.standalone.simple_bind_s(user, cpw)
# Now update the value for this iter.
cpw = 'password%d' % i
try:
topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])
except ldap.LDAPError as e:
log.fatal(
> 'test_ticket48228: Failed to update the password ' + cpw + ' of user ' + user + ': error ' + e.message[
'desc'])
E AttributeError: 'INSUFFICIENT_ACCESS' object has no attribute 'message'

/export/tests/tickets/ticket48228_test.py:139: AttributeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48234_test.py::test_ticket48234 11.47
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0319ca790>

def test_ticket48234(topology_st):
"""
Test aci which contains an extensible filter.
shutdown
"""

log.info('Bind as root DN')
try:
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
except ldap.LDAPError as e:
topology_st.standalone.log.error('Root DN failed to authenticate: ' + e.args[0]['desc'])
assert False

ouname = 'outest'
username = 'admin'
passwd = 'Password'
deniedattr = 'telephonenumber'
log.info('Add aci which contains extensible filter.')
aci_text = ('(targetattr = "%s")' % (deniedattr) +
'(target = "ldap:///%s")' % (DEFAULT_SUFFIX) +
'(version 3.0;acl "admin-tel-matching-rule-outest";deny (all)' +
'(userdn = "ldap:///%s??sub?(&(cn=%s)(ou:dn:=%s))");)' % (DEFAULT_SUFFIX, username, ouname))

try:
topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_ADD, 'aci', ensure_bytes(aci_text))])
except ldap.LDAPError as e:
log.error('Failed to add aci: (%s) error %s' % (aci_text, e.args[0]['desc']))
assert False

log.info('Add entries ...')
for idx in range(0, 2):
ou0 = 'OU%d' % idx
log.info('adding %s under %s...' % (ou0, DEFAULT_SUFFIX))
add_ou_entry(topology_st.standalone, ou0, DEFAULT_SUFFIX)
parent = 'ou=%s,%s' % (ou0, DEFAULT_SUFFIX)
log.info('adding %s under %s...' % (ouname, parent))
add_ou_entry(topology_st.standalone, ouname, parent)

for idx in range(0, 2):
parent = 'ou=%s,ou=OU%d,%s' % (ouname, idx, DEFAULT_SUFFIX)
log.info('adding %s under %s...' % (username, parent))
add_user_entry(topology_st.standalone, username, passwd, parent)

binddn = 'cn=%s,%s' % (username, parent)
log.info('Bind as user %s' % binddn)
try:
topology_st.standalone.simple_bind_s(binddn, passwd)
except ldap.LDAPError as e:
topology_st.standalone.log.error(bindn + ' failed to authenticate: ' + e.args[0]['desc'])
assert False

filter = '(cn=%s)' % username
try:
entries = topology_st.standalone.search_s(DEFAULT_SUFFIX, ldap.SCOPE_SUBTREE, filter, [deniedattr, 'dn'])
> assert 2 == len(entries)
E assert 2 == 0
E +2
E -0

/export/tests/tickets/ticket48234_test.py:83: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48234_test:ticket48234_test.py:35 Bind as root DN INFO tests.tickets.ticket48234_test:ticket48234_test.py:46 Add aci which contains extensible filter. INFO tests.tickets.ticket48234_test:ticket48234_test.py:58 Add entries ... INFO tests.tickets.ticket48234_test:ticket48234_test.py:61 adding OU0 under dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:64 adding outest under ou=OU0,dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:61 adding OU1 under dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:64 adding outest under ou=OU1,dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:69 adding admin under ou=outest,ou=OU0,dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:69 adding admin under ou=outest,ou=OU1,dc=example,dc=com... INFO tests.tickets.ticket48234_test:ticket48234_test.py:73 Bind as user cn=admin,ou=outest,ou=OU1,dc=example,dc=com
Failed tickets/ticket48266_test.py::test_ticket48266_count_csn_evaluation 3.42
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032aa3f70>
entries = None

def test_ticket48266_count_csn_evaluation(topology_m2, entries):
ents = topology_m2.ms["master1"].agreement.list(suffix=SUFFIX)
assert len(ents) == 1
> first_csn = _get_first_not_replicated_csn(topology_m2)

/export/tests/tickets/ticket48266_test.py:176:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032aa3f70>

def _get_first_not_replicated_csn(topology_m2):
name = "cn=%s2,%s" % (NEW_ACCOUNT, SUFFIX)

# read the first CSN that will not be replicated
mod = [(ldap.MOD_REPLACE, 'telephonenumber', ensure_bytes('123456'))]
topology_m2.ms["master1"].modify_s(name, mod)
msgid = topology_m2.ms["master1"].search_ext(name, ldap.SCOPE_SUBTREE, 'objectclass=*', ['nscpentrywsi'])
rtype, rdata, rmsgid = topology_m2.ms["master1"].result2(msgid)
attrs = None
for dn, raw_attrs in rdata:
topology_m2.ms["master1"].log.info("dn: %s" % dn)
if 'nscpentrywsi' in raw_attrs:
attrs = raw_attrs['nscpentrywsi']
assert attrs
for attr in attrs:
if ensure_str(attr.lower()).startswith('telephonenumber'):
break
assert attr

log.info("############# %s " % name)
# now retrieve the CSN of the operation we are looking for
csn = None
found_ops = topology_m2.ms['master1'].ds_access_log.match(".*MOD dn=\"%s\".*" % name)
assert(len(found_ops) > 0)
found_op = topology_m2.ms['master1'].ds_access_log.parse_line(found_ops[-1])
log.info(found_op)

# Now look for the related CSN
found_csns = topology_m2.ms['master1'].ds_access_log.match(".*conn=%s op=%s RESULT.*" % (found_op['conn'], found_op['op']))
assert(len(found_csns) > 0)
found_csn = topology_m2.ms['master1'].ds_access_log.parse_line(found_csns[-1])
log.info(found_csn)
> return found_csn['csn']
E KeyError: 'csn'

/export/tests/tickets/ticket48266_test.py:147: KeyError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48266_test.py:125 dn: cn=new_account2,dc=example,dc=com INFO tests.tickets.ticket48266_test:ticket48266_test.py:134 ############# cn=new_account2,dc=example,dc=com INFO tests.tickets.ticket48266_test:ticket48266_test.py:140 {'action': 'MOD', 'timestamp': '[23/Dec/2020:23:07:03.757557071 -0500]', 'conn': '1', 'op': '12', 'rem': 'dn="cn=new_account2,dc=example,dc=com"', 'datetime': datetime.datetime(2020, 12, 23, 23, 0, 0, 757557, tzinfo=tzoffset(None, -18000))} INFO tests.tickets.ticket48266_test:ticket48266_test.py:146 {'action': 'RESULT', 'timestamp': '[23/Dec/2020:23:07:03.813540435 -0500]', 'conn': '1', 'op': '12', 'rem': 'err=0 tag=103 nentries=0 wtime=0.000080497 optime=0.055990741 etime=0.056065548 csn=5fe413e7000000010000', 'datetime': datetime.datetime(2020, 12, 23, 23, 0, 0, 813540, tzinfo=tzoffset(None, -18000))}
Failed tickets/ticket48270_test.py::test_ticket48270_homeDirectory_indexed_cis 2.11
topology_st = <lib389.topologies.TopologyMain object at 0x7fe032aa35e0>

def test_ticket48270_homeDirectory_indexed_cis(topology_st):
log.info("\n\nindex homeDirectory in caseIgnoreIA5Match and caseExactIA5Match")
try:
ent = topology_st.standalone.getEntry(HOMEDIRECTORY_INDEX, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
topology_st.standalone.add_s(Entry((HOMEDIRECTORY_INDEX, {
'objectclass': "top nsIndex".split(),
'cn': HOMEDIRECTORY_CN,
'nsSystemIndex': 'false',
'nsIndexType': 'eq'})))
# log.info("attach debugger")
# time.sleep(60)

IGNORE_MR_NAME = b'caseIgnoreIA5Match'
EXACT_MR_NAME = b'caseExactIA5Match'
mod = [(ldap.MOD_REPLACE, MATCHINGRULE, (IGNORE_MR_NAME, EXACT_MR_NAME))]
topology_st.standalone.modify_s(HOMEDIRECTORY_INDEX, mod)

# topology_st.standalone.stop(timeout=10)
log.info("successfully checked that filter with exact mr , a filter with lowercase eq is failing")
# assert topology_st.standalone.db2index(bename=DEFAULT_BENAME, suffixes=None, attrs=['homeDirectory'])
# topology_st.standalone.start(timeout=10)
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

/export/tests/tickets/ticket48270_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0319d7820>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'homeDirectory'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48270_test:ticket48270_test.py:39 index homeDirectory in caseIgnoreIA5Match and caseExactIA5Match INFO tests.tickets.ticket48270_test:ticket48270_test.py:57 successfully checked that filter with exact mr , a filter with lowercase eq is failing
Failed tickets/ticket48325_test.py::test_ticket48325 45.57
topology_m1h1c1 = <lib389.topologies.TopologyMain object at 0x7fe031b2fc70>

def test_ticket48325(topology_m1h1c1):
"""
Test that the RUV element order is correctly maintained when promoting
a hub or consumer.
"""

#
# Promote consumer to master
#
C1 = topology_m1h1c1.cs["consumer1"]
M1 = topology_m1h1c1.ms["master1"]
H1 = topology_m1h1c1.hs["hub1"]
repl = ReplicationManager(DEFAULT_SUFFIX)
> repl._ensure_changelog(C1)

/export/tests/tickets/ticket48325_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0319db550>
func = <built-in method result4 of LDAP object at 0x7fe031a75330>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 15, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for hub1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39101, 'ldap-secureport': 63801, 'server-id': 'hub1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for consumer1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39201, 'ldap-secureport': 63901, 'server-id': 'consumer1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:524 Creating replication topology. INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39101 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39101 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39101 is NOT working (expect 0eec9260-9fe5-4e82-9ee4-f9d59161813b / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39101 is working INFO lib389.replica:replica.py:2211 SUCCESS: joined consumer from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39101 INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39201 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39101 to ldap://host-10-0-139-83:39201 is was created INFO lib389.replica:replica.py:2268 SUCCESS: joined consumer from ldap://host-10-0-139-83:39101 to ldap://host-10-0-139-83:39201 INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is NOT working (expect ff6a68f9-2aed-49bc-97ac-27b02bfb8ad2 / got description=0eec9260-9fe5-4e82-9ee4-f9d59161813b) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is working
Failed tickets/ticket48342_test.py::test_ticket4026 139.67
topology_m3 = <lib389.topologies.TopologyMain object at 0x7fe032a9ef10>

def test_ticket4026(topology_m3):
"""Write your replication testcase here.

To access each DirSrv instance use: topology_m3.ms["master1"], topology_m3.ms["master2"],
..., topology_m3.hub1, ..., topology_m3.consumer1, ...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).
"""

try:
topology_m3.ms["master1"].add_s(Entry((PEOPLE_DN, {
'objectclass': "top extensibleObject".split(),
'ou': 'people'})))
except ldap.ALREADY_EXISTS:
pass

topology_m3.ms["master1"].add_s(Entry(('ou=ranges,' + SUFFIX, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'ranges'
})))
for cpt in range(MAX_ACCOUNTS):
name = "user%d" % (cpt)
topology_m3.ms["master1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))

# make master3 having more free slots that master2
# so master1 will contact master3
_dna_config(topology_m3.ms["master1"], nextValue=100, maxValue=10)
_dna_config(topology_m3.ms["master2"], nextValue=200, maxValue=10)
_dna_config(topology_m3.ms["master3"], nextValue=300, maxValue=3000)

# Turn on lots of error logging now.

mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'16384')]
# mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', '1')]
topology_m3.ms["master1"].modify_s('cn=config', mod)
topology_m3.ms["master2"].modify_s('cn=config', mod)
topology_m3.ms["master3"].modify_s('cn=config', mod)

# We need to wait for the event in dna.c to fire to start the servers
# see dna.c line 899
time.sleep(60)

# add on master1 users with description DNA
for cpt in range(10):
name = "user_with_desc1_%d" % (cpt)
topology_m3.ms["master1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'description': '-1',
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))
# give time to negociate master1 <--> master3
time.sleep(10)
# add on master1 users with description DNA
for cpt in range(11, 20):
name = "user_with_desc1_%d" % (cpt)
> topology_m3.ms["master1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'description': '-1',
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))

/export/tests/tickets/ticket48342_test.py:118:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:439: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:177: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe032a9e190>
func = <built-in method result4 of LDAP object at 0x7fe03355c3f0>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 105, 'msgid': 15, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Allocation of a new value for range cn=dna config,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed! Unable to proceed.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'master3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect b23a18a2-0a1b-49cf-a26f-dc03d2012142 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 9461a125-d534-444a-957c-f25aa4eb5e19 / got description=b23a18a2-0a1b-49cf-a26f-dc03d2012142) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:156 Joining master master3 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is NOT working (expect 21b66b94-92e7-45c4-9ab0-3725c3f76364 / got description=9461a125-d534-444a-957c-f25aa4eb5e19) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is NOT working (expect 28e721b7-6cbf-4c6f-b889-4ff39111fa9f / got description=21b66b94-92e7-45c4-9ab0-3725c3f76364) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 is was created
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...host-10-0-139-83:39001 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server... INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...host-10-0-139-83:39002 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server... INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...host-10-0-139-83:39003 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server...
Failed tickets/ticket48497_test.py::test_ticket48497_homeDirectory_index_run 3.62
topology_st = <lib389.topologies.TopologyMain object at 0x7fe032e9c6d0>

def test_ticket48497_homeDirectory_index_run(topology_st):
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

/export/tests/tickets/ticket48497_test.py:91:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe032d87f40>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'homeDirectory'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
Failed tickets/ticket48637_test.py::test_ticket48637 16.39
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031bb3160>

def test_ticket48637(topology_st):
"""Test for entry cache corruption

This requires automember and managed entry plugins to be configured.

Then remove the group that automember would use to trigger a failure when
adding a new entry. Automember fails, and then managed entry also fails.

Make sure a base search on the entry returns error 32
"""

if DEBUGGING:
# Add debugging steps(if any)...
pass

#
# Add our setup entries
#
try:
topology_st.standalone.add_s(Entry((PEOPLE_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'people'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add people ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((GROUP_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'groups'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add groups ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_OU, {
'objectclass': 'top extensibleObject'.split(),
'ou': 'mep'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_TEMPLATE, {
'objectclass': 'top mepTemplateEntry'.split(),
'cn': 'mep template',
'mepRDNAttr': 'cn',
'mepStaticAttr': 'objectclass: groupofuniquenames',
'mepMappedAttr': 'cn: $uid'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

#
# Configure automember
#
try:
topology_st.standalone.add_s(Entry((AUTO_DN, {
'cn': 'All Users',
'objectclass': ['top', 'autoMemberDefinition'],
'autoMemberScope': 'dc=example,dc=com',
'autoMemberFilter': 'objectclass=person',
'autoMemberDefaultGroup': GROUP_DN,
'autoMemberGroupingAttr': 'uniquemember:dn'})))
except ldap.LDAPError as e:
log.fatal('Failed to configure automember plugin : ' + str(e))
assert False

#
# Configure managed entry plugin
#
try:
topology_st.standalone.add_s(Entry((MEP_DN, {
'cn': 'MEP Definition',
'objectclass': ['top', 'extensibleObject'],
'originScope': 'ou=people,dc=example,dc=com',
'originFilter': 'objectclass=person',
'managedBase': 'ou=groups,dc=example,dc=com',
'managedTemplate': MEP_TEMPLATE})))
except ldap.LDAPError as e:
log.fatal('Failed to configure managed entry plugin : ' + str(e))
assert False

#
# Restart DS
#
topology_st.standalone.restart(timeout=30)

#
# Add entry that should fail since the automember group does not exist
#
try:
topology_st.standalone.add_s(Entry((USER_DN, {
'uid': 'test',
'objectclass': ['top', 'person', 'extensibleObject'],
'sn': 'test',
'cn': 'test'})))
except ldap.LDAPError as e:
pass

#
# Search for the entry - it should not be returned
#
try:
entry = topology_st.standalone.search_s(USER_DN, ldap.SCOPE_SUBTREE,
'objectclass=*')
if entry:
log.fatal('Entry was incorrectly returned')
> assert False
E assert False

/export/tests/tickets/ticket48637_test.py:139: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
CRITICAL tests.tickets.ticket48637_test:ticket48637_test.py:138 Entry was incorrectly returned
Failed tickets/ticket48745_test.py::test_ticket48745_homeDirectory_indexed_cis 2.11
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031a61970>

def test_ticket48745_homeDirectory_indexed_cis(topology_st):
log.info("\n\nindex homeDirectory in caseIgnoreIA5Match and caseExactIA5Match")
try:
ent = topology_st.standalone.getEntry(HOMEDIRECTORY_INDEX, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
topology_st.standalone.add_s(Entry((HOMEDIRECTORY_INDEX, {
'objectclass': "top nsIndex".split(),
'cn': HOMEDIRECTORY_CN,
'nsSystemIndex': 'false',
'nsIndexType': 'eq'})))
# log.info("attach debugger")
# time.sleep(60)

IGNORE_MR_NAME = b'caseIgnoreIA5Match'
EXACT_MR_NAME = b'caseExactIA5Match'
mod = [(ldap.MOD_REPLACE, MATCHINGRULE, (IGNORE_MR_NAME, EXACT_MR_NAME))]
topology_st.standalone.modify_s(HOMEDIRECTORY_INDEX, mod)

# topology_st.standalone.stop(timeout=10)
log.info("successfully checked that filter with exact mr , a filter with lowercase eq is failing")
# assert topology_st.standalone.db2index(bename=DEFAULT_BENAME, suffixes=None, attrs=['homeDirectory'])
# topology_st.standalone.start(timeout=10)
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

/export/tests/tickets/ticket48745_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe031815e80>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'homeDirectory'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48745_test:ticket48745_test.py:39 index homeDirectory in caseIgnoreIA5Match and caseExactIA5Match INFO tests.tickets.ticket48745_test:ticket48745_test.py:57 successfully checked that filter with exact mr , a filter with lowercase eq is failing
Failed tickets/ticket48746_test.py::test_ticket48746_homeDirectory_indexed_cis 2.35
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03172e910>

def test_ticket48746_homeDirectory_indexed_cis(topology_st):
log.info("\n\nindex homeDirectory in caseIgnoreIA5Match and caseExactIA5Match")
try:
ent = topology_st.standalone.getEntry(HOMEDIRECTORY_INDEX, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
topology_st.standalone.add_s(Entry((HOMEDIRECTORY_INDEX, {
'objectclass': "top nsIndex".split(),
'cn': HOMEDIRECTORY_CN,
'nsSystemIndex': 'false',
'nsIndexType': 'eq'})))
# log.info("attach debugger")
# time.sleep(60)

IGNORE_MR_NAME = b'caseIgnoreIA5Match'
EXACT_MR_NAME = b'caseExactIA5Match'
mod = [(ldap.MOD_REPLACE, MATCHINGRULE, (IGNORE_MR_NAME, EXACT_MR_NAME))]
topology_st.standalone.modify_s(HOMEDIRECTORY_INDEX, mod)

# topology_st.standalone.stop(timeout=10)
log.info("successfully checked that filter with exact mr , a filter with lowercase eq is failing")
# assert topology_st.standalone.db2index(bename=DEFAULT_BENAME, suffixes=None, attrs=['homeDirectory'])
# topology_st.standalone.start(timeout=10)
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

/export/tests/tickets/ticket48746_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe031925f10>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'homeDirectory'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48746_test:ticket48746_test.py:39 index homeDirectory in caseIgnoreIA5Match and caseExactIA5Match INFO tests.tickets.ticket48746_test:ticket48746_test.py:57 successfully checked that filter with exact mr , a filter with lowercase eq is failing
Failed tickets/ticket48746_test.py::test_ticket48746_homeDirectory_indexed_ces 3.13
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03172e910>

def test_ticket48746_homeDirectory_indexed_ces(topology_st):
log.info("\n\nindex homeDirectory in caseExactIA5Match, this would trigger the crash")
try:
ent = topology_st.standalone.getEntry(HOMEDIRECTORY_INDEX, ldap.SCOPE_BASE)
except ldap.NO_SUCH_OBJECT:
topology_st.standalone.add_s(Entry((HOMEDIRECTORY_INDEX, {
'objectclass': "top nsIndex".split(),
'cn': HOMEDIRECTORY_CN,
'nsSystemIndex': 'false',
'nsIndexType': 'eq'})))
# log.info("attach debugger")
# time.sleep(60)

EXACT_MR_NAME = b'caseExactIA5Match'
mod = [(ldap.MOD_REPLACE, MATCHINGRULE, (EXACT_MR_NAME))]
topology_st.standalone.modify_s(HOMEDIRECTORY_INDEX, mod)

# topology_st.standalone.stop(timeout=10)
log.info("successfully checked that filter with exact mr , a filter with lowercase eq is failing")
# assert topology_st.standalone.db2index(bename=DEFAULT_BENAME, suffixes=None, attrs=['homeDirectory'])
# topology_st.standalone.start(timeout=10)
args = {TASK_WAIT: True}
> topology_st.standalone.tasks.reindex(suffix=SUFFIX, attrname='homeDirectory', args=args)

/export/tests/tickets/ticket48746_test.py:125:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe031925f10>
suffix = 'dc=example,dc=com', benamebase = None, attrname = 'homeDirectory'
args = {'wait': True}, vlv = False

def reindex(self, suffix=None, benamebase=None, attrname=None, args=None, vlv=False):
'''
Reindex a 'suffix' (or 'benamebase' that stores that suffix) for a
given 'attrname'. It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

:param suffix - suffix of the backend
:param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
:param attrname - attribute name
:param args - is a dictionary that contains modifier of the reindex
task
wait: True/[False] - If True, 'index' waits for the completion
of the task before to return
:param vlv - this task is to reindex a VLV index

:return None

:raise ValueError - if invalid missing benamebase and suffix or invalid
benamebase
:raise LDAPError if unable to search for index names

'''
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

# If backend name was provided, retrieve the suffix
if benamebase:
ents = self.conn.mappingtree.list(bename=benamebase)
if len(ents) != 1:
raise ValueError("invalid backend name: %s" % benamebase)

attr_suffix = MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]
if not ents[0].hasAttr(attr_suffix):
raise ValueError(
"invalid backend name: %s, or entry without %s" %
(benamebase, attr_suffix))

suffix = ensure_str(ents[0].getValue(attr_suffix))

backend = None
entries_backend = self.conn.backends.list()
for be in entries_backend:
be_suffix = ensure_str(be.get_attr_val_utf8_l('nsslapd-suffix')).lower()
if be_suffix == suffix.lower():
backend = be.get_attr_val_utf8_l('cn')
if backend is None:
raise ValueError("Failed to find backaned matching the suffix")

attrs = []
if vlv:
# We are indexing a VLV index/sort.
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)
cn = "index_vlv_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexVLVAttribute': attrs,
'nsInstance': backend
})
else:
if attrname is None:
#
# Reindex all attributes - gather them first...
#
cn = "index_all_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
dn = ('cn=%s,cn=ldbm database,cn=plugins,cn=config' % backend)
try:
indexes = self.conn.search_s(dn, ldap.SCOPE_SUBTREE, '(objectclass=nsIndex)')
for index in indexes:
attrs.append(ensure_str(index.getValue('cn')))
except ldap.LDAPError as e:
raise e
else:
#
# Reindex specific attributes
#
cn = "index_attrs_%s" % (time.strftime("%m%d%Y_%H%M%S", time.localtime()))
if isinstance(attrname, (tuple, list)):
# Need to guarantee this is a list (and not a tuple)
for attr in attrname:
attrs.append(attr)
else:
attrs.append(attrname)

dn = "cn=%s,%s" % (cn, DN_INDEX_TASK)
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject'],
'cn': cn,
'nsIndexAttribute': attrs,
'nsInstance': backend
})

# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add the index task for %s", attrname)
return -1

exitCode = 0
if args is not None and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:809: ValueError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48746_test:ticket48746_test.py:104 index homeDirectory in caseExactIA5Match, this would trigger the crash INFO tests.tickets.ticket48746_test:ticket48746_test.py:121 successfully checked that filter with exact mr , a filter with lowercase eq is failing
Failed tickets/ticket48784_test.py::test_ticket48784 53.19
Fixture "add_entry" called directly. Fixtures are not meant to be called directly,
but are created automatically when test functions request them as parameters.
See https://docs.pytest.org/en/latest/fixture.html for more information about fixtures, and
https://docs.pytest.org/en/latest/deprecations.html#calling-fixtures-directly about how to update your code.
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect 247d647d-9fda-4afa-a80c-f8b431b61da7 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 883e83e3-8f1b-41d5-804b-121d966f038e / got description=247d647d-9fda-4afa-a80c-f8b431b61da7) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48784_test:ticket48784_test.py:90 Ticket 48784 - Allow usage of OpenLDAP libraries that don't use NSS for crypto INFO tests.tickets.ticket48784_test:ticket48784_test.py:50 ######################### Configure SSL/TLS agreements ###################### INFO tests.tickets.ticket48784_test:ticket48784_test.py:51 ######################## master1 <-- startTLS -> master2 ##################### INFO tests.tickets.ticket48784_test:ticket48784_test.py:53 ##### Update the agreement of master1 INFO tests.tickets.ticket48784_test:ticket48784_test.py:58 ##### Update the agreement of master2 INFO tests.tickets.ticket48784_test:ticket48784_test.py:68 ######################### Configure SSL/TLS agreements Done ######################
Failed tickets/ticket48798_test.py::test_ticket48798 19.09
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031b9c550>

def test_ticket48798(topology_st):
"""
Test DH param sizes offered by DS.

"""
topology_st.standalone.enable_tls()

# Confirm that we have a connection, and that it has DH

# Open a socket to the port.
# Check the security settings.
> size = check_socket_dh_param_size(topology_st.standalone.host, topology_st.standalone.sslport)

/export/tests/tickets/ticket48798_test.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48798_test.py:23: in check_socket_dh_param_size
output = check_output(cmd, shell=True)
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = ('echo quit | openssl s_client -connect host-10-0-139-83:63601 -msg -cipher DH | grep -A 1 ServerKeyExchange',)
kwargs = {'shell': True, 'stdout': -1}
process = <Popen: returncode: 1 args: ['e', 'c', 'h', 'o', ' ', 'q', 'u', 'i', 't', ' ...>
stdout = b'', stderr = None, retcode = 1

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command 'echo quit | openssl s_client -connect host-10-0-139-83:63601 -msg -cipher DH | grep -A 1 ServerKeyExchange' returned non-zero exit status 1.

/usr/lib64/python3.9/subprocess.py:524: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stderr call------------------------------
Can't use SSL_get_servername depth=1 C = AU, ST = Queensland, L = 389ds, O = testing, CN = ssca.389ds.example.com verify return:1 depth=0 C = AU, ST = Queensland, L = 389ds, O = testing, GN = 0ef19e79-ef1f-4df2-b662-0e5823ad030a, CN = host-10-0-139-83 verify return:1 DONE
Failed tickets/ticket48808_test.py::test_ticket48808 16.97
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0319da5e0>
create_user = None

def test_ticket48808(topology_st, create_user):
log.info('Run multiple paging controls on a single connection')
users_num = 100
page_size = 30
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

for ii in range(3):
log.info('Iteration %d' % ii)
msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
rtype, rdata, rmsgid, rctrls = topology_st.standalone.result3(msgid)
pctrls = [
c
for c in rctrls
if c.controlType == SimplePagedResultsControl.controlType
]

req_ctrl.cookie = pctrls[0].cookie
msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
log.info('Set Directory Manager bind back')
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
del_users(topology_st, users_list)

log.info('Abandon the search')
users_num = 10
page_size = 0
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
rtype, rdata, rmsgid, rctrls = topology_st.standalone.result3(msgid)
pctrls = [
c
for c in rctrls
if c.controlType == SimplePagedResultsControl.controlType
]
assert not pctrls[0].cookie

log.info('Set Directory Manager bind back')
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
del_users(topology_st, users_list)

log.info("Search should fail with 'nsPagedSizeLimit = 5'"
"and 'nsslapd-pagedsizelimit = 15' with 10 users")
conf_attr = b'15'
user_attr = b'5'
expected_rs = ldap.SIZELIMIT_EXCEEDED
users_num = 10
page_size = 10
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']
conf_attr_bck = change_conf_attr(topology_st, DN_CONFIG,
'nsslapd-pagedsizelimit', conf_attr)
user_attr_bck = change_conf_attr(topology_st, TEST_USER_DN,
'nsPagedSizeLimit', user_attr)

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

log.info('Expect to fail with SIZELIMIT_EXCEEDED')
with pytest.raises(expected_rs):
> all_results = paged_search(topology_st, controls,
search_flt, searchreq_attrlist)
E Failed: DID NOT RAISE <class 'ldap.SIZELIMIT_EXCEEDED'>

/export/tests/tickets/ticket48808_test.py:252: Failed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48808_test:ticket48808_test.py:159 Run multiple paging controls on a single connection INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 100 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:166 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:169 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 0 INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 1 INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 2 INFO tests.tickets.ticket48808_test:ticket48808_test.py:193 Set Directory Manager bind back INFO tests.tickets.ticket48808_test:ticket48808_test.py:75 Deleting 100 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:197 Abandon the search INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:204 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:207 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:224 Set Directory Manager bind back INFO tests.tickets.ticket48808_test:ticket48808_test.py:75 Deleting 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:228 Search should fail with 'nsPagedSizeLimit = 5'and 'nsslapd-pagedsizelimit = 15' with 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:95 Set nsslapd-pagedsizelimit to b'15'. Previous value - [b'0']. Modified suffix - cn=config. INFO tests.tickets.ticket48808_test:ticket48808_test.py:95 Set nsPagedSizeLimit to b'5'. Previous value - None. Modified suffix - uid=simplepaged_test,dc=example,dc=com. INFO tests.tickets.ticket48808_test:ticket48808_test.py:243 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:246 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:250 Expect to fail with SIZELIMIT_EXCEEDED INFO tests.tickets.ticket48808_test:ticket48808_test.py:130 Getting page 0
Failed tickets/ticket48896_test.py::test_ticket48896 11.16
server = <lib389.DirSrv object at 0x7fe031a61370>, curpw = 'password'
newpw = 'Abcd012+', expstr = 'be ok', rc = 0

def replace_pw(server, curpw, newpw, expstr, rc):
log.info('Binding as {%s, %s}' % (TESTDN, curpw))
server.simple_bind_s(TESTDN, curpw)

hit = 0
log.info('Replacing password: %s -> %s, which should %s' % (curpw, newpw, expstr))
try:
> server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])

/export/tests/tickets/ticket48896_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=buser123,dc=example,dc=com', [(2, 'userPassword', b'Abcd012+')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7fe0320ac440, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 179,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x56144f2bb060, file '/export/tests/tickets/ticket48896_test.py', line 57, code replace_pw>,...code_context=[" server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>
dn = 'uid=buser123,dc=example,dc=com'
modlist = [(2, 'userPassword', b'Abcd012+')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=buser123,dc=example,dc=com', [(2, 'userPassword', b'Abcd012+')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>
dn = 'uid=buser123,dc=example,dc=com'
modlist = [(2, 'userPassword', b'Abcd012+')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>, msgid = 8, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>, msgid = 8, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7fe0318da390>, 8, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>
func = <built-in method result4 of LDAP object at 0x7fe0318da390>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 8, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=buser123,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7fe031b99c40>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a61370>
func = <built-in method result4 of LDAP object at 0x7fe0318da390>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 8, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=buser123,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031a61b80>

def test_ticket48896(topology_st):
"""
"""
log.info('Testing Ticket 48896 - Default Setting for passwordMinTokenLength does not work')

log.info("Setting global password policy with password syntax.")
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'passwordCheckSyntax', b'on'),
(ldap.MOD_REPLACE, 'nsslapd-pwpolicy-local', b'on')])

config = topology_st.standalone.search_s(CONFIG_DN, ldap.SCOPE_BASE, 'cn=*')
mintokenlen = config[0].getValue('passwordMinTokenLength')
history = config[0].getValue('passwordInHistory')

log.info('Default passwordMinTokenLength == %s' % mintokenlen)
log.info('Default passwordInHistory == %s' % history)

log.info('Adding a user.')
curpw = 'password'
topology_st.standalone.add_s(Entry((TESTDN,
{'objectclass': "top person organizationalPerson inetOrgPerson".split(),
'cn': 'test user',
'sn': 'user',
'userPassword': curpw})))

newpw = 'Abcd012+'
exp = 'be ok'
rc = 0
> replace_pw(topology_st.standalone, curpw, newpw, exp, rc)

/export/tests/tickets/ticket48896_test.py:94:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

server = <lib389.DirSrv object at 0x7fe031a61370>, curpw = 'password'
newpw = 'Abcd012+', expstr = 'be ok', rc = 0

def replace_pw(server, curpw, newpw, expstr, rc):
log.info('Binding as {%s, %s}' % (TESTDN, curpw))
server.simple_bind_s(TESTDN, curpw)

hit = 0
log.info('Replacing password: %s -> %s, which should %s' % (curpw, newpw, expstr))
try:
server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])
except Exception as e:
log.info("Exception (expected): %s" % type(e).__name__)
hit = 1
> assert isinstance(e, rc)
E TypeError: isinstance() arg 2 must be a type or tuple of types

/export/tests/tickets/ticket48896_test.py:57: TypeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48896_test:ticket48896_test.py:69 Testing Ticket 48896 - Default Setting for passwordMinTokenLength does not work INFO tests.tickets.ticket48896_test:ticket48896_test.py:71 Setting global password policy with password syntax. INFO tests.tickets.ticket48896_test:ticket48896_test.py:80 Default passwordMinTokenLength == b'3' INFO tests.tickets.ticket48896_test:ticket48896_test.py:81 Default passwordInHistory == b'6' INFO tests.tickets.ticket48896_test:ticket48896_test.py:83 Adding a user. INFO tests.tickets.ticket48896_test:ticket48896_test.py:47 Binding as {uid=buser123,dc=example,dc=com, password} INFO tests.tickets.ticket48896_test:ticket48896_test.py:51 Replacing password: password -> Abcd012+, which should be ok INFO tests.tickets.ticket48896_test:ticket48896_test.py:55 Exception (expected): INSUFFICIENT_ACCESS
Failed tickets/ticket48916_test.py::test_ticket48916 80.58
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032c74d30>

def test_ticket48916(topology_m2):
"""
https://bugzilla.redhat.com/show_bug.cgi?id=1353629

This is an issue with ID exhaustion in DNA causing a crash.

To access each DirSrv instance use: topology_m2.ms["master1"], topology_m2.ms["master2"],
..., topology_m2.hub1, ..., topology_m2.consumer1,...


"""

if DEBUGGING:
# Add debugging steps(if any)...
pass

# Enable the plugin on both servers

dna_m1 = topology_m2.ms["master1"].plugins.get('Distributed Numeric Assignment Plugin')
dna_m2 = topology_m2.ms["master2"].plugins.get('Distributed Numeric Assignment Plugin')

# Configure it
# Create the container for the ranges to go into.

topology_m2.ms["master1"].add_s(Entry(
('ou=Ranges,%s' % DEFAULT_SUFFIX, {
'objectClass': 'top organizationalUnit'.split(' '),
'ou': 'Ranges',
})
))

# Create the dnaAdmin?

# For now we just pinch the dn from the dna_m* types, and add the relevant child config
# but in the future, this could be a better plugin template type from lib389

config_dn = dna_m1.dn

topology_m2.ms["master1"].add_s(Entry(
('cn=uids,%s' % config_dn, {
'objectClass': 'top dnaPluginConfig'.split(' '),
'cn': 'uids',
'dnatype': 'uidNumber gidNumber'.split(' '),
'dnafilter': '(objectclass=posixAccount)',
'dnascope': '%s' % DEFAULT_SUFFIX,
'dnaNextValue': '1',
'dnaMaxValue': '50',
'dnasharedcfgdn': 'ou=Ranges,%s' % DEFAULT_SUFFIX,
'dnaThreshold': '0',
'dnaRangeRequestTimeout': '60',
'dnaMagicRegen': '-1',
'dnaRemoteBindDN': 'uid=dnaAdmin,ou=People,%s' % DEFAULT_SUFFIX,
'dnaRemoteBindCred': 'secret123',
'dnaNextRange': '80-90'
})
))

topology_m2.ms["master2"].add_s(Entry(
('cn=uids,%s' % config_dn, {
'objectClass': 'top dnaPluginConfig'.split(' '),
'cn': 'uids',
'dnatype': 'uidNumber gidNumber'.split(' '),
'dnafilter': '(objectclass=posixAccount)',
'dnascope': '%s' % DEFAULT_SUFFIX,
'dnaNextValue': '61',
'dnaMaxValue': '70',
'dnasharedcfgdn': 'ou=Ranges,%s' % DEFAULT_SUFFIX,
'dnaThreshold': '2',
'dnaRangeRequestTimeout': '60',
'dnaMagicRegen': '-1',
'dnaRemoteBindDN': 'uid=dnaAdmin,ou=People,%s' % DEFAULT_SUFFIX,
'dnaRemoteBindCred': 'secret123',
})
))

# Enable the plugins
dna_m1.enable()
dna_m2.enable()

# Restart the instances
topology_m2.ms["master1"].restart(60)
topology_m2.ms["master2"].restart(60)

# Wait for a replication .....
time.sleep(40)

# Allocate the 10 members to exhaust

for i in range(1, 11):
_create_user(topology_m2.ms["master2"], i)

# Allocate the 11th
> _create_user(topology_m2.ms["master2"], 11)

/export/tests/tickets/ticket48916_test.py:126:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48916_test.py:21: in _create_user
inst.add_s(Entry(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:439: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:177: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a9d5e0>
func = <built-in method result4 of LDAP object at 0x7fe032f8f660>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 105, 'msgid': 13, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Allocation of a new value for range cn=uids,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed! Unable to proceed.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect f2793d38-81b8-4347-91ba-a6f848be0b4d / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect b95bb675-da78-47c7-90d4-e7fbc3e598a0 / got description=f2793d38-81b8-4347-91ba-a6f848be0b4d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
Failed tickets/ticket48956_test.py::test_ticket48956 18.96
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031902370>

def test_ticket48956(topology_st):
"""Write your testcase here...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).

"""

topology_st.standalone.modify_s(ACCT_POLICY_PLUGIN_DN,
[(ldap.MOD_REPLACE, 'nsslapd-pluginarg0', ensure_bytes(ACCT_POLICY_CONFIG_DN))])

topology_st.standalone.modify_s(ACCT_POLICY_CONFIG_DN, [(ldap.MOD_REPLACE, 'alwaysrecordlogin', b'yes'),
(ldap.MOD_REPLACE, 'stateattrname', b'lastLoginTime'),
(ldap.MOD_REPLACE, 'altstateattrname', b'createTimestamp'),
(ldap.MOD_REPLACE, 'specattrname', b'acctPolicySubentry'),
(ldap.MOD_REPLACE, 'limitattrname',
b'accountInactivityLimit')])

# Enable the plugins
topology_st.standalone.plugins.enable(name=PLUGIN_ACCT_POLICY)
topology_st.standalone.restart(timeout=10)

# Check inactivity on standard suffix (short)
> _check_inactivity(topology_st, SUFFIX)

/export/tests/tickets/ticket48956_test.py:107:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48956_test.py:78: in _check_inactivity
assert (_check_status(topology_st, TEST_USER_DN, b'- activated'))
/export/tests/tickets/ticket48956_test.py:39: in _check_status
output = subprocess.check_output([nsaccountstatus, '-Z', topology_st.standalone.serverid,
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:501: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:947: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/ns-accountstatus.pl', '-Z', 'stand...>
args = ['/usr/sbin/ns-accountstatus.pl', '-Z', 'standalone1', '-D', 'cn=Directory Manager', '-w', ...]
executable = b'/usr/sbin/ns-accountstatus.pl', preexec_fn = None
close_fds = True, pass_fds = (), cwd = None, env = None, startupinfo = None
creationflags = 0, shell = False, p2cread = -1, p2cwrite = -1, c2pread = 49
c2pwrite = 51, errread = -1, errwrite = -1, restore_signals = True, gid = None
gids = None, uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/ns-accountstatus.pl'

/usr/lib64/python3.9/subprocess.py:1819: FileNotFoundError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48956_test:ticket48956_test.py:54 ######################### Adding Account Policy entry: cn=Account Inactivation Policy,dc=example,dc=com ###################### INFO tests.tickets.ticket48956_test:ticket48956_test.py:61 ######################### Adding Test User entry: uid=ticket48956user,dc=example,dc=com ######################
Failed tickets/ticket48961_test.py::test_ticket48961_storagescheme 9.22
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03171ee80>

def test_ticket48961_storagescheme(topology_st):
"""
Test deleting of the storage scheme.
"""

default = topology_st.standalone.config.get_attr_val('passwordStorageScheme')
# Change it
topology_st.standalone.config.set('passwordStorageScheme', 'CLEAR')
# Now delete it
> topology_st.standalone.config.remove('passwordStorageScheme', None)

/export/tests/tickets/ticket48961_test.py:28:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:317: in remove
self.set(key, value, action=ldap.MOD_DELETE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe03171edf0>
func = <built-in method result4 of LDAP object at 0x7fe031714d20>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 103, 'msgid': 5, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'passwordStorageScheme: deleting the value is not allowed.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48961_test.py::test_ticket48961_deleteall 1.86
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03171ee80>

def test_ticket48961_deleteall(topology_st):
"""
Test that we can delete all valid attrs, and that a few are rejected.
"""
attr_to_test = {
'nsslapd-listenhost': 'localhost',
'nsslapd-securelistenhost': 'localhost',
'nsslapd-allowed-sasl-mechanisms': 'GSSAPI',
'nsslapd-svrtab': 'Some bogus data', # This one could reset?
}
attr_to_fail = {
# These are the values that should always be dn dse.ldif too
'nsslapd-localuser': 'dirsrv',
'nsslapd-defaultnamingcontext': 'dc=example,dc=com', # Can't delete
'nsslapd-accesslog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/access',
'nsslapd-auditlog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/audit',
'nsslapd-errorlog': '/opt/dirsrv/var/log/dirsrv/slapd-standalone/errors',
'nsslapd-tmpdir': '/tmp',
'nsslapd-rundir': '/opt/dirsrv/var/run/dirsrv',
'nsslapd-bakdir': '/opt/dirsrv/var/lib/dirsrv/slapd-standalone/bak',
'nsslapd-certdir': '/opt/dirsrv/etc/dirsrv/slapd-standalone',
'nsslapd-instancedir': '/opt/dirsrv/lib/dirsrv/slapd-standalone',
'nsslapd-ldifdir': '/opt/dirsrv/var/lib/dirsrv/slapd-standalone/ldif',
'nsslapd-lockdir': '/opt/dirsrv/var/lock/dirsrv/slapd-standalone',
'nsslapd-schemadir': '/opt/dirsrv/etc/dirsrv/slapd-standalone/schema',
'nsslapd-workingdir': '/opt/dirsrv/var/log/dirsrv/slapd-standalone',
'nsslapd-localhost': 'localhost.localdomain',
# These can't be reset, but might be in dse.ldif. Probably in libglobs.
'nsslapd-certmap-basedn': 'cn=certmap,cn=config',
'nsslapd-port': '38931', # Can't delete
'nsslapd-secureport': '636', # Can't delete
'nsslapd-conntablesize': '1048576',
'nsslapd-rootpw': '{SSHA512}...',
# These are hardcoded server magic.
'nsslapd-hash-filters': 'off', # Can't delete
'nsslapd-requiresrestart': 'cn=config:nsslapd-port', # Can't change
'nsslapd-plugin': 'cn=case ignore string syntax,cn=plugins,cn=config', # Can't change
'nsslapd-privatenamespaces': 'cn=schema', # Can't change
'nsslapd-allowed-to-delete-attrs': 'None', # Can't delete
'nsslapd-accesslog-list': 'List!', # Can't delete
'nsslapd-auditfaillog-list': 'List!',
'nsslapd-auditlog-list': 'List!',
'nsslapd-errorlog-list': 'List!',
'nsslapd-config': 'cn=config',
'nsslapd-versionstring': '389-Directory/1.3.6.0',
'objectclass': '',
'cn': '',
# These are the odd values
'nsslapd-backendconfig': 'cn=config,cn=userRoot,cn=ldbm database,cn=plugins,cn=config', # Doesn't exist?
'nsslapd-betype': 'ldbm database', # Doesn't exist?
'nsslapd-connection-buffer': 1, # Has an ldap problem
'nsslapd-malloc-mmap-threshold': '-10', # Defunct anyway
'nsslapd-malloc-mxfast': '-10',
'nsslapd-malloc-trim-threshold': '-10',
'nsslapd-referralmode': '',
'nsslapd-saslpath': '',
'passwordadmindn': '',
}

> config_entry = topology_st.standalone.config.raw_entry()

/export/tests/tickets/ticket48961_test.py:101:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.config.Config object at 0x7fe0317147c0>, name = 'raw_entry'

def __getattr__(self, name):
"""This enables a bit of magic to allow us to wrap any function ending with
_json to it's form without json, then transformed. It means your function
*must* return it's values as a dict of:

{ attr : [val, val, ...], attr : [], ... }
to be supported.
"""

if (name.endswith('_json')):
int_name = name.replace('_json', '')
pfunc = partial(self._jsonify, getattr(self, int_name))
return pfunc
else:
> raise AttributeError("'%s' object has no attribute '%s'" % (self.__class__.__name__, name))
E AttributeError: 'Config' object has no attribute 'raw_entry'

/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:200: AttributeError
Failed tickets/ticket49039_test.py::test_ticket49039 17.10
topo = <lib389.topologies.TopologyMain object at 0x7fe031a5c2e0>

def test_ticket49039(topo):
"""Test "password must change" verses "password min age". Min age should not
block password update if the password was reset.
"""

# Setup SSL (for ldappasswd test)
topo.standalone.enable_tls()

# Configure password policy
try:
policy = PwPolicyManager(topo.standalone)
policy.set_global_policy(properties={'nsslapd-pwpolicy-local': 'on',
'passwordMustChange': 'on',
'passwordExp': 'on',
'passwordMaxAge': '86400000',
'passwordMinAge': '8640000',
'passwordChange': 'on'})
except ldap.LDAPError as e:
log.fatal('Failed to set password policy: ' + str(e))

# Add user, bind, and set password
try:
topo.standalone.add_s(Entry((USER_DN, {
'objectclass': 'top extensibleObject'.split(),
'uid': 'user1',
'userpassword': PASSWORD
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user: error ' + e.args[0]['desc'])
assert False

# Reset password as RootDN
try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

time.sleep(1)

# Reset password as user
try:
topo.standalone.simple_bind_s(USER_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

try:
> topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])

/export/tests/tickets/ticket49039_test.py:75:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user,dc=example,dc=com', [(2, 'userpassword', b'password')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7fe032c82c40, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 179,...93, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x56144f3ca380, file '/export/tests/tickets/ticket49039_test.py', line 78, code test_ticket4...[" topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>
dn = 'uid=user,dc=example,dc=com', modlist = [(2, 'userpassword', b'password')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user,dc=example,dc=com', [(2, 'userpassword', b'password')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>
dn = 'uid=user,dc=example,dc=com', modlist = [(2, 'userpassword', b'password')]
serverctrls = None, clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (7,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>, msgid = 7, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (7, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>, msgid = 7, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7fe031a5c5a0>, 7, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>
func = <built-in method result4 of LDAP object at 0x7fe031a5c5a0>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 7, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7fe031a43240>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a5c6a0>
func = <built-in method result4 of LDAP object at 0x7fe031a5c5a0>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 7, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topo = <lib389.topologies.TopologyMain object at 0x7fe031a5c2e0>

def test_ticket49039(topo):
"""Test "password must change" verses "password min age". Min age should not
block password update if the password was reset.
"""

# Setup SSL (for ldappasswd test)
topo.standalone.enable_tls()

# Configure password policy
try:
policy = PwPolicyManager(topo.standalone)
policy.set_global_policy(properties={'nsslapd-pwpolicy-local': 'on',
'passwordMustChange': 'on',
'passwordExp': 'on',
'passwordMaxAge': '86400000',
'passwordMinAge': '8640000',
'passwordChange': 'on'})
except ldap.LDAPError as e:
log.fatal('Failed to set password policy: ' + str(e))

# Add user, bind, and set password
try:
topo.standalone.add_s(Entry((USER_DN, {
'objectclass': 'top extensibleObject'.split(),
'uid': 'user1',
'userpassword': PASSWORD
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user: error ' + e.args[0]['desc'])
assert False

# Reset password as RootDN
try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

time.sleep(1)

# Reset password as user
try:
topo.standalone.simple_bind_s(USER_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to change password: error ' + e.args[0]['desc'])
> assert False
E assert False

/export/tests/tickets/ticket49039_test.py:78: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
CRITICAL tests.tickets.ticket49039_test:ticket49039_test.py:77 Failed to change password: error Insufficient access
Failed tickets/ticket49072_test.py::test_ticket49072_basedn 13.77
topo = <lib389.topologies.TopologyMain object at 0x7fe031520eb0>

def test_ticket49072_basedn(topo):
"""memberOf fixup task does not validate args

:id: dce9b898-119d-42b8-a236-1130e59bfe18
:feature: memberOf
:setup: Standalone instance, with memberOf plugin
:steps: 1. Run fixup-memberOf.pl with invalid DN entry
2. Check if error log reports "Failed to get be backend"
:expectedresults: Fixup-memberOf.pl task should complete, but errors logged.
"""

log.info("Ticket 49072 memberof fixup task with invalid basedn...")
topo.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topo.standalone.restart(timeout=10)

if ds_is_older('1.3'):
inst_dir = topo.standalone.get_inst_dir()
memof_task = os.path.join(inst_dir, FIXUP_MEMOF)
try:
output = subprocess.check_output([memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', TEST_BASEDN, '-f', FILTER])
except subprocess.CalledProcessError as err:
output = err.output
else:
sbin_dir = topo.standalone.get_sbin_dir()
memof_task = os.path.join(sbin_dir, FIXUP_MEMOF)
try:
> output = subprocess.check_output(
[memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', TEST_BASEDN, '-Z', SERVERID_STANDALONE, '-f', FILTER])

/export/tests/tickets/ticket49072_test.py:55:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:501: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:947: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Dire...>
args = ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Directory Manager', '-w', 'password', '-b', ...]
executable = b'/usr/sbin/fixup-memberof.pl', preexec_fn = None, close_fds = True
pass_fds = (), cwd = None, env = None, startupinfo = None, creationflags = 0
shell = False, p2cread = -1, p2cwrite = -1, c2pread = 45, c2pwrite = 48
errread = -1, errwrite = -1, restore_signals = True, gid = None, gids = None
uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/fixup-memberof.pl'

/usr/lib64/python3.9/subprocess.py:1819: FileNotFoundError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49072_test:ticket49072_test.py:40 Ticket 49072 memberof fixup task with invalid basedn...
Failed tickets/ticket49072_test.py::test_ticket49072_filter 12.09
topo = <lib389.topologies.TopologyMain object at 0x7fe031520eb0>

def test_ticket49072_filter(topo):
"""memberOf fixup task does not validate args

:id: dde9e893-119d-42c8-a236-1190e56bfe98
:feature: memberOf
:setup: Standalone instance, with memberOf plugin
:steps: 1. Run fixup-memberOf.pl with invalid filter
2. Check if error log reports "Bad search filter"
:expectedresults: Fixup-memberOf.pl task should complete, but errors logged.
"""
log.info("Ticket 49072 memberof fixup task with invalid filter...")
log.info('Wait for 10 secs and check if task is completed')
time.sleep(10)
task_memof = 'cn=memberOf task,cn=tasks,cn=config'
if topo.standalone.search_s(task_memof, ldap.SCOPE_SUBTREE, 'cn=memberOf_fixup*', ['dn:']):
log.info('memberof task is still running, wait for +10 secs')
time.sleep(10)

if ds_is_older('1.3'):
inst_dir = topo.standalone.get_inst_dir()
memof_task = os.path.join(inst_dir, FIXUP_MEMOF)
try:
output = subprocess.check_output([memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', SUFFIX, '-f', TEST_FILTER])
except subprocess.CalledProcessError as err:
output = err.output
else:
sbin_dir = topo.standalone.get_sbin_dir()
memof_task = os.path.join(sbin_dir, FIXUP_MEMOF)
try:
> output = subprocess.check_output(
[memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', SUFFIX, '-Z', SERVERID_STANDALONE, '-f', TEST_FILTER])

/export/tests/tickets/ticket49072_test.py:96:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/lib64/python3.9/subprocess.py:420: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:501: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:947: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Dire...>
args = ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Directory Manager', '-w', 'password', '-b', ...]
executable = b'/usr/sbin/fixup-memberof.pl', preexec_fn = None, close_fds = True
pass_fds = (), cwd = None, env = None, startupinfo = None, creationflags = 0
shell = False, p2cread = -1, p2cwrite = -1, c2pread = 45, c2pwrite = 48
errread = -1, errwrite = -1, restore_signals = True, gid = None, gids = None
uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/fixup-memberof.pl'

/usr/lib64/python3.9/subprocess.py:1819: FileNotFoundError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49072_test:ticket49072_test.py:77 Ticket 49072 memberof fixup task with invalid filter... INFO tests.tickets.ticket49072_test:ticket49072_test.py:78 Wait for 10 secs and check if task is completed
Failed tickets/ticket49073_test.py::test_ticket49073 37.78
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe031a86880>

def test_ticket49073(topology_m2):
"""Write your replication test here.

To access each DirSrv instance use: topology_m2.ms["master1"], topology_m2.ms["master2"],
..., topology_m2.hub1, ..., topology_m2.consumer1,...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).
"""
topology_m2.ms["master1"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["master1"].restart(timeout=10)
topology_m2.ms["master2"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["master2"].restart(timeout=10)

# Configure fractional to prevent total init to send memberof
ents = topology_m2.ms["master1"].agreement.list(suffix=SUFFIX)
assert len(ents) == 1
log.info('update %s to add nsDS5ReplicatedAttributeListTotal' % ents[0].dn)
> topology_m2.ms["master1"].modify_s(ents[0].dn,
[(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeListTotal',
'(objectclass=*) $ EXCLUDE '),
(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeList',
'(objectclass=*) $ EXCLUDE memberOf')])

/export/tests/tickets/ticket49073_test.py:97:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:612: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:609: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031a86e50>
func = <built-in method modify_ext of LDAP object at 0x7fe0455bf750>
args = ('cn=002,cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsDS5ReplicatedAttributeListTotal', '(objectclass=*) $ EXCLUDE '), (2, 'nsDS5ReplicatedAttributeList', '(objectclass=*) $ EXCLUDE memberOf')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', '(')

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: TypeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect e9a8a99a-6b96-4e70-b679-bfdf717aff1e / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 88ccbe93-a487-4708-8337-046ef13a6fe2 / got description=e9a8a99a-6b96-4e70-b679-bfdf717aff1e) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49073_test:ticket49073_test.py:96 update cn=002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config to add nsDS5ReplicatedAttributeListTotal
Failed tickets/ticket49104_test.py::test_ticket49104_setup 9.10
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031bb3ac0>

def test_ticket49104_setup(topology_st):
"""
Generate an ldif file having 10K entries and import it.
"""
# Generate a test ldif (100k entries)
ldif_dir = topology_st.standalone.get_ldif_dir()
import_ldif = ldif_dir + '/49104.ldif'
try:
> topology_st.standalone.buildLDIF(100000, import_ldif)

/export/tests/tickets/ticket49104_test.py:30:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031bb3e20>, num = 100000
ldif_file = '/var/lib/dirsrv/slapd-standalone1/ldif/49104.ldif'
suffix = 'dc=example,dc=com'

def buildLDIF(self, num, ldif_file, suffix='dc=example,dc=com'):
"""Generate a simple ldif file using the dbgen.pl script, and set the
ownership and permissions to match the user that the server runs as.

@param num - number of entries to create
@param ldif_file - ldif file name(including the path)
@suffix - DN of the parent entry in the ldif file
@return - nothing
@raise - OSError
"""
> raise Exception("Perl tools disabled on this system. Try dbgen py module.")
E Exception: Perl tools disabled on this system. Try dbgen py module.

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:3238: Exception
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket49192_test.py::test_ticket49192 11.65
topo = <lib389.topologies.TopologyMain object at 0x7fe0317376a0>

def test_ticket49192(topo):
"""Trigger deadlock when removing suffix
"""

#
# Create a second suffix/backend
#
log.info('Creating second backend...')
> topo.standalone.backends.create(None, properties={
BACKEND_NAME: "Second_Backend",
'suffix': "o=hang.com",
})

/export/tests/tickets/ticket49192_test.py:35:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1215: in create
return co.create(rdn, properties, self._basedn)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.backend.Backend object at 0x7fe031adebe0>, dn = None
properties = {'name': 'Second_Backend', 'suffix': 'o=hang.com'}
basedn = 'cn=ldbm database,cn=plugins,cn=config', create_mapping_tree = True

def create(self, dn=None, properties=None, basedn=DN_LDBM, create_mapping_tree=True):
"""Add a new backend entry, create mapping tree,
and, if requested, sample entries

:param dn: DN of the new entry
:type dn: str
:param properties: Attributes and parameters for the new entry
:type properties: dict
:param basedn: Base DN of the new entry
:type basedn: str
:param create_mapping_tree: If a related mapping tree node should be created
:type create_mapping_tree: bool

:returns: DSLdapObject of the created entry
"""

sample_entries = False
parent_suffix = False

# normalize suffix (remove spaces between comps)
if dn is not None:
dn_comps = ldap.dn.explode_dn(dn.lower())
dn = ",".join(dn_comps)

if properties is not None:
> suffix_dn = properties['nsslapd-suffix'].lower()
E KeyError: 'nsslapd-suffix'

/usr/local/lib/python3.9/site-packages/lib389/backend.py:611: KeyError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49192_test:ticket49192_test.py:34 Creating second backend...
Failed tickets/ticket49303_test.py::test_ticket49303 23.86
topo = <lib389.topologies.TopologyMain object at 0x7fe03198f100>

def test_ticket49303(topo):
"""
Test the nsTLSAllowClientRenegotiation setting.
"""
sslport = SECUREPORT_STANDALONE1

log.info("Ticket 49303 - Allow disabling of SSL renegotiation")

# No value set, defaults to reneg allowed
enable_ssl(topo.standalone, sslport)
> assert try_reneg(HOST_STANDALONE1, sslport) is True
E AssertionError: assert False is True
E + where False = try_reneg('LOCALHOST', 63601)

/export/tests/tickets/ticket49303_test.py:88: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49303_test:ticket49303_test.py:84 Ticket 49303 - Allow disabling of SSL renegotiation
Failed tickets/ticket49412_test.py::test_ticket49412 30.68
topo = <lib389.topologies.TopologyMain object at 0x7fe0315e8be0>

def test_ticket49412(topo):
"""Specify a test case purpose or name here

:id: 4c7681ff-0511-4256-9589-bdcad84c13e6
:setup: Fill in set up configuration here
:steps:
1. Fill in test case steps here
2. And indent them like this (RST format requirement)
:expectedresults:
1. Fill in the result that is expected
2. For each test step
"""

M1 = topo.ms["master1"]

# wrong call with invalid value (should be str(60)
# that create replace with NULL value
# it should fail with UNWILLING_TO_PERFORM
try:
> M1.modify_s(CHANGELOG, [(ldap.MOD_REPLACE, MAXAGE_ATTR, 60),
(ldap.MOD_REPLACE, TRIMINTERVAL, 10)])

/export/tests/tickets/ticket49412_test.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0319b36a0>
func = <built-in method result4 of LDAP object at 0x7fe031b731e0>
args = (39, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.NO_SUCH_OBJECT: {'msgtype': 103, 'msgid': 39, 'result': 32, 'desc': 'No such object', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: NO_SUCH_OBJECT
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for consumer1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39201, 'ldap-secureport': 63901, 'server-id': 'consumer1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:169 Joining consumer consumer1 from master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39201 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is NOT working (expect 53e17365-1e27-4530-8dbc-22436ee51845 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 is working INFO lib389.replica:replica.py:2268 SUCCESS: joined consumer from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 INFO lib389.topologies:topologies.py:174 Ensuring consumer consumer1 from master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39201 already exists
Failed tickets/ticket49463_test.py::test_ticket_49463 194.43
topo = <lib389.topologies.TopologyMain object at 0x7fe03170d2e0>

def test_ticket_49463(topo):
"""Specify a test case purpose or name here

:id: 2a68e8be-387d-4ac7-9452-1439e8483c13
:setup: Fill in set up configuration here
:steps:
1. Enable fractional replication
2. Enable replication logging
3. Check that replication is working fine
4. Generate skipped updates to create keep alive entries
5. Remove M3 from the topology
6. issue cleanAllRuv FORCE that will run on M1 then propagated M2 and M4
7. Check that Number DEL keep alive '3' is <= 1
8. Check M1 is the originator of cleanAllRuv and M2/M4 the propagated ones
9. Check replication M1,M2 and M4 can recover
10. Remove M4 from the topology
11. Issue cleanAllRuv not force while M2 is stopped (that hangs the cleanAllRuv)
12. Check that nsds5ReplicaCleanRUV is correctly encoded on M1 (last value: 1)
13. Check that nsds5ReplicaCleanRUV encoding survives M1 restart
14. Check that nsds5ReplicaCleanRUV encoding is valid on M2 (last value: 0)
15. Check that (for M4 cleanAllRUV) M1 is Originator and M2 propagation
:expectedresults:
1. No report of failure when the RUV is updated
"""

# Step 1 - Configure fractional (skip telephonenumber) replication
M1 = topo.ms["master1"]
M2 = topo.ms["master2"]
M3 = topo.ms["master3"]
M4 = topo.ms["master4"]
repl = ReplicationManager(DEFAULT_SUFFIX)
fractional_server_to_replica(M1, M2)
fractional_server_to_replica(M1, M3)
fractional_server_to_replica(M1, M4)

fractional_server_to_replica(M2, M1)
fractional_server_to_replica(M2, M3)
fractional_server_to_replica(M2, M4)

fractional_server_to_replica(M3, M1)
fractional_server_to_replica(M3, M2)
fractional_server_to_replica(M3, M4)

fractional_server_to_replica(M4, M1)
fractional_server_to_replica(M4, M2)
fractional_server_to_replica(M4, M3)

# Step 2 - enable internal op logging and replication debug
for i in (M1, M2, M3, M4):
i.config.loglevel(vals=[256 + 4], service='access')
i.config.loglevel(vals=[LOG_REPLICA, LOG_DEFAULT], service='error')

# Step 3 - Check that replication is working fine
add_user(M1, 11, desc="add to M1")
add_user(M2, 21, desc="add to M2")
add_user(M3, 31, desc="add to M3")
add_user(M4, 41, desc="add to M4")

for i in (M1, M2, M3, M4):
for j in (M1, M2, M3, M4):
if i == j:
continue
repl.wait_for_replication(i, j)

# Step 4 - Generate skipped updates to create keep alive entries
for i in (M1, M2, M3, M4):
cn = '%s_%d' % (USER_CN, 11)
dn = 'uid=%s,ou=People,%s' % (cn, SUFFIX)
users = UserAccount(i, dn)
for j in range(110):
users.set('telephoneNumber', str(j))

# Step 5 - Remove M3 from the topology
M3.stop()
M1.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)
M2.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)
M4.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)

# Step 6 - Then issue cleanAllRuv FORCE that will run on M1, M2 and M4
> M1.tasks.cleanAllRUV(suffix=SUFFIX, replicaid='3',
force=True, args={TASK_WAIT: True})

/export/tests/tickets/ticket49463_test.py:137:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7fe0318125e0>
suffix = 'dc=example,dc=com', replicaid = '3', force = True
args = {'wait': True}

def cleanAllRUV(self, suffix=None, replicaid=None, force=None, args=None):
'''
@param replicaid - The replica ID to remove/clean
@param force - True/False - Clean all the replicas, even if one is down
@param args - is a dictionary that contains modifier of the task
wait: True/[False] - If True, waits for the completion of the
task before to return
@return tuple (task dn, and the exit code)
@raise ValueError: If missing replicaid
'''

if not replicaid:
raise ValueError("Missing required paramter: replicaid")

if not suffix:
raise ValueError("Missing required paramter: suffix")

cn = 'task-' + time.strftime("%m%d%Y_%H%M%S", time.localtime())
dn = ('cn=%s,cn=cleanallruv,cn=tasks,cn=config' % cn)
entry = Entry(dn)
entry.setValues('objectclass', 'top', 'extensibleObject')
entry.setValues('cn', cn)
entry.setValues('replica-base-dn', suffix)
entry.setValues('replica-id', replicaid)
if force:
entry.setValues('replica-force-cleaning', 'yes')
# start the task and possibly wait for task completion
try:
self.conn.add_s(entry)
except ldap.ALREADY_EXISTS:
self.log.error("Fail to add cleanAllRUV task")
return (dn, -1)

exitCode = 0
if args and args.get(TASK_WAIT, False):
> (done, exitCode) = self.conn.tasks.checkTask(entry, True)
E ValueError: too many values to unpack (expected 2)

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:1411: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'master3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master4 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39004, 'ldap-secureport': 63704, 'server-id': 'master4', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect 31b778ec-9615-4698-a7e7-4f4a0b70ece1 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 3552a83c-ca3c-44bf-887d-562a4ba0d1a3 / got description=31b778ec-9615-4698-a7e7-4f4a0b70ece1) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:156 Joining master master3 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is NOT working (expect ed35f59b-b12f-4717-bd66-12ab510a3283 / got description=3552a83c-ca3c-44bf-887d-562a4ba0d1a3) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is NOT working (expect 1d2c0367-d196-4fbc-bcc6-697b746c6a28 / got description=ed35f59b-b12f-4717-bd66-12ab510a3283) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 INFO lib389.topologies:topologies.py:156 Joining master master4 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39004 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 is NOT working (expect 959a8073-8e57-4988-a3eb-0ed6ecdd4ff0 / got description=1d2c0367-d196-4fbc-bcc6-697b746c6a28) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 is NOT working (expect b75430c0-a810-4df2-ae87-6c0273282da9 / got description=959a8073-8e57-4988-a3eb-0ed6ecdd4ff0) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master4 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master4 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39004 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master4 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39004 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master4 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master4 to master2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39002 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master4 to master3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39003 is was created
-------------------------------Captured log call--------------------------------
INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39003 already exists INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect 9db18d3a-6357-4a9d-bb0b-a92204a24900 / got description=b75430c0-a810-4df2-ae87-6c0273282da9) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is NOT working (expect e8557e4d-ba00-49d2-9d9c-4d2607c01532 / got description=9db18d3a-6357-4a9d-bb0b-a92204a24900) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 is NOT working (expect 19713175-b2b3-47f5-b496-2938eef2b8de / got description=e8557e4d-ba00-49d2-9d9c-4d2607c01532) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect ee76511e-306e-468a-bafd-092b359367af / got description=19713175-b2b3-47f5-b496-2938eef2b8de) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect ee76511e-306e-468a-bafd-092b359367af / got description=19713175-b2b3-47f5-b496-2938eef2b8de) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect ee76511e-306e-468a-bafd-092b359367af / got description=19713175-b2b3-47f5-b496-2938eef2b8de) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect ee76511e-306e-468a-bafd-092b359367af / got description=19713175-b2b3-47f5-b496-2938eef2b8de) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 is NOT working (expect 2364b73b-8bee-4be2-adbc-7c933b333070 / got description=ee76511e-306e-468a-bafd-092b359367af) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39004 is NOT working (expect 04c324b4-0b03-4d05-9523-8ce7387628fa / got description=2364b73b-8bee-4be2-adbc-7c933b333070) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is NOT working (expect 8064fcb1-b88c-4c0d-a3f8-b98a31699f1d / got description=04c324b4-0b03-4d05-9523-8ce7387628fa) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 is NOT working (expect 61b4db57-983b-4b1c-b8b0-c8de66aaee37 / got description=8064fcb1-b88c-4c0d-a3f8-b98a31699f1d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39004 is NOT working (expect 6462ba1d-1e42-4d8c-99fa-8b996f2928c9 / got description=61b4db57-983b-4b1c-b8b0-c8de66aaee37) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 is NOT working (expect fdbd8b06-fbad-4c68-a12d-7188dc48b8a0 / got description=6462ba1d-1e42-4d8c-99fa-8b996f2928c9) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39002 is NOT working (expect 9ad0a4b9-9a78-4301-815d-3238cc67a2a5 / got description=fdbd8b06-fbad-4c68-a12d-7188dc48b8a0) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39003 is NOT working (expect 8aa55715-c521-43aa-b46e-9a01bc02d729 / got description=9ad0a4b9-9a78-4301-815d-3238cc67a2a5) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39004 to ldap://host-10-0-139-83:39003 is working INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed
Failed tickets/ticket50232_test.py::test_ticket50232_normal 10.23
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03133e3a0>

def test_ticket50232_normal(topology_st):
"""
The fix for ticket 50232


The test sequence is:
- create suffix
- add suffix entry and some child entries
- "normally" done after populating suffix: enable replication
- get RUV and database generation
- export -r
- import
- get RUV and database generation
- assert database generation has not changed
"""

log.info('Testing Ticket 50232 - export creates not imprtable ldif file, normal creation order')

topology_st.standalone.backend.create(NORMAL_SUFFIX, {BACKEND_NAME: NORMAL_BACKEND_NAME})
topology_st.standalone.mappingtree.create(NORMAL_SUFFIX, bename=NORMAL_BACKEND_NAME, parent=None)

_populate_suffix(topology_st.standalone, NORMAL_BACKEND_NAME)

repl = ReplicationManager(DEFAULT_SUFFIX)
> repl._ensure_changelog(topology_st.standalone)

/export/tests/tickets/ticket50232_test.py:113:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe03133ea00>
func = <built-in method result4 of LDAP object at 0x7fe0312c7a50>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 13, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:backend.py:80 List backend with suffix=o=normal INFO lib389:backend.py:290 Creating a local backend INFO lib389:backend.py:76 List backend cn=normal,cn=ldbm database,cn=plugins,cn=config INFO lib389:__init__.py:1715 Found entry dn: cn=normal,cn=ldbm database,cn=plugins,cn=config cn: normal nsslapd-cachememsize: 512000 nsslapd-cachesize: -1 nsslapd-directory: /var/lib/dirsrv/slapd-standalone1/db/normal nsslapd-dncachememsize: 16777216 nsslapd-readonly: off nsslapd-require-index: off nsslapd-require-internalop-index: off nsslapd-suffix: o=normal objectClass: top objectClass: extensibleObject objectClass: nsBackendInstance INFO lib389:mappingTree.py:153 Entry dn: cn="o=normal",cn=mapping tree,cn=config cn: o=normal nsslapd-backend: normal nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree INFO lib389:__init__.py:1715 Found entry dn: cn=o\3Dnormal,cn=mapping tree,cn=config cn: o=normal nsslapd-backend: normal nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree
Failed tickets/ticket50232_test.py::test_ticket50232_reverse 3.05
topology_st = <lib389.topologies.TopologyMain object at 0x7fe03133e3a0>

def test_ticket50232_reverse(topology_st):
"""
The fix for ticket 50232


The test sequence is:
- create suffix
- enable replication before suffix enztry is added
- add suffix entry and some child entries
- get RUV and database generation
- export -r
- import
- get RUV and database generation
- assert database generation has not changed
"""

log.info('Testing Ticket 50232 - export creates not imprtable ldif file, normal creation order')

#
# Setup Replication
#
log.info('Setting up replication...')
repl = ReplicationManager(DEFAULT_SUFFIX)
# repl.create_first_master(topology_st.standalone)
#
# enable dynamic plugins, memberof and retro cl plugin
#
topology_st.standalone.backend.create(REVERSE_SUFFIX, {BACKEND_NAME: REVERSE_BACKEND_NAME})
topology_st.standalone.mappingtree.create(REVERSE_SUFFIX, bename=REVERSE_BACKEND_NAME, parent=None)

> _enable_replica(topology_st.standalone, REVERSE_SUFFIX)

/export/tests/tickets/ticket50232_test.py:155:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket50232_test.py:35: in _enable_replica
repl._ensure_changelog(instance)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:175: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe03133ea00>
func = <built-in method result4 of LDAP object at 0x7fe0312c7a50>
args = (22, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 22, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log call--------------------------------
INFO lib389:backend.py:80 List backend with suffix=o=reverse INFO lib389:backend.py:290 Creating a local backend INFO lib389:backend.py:76 List backend cn=reverse,cn=ldbm database,cn=plugins,cn=config INFO lib389:__init__.py:1715 Found entry dn: cn=reverse,cn=ldbm database,cn=plugins,cn=config cn: reverse nsslapd-cachememsize: 512000 nsslapd-cachesize: -1 nsslapd-directory: /var/lib/dirsrv/slapd-standalone1/db/reverse nsslapd-dncachememsize: 16777216 nsslapd-readonly: off nsslapd-require-index: off nsslapd-require-internalop-index: off nsslapd-suffix: o=reverse objectClass: top objectClass: extensibleObject objectClass: nsBackendInstance INFO lib389:mappingTree.py:153 Entry dn: cn="o=reverse",cn=mapping tree,cn=config cn: o=reverse nsslapd-backend: reverse nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree INFO lib389:__init__.py:1715 Found entry dn: cn=o\3Dreverse,cn=mapping tree,cn=config cn: o=reverse nsslapd-backend: reverse nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree
Failed tickets/ticket548_test.py::test_ticket548_test_with_no_policy 9.25
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031942040>

def test_ticket548_test_with_no_policy(topology_st):
"""
Check shadowAccount under no password policy
"""
log.info("Case 1. No password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

log.info('Add an entry' + USER1_DN)
try:
topology_st.standalone.add_s(
Entry((USER1_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '1',
'cn': 'user 1',
'uid': 'user1',
'givenname': 'user',
'mail': 'user1@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER1_DN + ': error ' + e.message['desc'])
assert False

edate = int(time.time() / (60 * 60 * 24))
log.info('Search entry %s' % USER1_DN)

log.info("Bind as %s" % USER1_DN)
topology_st.standalone.simple_bind_s(USER1_DN, USER_PW)
> entry = topology_st.standalone.getEntry(USER1_DN, ldap.SCOPE_BASE, "(objectclass=*)", ['shadowLastChange'])

/export/tests/tickets/ticket548_test.py:211:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
args = ('uid=user1,dc=example,dc=com', 0, '(objectclass=*)', ['shadowLastChange'])
kwargs = {}, res = 6, restype = 101, obj = []

def getEntry(self, *args, **kwargs):
"""Wrapper around SimpleLDAPObject.search. It is common to just get
one entry.
@param - entry dn
@param - search scope, in ldap.SCOPE_BASE (default),
ldap.SCOPE_SUB, ldap.SCOPE_ONE
@param filterstr - filterstr, default '(objectClass=*)' from
SimpleLDAPObject
@param attrlist - list of attributes to retrieve. eg ['cn', 'uid']
@oaram attrsonly - default None from SimpleLDAPObject
eg. getEntry(dn, scope, filter, attributes)

XXX This cannot return None
"""
self.log.debug("Retrieving entry with %r", [args])
if len(args) == 1 and 'scope' not in kwargs:
args += (ldap.SCOPE_BASE, )

res = self.search(*args, **kwargs)
restype, obj = self.result(res)
# TODO: why not test restype?
if not obj:
> raise NoSuchEntryError("no such entry for %r", [args])
E lib389.exceptions.NoSuchEntryError: ('no such entry for %r', [('uid=user1,dc=example,dc=com', 0, '(objectclass=*)', ['shadowLastChange'])])

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1702: NoSuchEntryError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket548_test.py::test_ticket548_test_global_policy 0.46
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031942040>

def test_ticket548_test_global_policy(topology_st):
"""
Check shadowAccount with global password policy
"""

log.info("Case 2. Check shadowAccount with global password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

set_global_pwpolicy(topology_st)

log.info('Add an entry' + USER2_DN)
try:
topology_st.standalone.add_s(
Entry((USER2_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '2',
'cn': 'user 2',
'uid': 'user2',
'givenname': 'user',
'mail': 'user2@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER2_DN + ': error ' + e.message['desc'])
assert False

edate = int(time.time() / (60 * 60 * 24))

log.info("Bind as %s" % USER1_DN)
topology_st.standalone.simple_bind_s(USER1_DN, USER_PW)

log.info('Search entry %s' % USER1_DN)
> entry = topology_st.standalone.getEntry(USER1_DN, ldap.SCOPE_BASE, "(objectclass=*)")

/export/tests/tickets/ticket548_test.py:249:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
args = ('uid=user1,dc=example,dc=com', 0, '(objectclass=*)'), kwargs = {}
res = 15, restype = 101, obj = []

def getEntry(self, *args, **kwargs):
"""Wrapper around SimpleLDAPObject.search. It is common to just get
one entry.
@param - entry dn
@param - search scope, in ldap.SCOPE_BASE (default),
ldap.SCOPE_SUB, ldap.SCOPE_ONE
@param filterstr - filterstr, default '(objectClass=*)' from
SimpleLDAPObject
@param attrlist - list of attributes to retrieve. eg ['cn', 'uid']
@oaram attrsonly - default None from SimpleLDAPObject
eg. getEntry(dn, scope, filter, attributes)

XXX This cannot return None
"""
self.log.debug("Retrieving entry with %r", [args])
if len(args) == 1 and 'scope' not in kwargs:
args += (ldap.SCOPE_BASE, )

res = self.search(*args, **kwargs)
restype, obj = self.result(res)
# TODO: why not test restype?
if not obj:
> raise NoSuchEntryError("no such entry for %r", [args])
E lib389.exceptions.NoSuchEntryError: ('no such entry for %r', [('uid=user1,dc=example,dc=com', 0, '(objectclass=*)')])

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1702: NoSuchEntryError
Failed tickets/ticket548_test.py::test_ticket548_test_subtree_policy 3.93
topology_st = <lib389.topologies.TopologyMain object at 0x7fe031942040>
user = 'uid=user3,dc=example,dc=com', passwd = 'password'
newpasswd = 'password0'

def update_passwd(topology_st, user, passwd, newpasswd):
log.info(" Bind as {%s,%s}" % (user, passwd))
topology_st.standalone.simple_bind_s(user, passwd)
try:
> topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])

/export/tests/tickets/ticket548_test.py:160:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user3,dc=example,dc=com', [(2, 'userpassword', b'password0')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7fe031482a40, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 179,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x56144f332a10, file '/export/tests/tickets/ticket548_test.py', line 164, code update_passwd...[" topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
dn = 'uid=user3,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user3,dc=example,dc=com', [(2, 'userpassword', b'password0')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
dn = 'uid=user3,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (34,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>, msgid = 34, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (34, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>, msgid = 34, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7fe031b55930>, 34, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
func = <built-in method result4 of LDAP object at 0x7fe031b55930>
args = (34, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 34, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user3,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7fe032e7a480>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe031942460>
func = <built-in method result4 of LDAP object at 0x7fe031b55930>
args = (34, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 34, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user3,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031942040>

def test_ticket548_test_subtree_policy(topology_st):
"""
Check shadowAccount with subtree level password policy
"""

log.info("Case 3. Check shadowAccount with subtree level password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
# Check the global policy values

set_subtree_pwpolicy(topology_st, 2, 20, 6)

log.info('Add an entry' + USER3_DN)
try:
topology_st.standalone.add_s(
Entry((USER3_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '3',
'cn': 'user 3',
'uid': 'user3',
'givenname': 'user',
'mail': 'user3@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER3_DN + ': error ' + e.message['desc'])
assert False

log.info('Search entry %s' % USER3_DN)
entry0 = topology_st.standalone.getEntry(USER3_DN, ldap.SCOPE_BASE, "(objectclass=*)")

log.info('Expecting shadowLastChange 0 since passwordMustChange is on')
check_shadow_attr_value(entry0, 'shadowLastChange', 0, USER3_DN)

# passwordMinAge -- 2 day
check_shadow_attr_value(entry0, 'shadowMin', 2, USER3_DN)

# passwordMaxAge -- 20 days
check_shadow_attr_value(entry0, 'shadowMax', 20, USER3_DN)

# passwordWarning -- 6 days
check_shadow_attr_value(entry0, 'shadowWarning', 6, USER3_DN)

log.info("Bind as %s" % USER3_DN)
topology_st.standalone.simple_bind_s(USER3_DN, USER_PW)

log.info('Search entry %s' % USER3_DN)
try:
entry1 = topology_st.standalone.getEntry(USER3_DN, ldap.SCOPE_BASE, "(objectclass=*)")
except ldap.UNWILLING_TO_PERFORM:
log.info('test_ticket548: Search by' + USER3_DN + ' failed by UNWILLING_TO_PERFORM as expected')
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to serch user' + USER3_DN + ' by self: error ' + e.message['desc'])
assert False

log.info("Bind as %s and updating the password with a new one" % USER3_DN)
topology_st.standalone.simple_bind_s(USER3_DN, USER_PW)

# Bind as DM again, change policy
log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

set_subtree_pwpolicy(topology_st, 4, 40, 12)

newpasswd = USER_PW + '0'
> update_passwd(topology_st, USER3_DN, USER_PW, newpasswd)

/export/tests/tickets/ticket548_test.py:372:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7fe031942040>
user = 'uid=user3,dc=example,dc=com', passwd = 'password'
newpasswd = 'password0'

def update_passwd(topology_st, user, passwd, newpasswd):
log.info(" Bind as {%s,%s}" % (user, passwd))
topology_st.standalone.simple_bind_s(user, passwd)
try:
topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])
except ldap.LDAPError as e:
> log.fatal('test_ticket548: Failed to update the password ' + cpw + ' of user ' + user + ': error ' + e.message[
'desc'])
E NameError: name 'cpw' is not defined

/export/tests/tickets/ticket548_test.py:162: NameError
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_targattrfilters_18] 9.19
topo = <lib389.topologies.TopologyMain object at 0x7fe045136670>
real_value = '(target = ldap:///cn=Jeff Vedder,ou=Product Development,dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of ...3123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_targattrfilters_20] 0.09
topo = <lib389.topologies.TopologyMain object at 0x7fe045136670>
real_value = '(target = ldap:///cn=Jeff Vedder,ou=Product Development,dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of the ACI"; deny(write)userdns="ldap:///anyone";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_bind_rule_set_with_more_than_three] 0.08
topo = <lib389.topologies.TopologyMain object at 0x7fe045136670>
real_value = '(target = ldap:///dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of the ACI"; deny absolute (all)userdn="ldap:////////anyone";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
XFailed suites/acl/userattr_test.py::test_mod_see_also_positive[(LEVEL_3, CHILDREN)] 0.15
topo = <lib389.topologies.TopologyMain object at 0x7fe04476f9a0>
_add_user = None, user = 'uid=Grandparent,ou=Inheritance,dc=example,dc=com'
entry = 'ou=CHILDREN,ou=PARENTS,ou=GRANDPARENTS,ou=ANCESTORS,ou=Inheritance,dc=example,dc=com'

@pytest.mark.parametrize("user,entry", [
(CAN, ROLEDNACCESS),
(CAN, USERDNACCESS),
(CAN, GROUPDNACCESS),
(CAN, LDAPURLACCESS),
(CAN, ATTRNAMEACCESS),
(LEVEL_0, OU_2),
(LEVEL_1, ANCESTORS),
(LEVEL_2, GRANDPARENTS),
(LEVEL_4, OU_2),
(LEVEL_4, ANCESTORS),
(LEVEL_4, GRANDPARENTS),
(LEVEL_4, PARENTS),
(LEVEL_4, CHILDREN),
pytest.param(LEVEL_3, CHILDREN, marks=pytest.mark.xfail(reason="May be some bug")),
], ids=[
"(CAN,ROLEDNACCESS)",
"(CAN,USERDNACCESS)",
"(CAN,GROUPDNACCESS)",
"(CAN,LDAPURLACCESS)",
"(CAN,ATTRNAMEACCESS)",
"(LEVEL_0, OU_2)",
"(LEVEL_1,ANCESTORS)",
"(LEVEL_2,GRANDPARENTS)",
"(LEVEL_4,OU_2)",
"(LEVEL_4, ANCESTORS)",
"(LEVEL_4,GRANDPARENTS)",
"(LEVEL_4,PARENTS)",
"(LEVEL_4,CHILDREN)",
"(LEVEL_3, CHILDREN)"
])
def test_mod_see_also_positive(topo, _add_user, user, entry):
"""
Try to set seeAlso on entry with binding specific user, it will success
as per the ACI.

:id: 65745426-7a01-11e8-8ac2-8c16451d917b
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
conn = UserAccount(topo.standalone, user).bind(PW_DM)
> UserAccount(conn, entry).replace('seeAlso', 'cn=1')

suites/acl/userattr_test.py:216:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:179: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7fe0447ff0d0>
func = <built-in method result4 of LDAP object at 0x7fe0441c8b40>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 5, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=children,ou=parents,ou=grandparents,ou=ancestors,ou=inheritance,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
XFailed suites/config/config_test.py::test_defaultnamingcontext_1 0.32
topo = <lib389.topologies.TopologyMain object at 0x7fe042d85100>

@pytest.mark.xfail(reason="This may fail due to bug 1610234")
def test_defaultnamingcontext_1(topo):
"""This test case should be part of function test_defaultnamingcontext
Please move it back after we have a fix for bug 1610234
"""
log.info("Remove the original suffix which is currently nsslapd-defaultnamingcontext"
"and check nsslapd-defaultnamingcontext become empty.")

""" Please remove these declarations after moving the test
to function test_defaultnamingcontext
"""
backends = Backends(topo.standalone)
test_db2 = 'test2_db'
test_suffix2 = 'dc=test2,dc=com'
b2 = backends.create(properties={'cn': test_db2,
'nsslapd-suffix': test_suffix2})
b2.delete()
> assert topo.standalone.config.get_attr_val_utf8('nsslapd-defaultnamingcontext') == ' '
E AssertionError: assert 'dc=example,dc=com' == ' '
E Strings contain only whitespace, escaping them using repr()
E - ' '
E + 'dc=example,dc=com'

suites/config/config_test.py:280: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.config.config_test:config_test.py:268 Remove the original suffix which is currently nsslapd-defaultnamingcontextand check nsslapd-defaultnamingcontext become empty.
XFailed suites/export/export_test.py::test_dbtasks_db2ldif_with_non_accessible_ldif_file_path_output 3.69
topo = <lib389.topologies.TopologyMain object at 0x7fe033bb6940>

@pytest.mark.bz1860291
@pytest.mark.xfail(reason="bug 1860291")
@pytest.mark.skipif(ds_is_older("1.3.10", "1.4.2"), reason="Not implemented")
def test_dbtasks_db2ldif_with_non_accessible_ldif_file_path_output(topo):
"""Export with db2ldif, giving a ldif file path which can't be accessed by the user (dirsrv by default)

:id: fcc63387-e650-40a7-b643-baa68c190037
:setup: Standalone Instance - entries imported in the db
:steps:
1. Stop the server
2. Launch db2ldif with a non accessible ldif file path
3. check the error reported in the command output
:expected results:
1. Operation successful
2. Operation properly fails
3. An clear error message is reported as output of the cli
"""
export_ldif = '/tmp/nonexistent/export.ldif'

log.info("Stopping the instance...")
topo.standalone.stop()

log.info("Performing an offline export to a non accessible ldif file path - should fail and output a clear error message")
expected_output="No such file or directory"
> run_db2ldif_and_clear_logs(topo, topo.standalone, DEFAULT_BENAME, export_ldif, expected_output)

suites/export/export_test.py:150:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7fe033bb6940>
instance = <lib389.DirSrv object at 0x7fe033b45bb0>, backend = 'userRoot'
ldif = '/tmp/nonexistent/export.ldif', output_msg = 'No such file or directory'
encrypt = False, repl = False

def run_db2ldif_and_clear_logs(topology, instance, backend, ldif, output_msg, encrypt=False, repl=False):
args = FakeArgs()
args.instance = instance.serverid
args.backend = backend
args.encrypted = encrypt
args.replication = repl
args.ldif = ldif

dbtasks_db2ldif(instance, topology.logcap.log, args)

log.info('checking output msg')
if not topology.logcap.contains(output_msg):
log.error('The output message is not the expected one')
> assert False
E assert False

suites/export/export_test.py:36: AssertionError
------------------------------Captured stderr call------------------------------
ldiffile: /tmp/nonexistent/export.ldif
-------------------------------Captured log call--------------------------------
INFO lib389.utils:export_test.py:145 Stopping the instance... INFO lib389.utils:export_test.py:148 Performing an offline export to a non accessible ldif file path - should fail and output a clear error message CRITICAL LogCapture:dbtasks.py:41 db2ldif failed INFO lib389.utils:export_test.py:33 checking output msg ERROR lib389.utils:export_test.py:35 The output message is not the expected one
XFailed suites/healthcheck/healthcheck_test.py::test_healthcheck_unable_to_query_backend 1.66
topology_st = <lib389.topologies.TopologyMain object at 0x7fe0331f0820>

@pytest.mark.ds50873
@pytest.mark.bz1796343
@pytest.mark.skipif(ds_is_older("1.4.1"), reason="Not implemented")
@pytest.mark.xfail(reason="Will fail because of bz1837315. Set proper version after bug is fixed")
def test_healthcheck_unable_to_query_backend(topology_st):
"""Check if HealthCheck returns DSBLE0002 code

:id: 716b1ff1-94bd-4780-98b8-96ff8ef21e30
:setup: Standalone instance
:steps:
1. Create DS instance
2. Create a new root suffix and database
3. Disable new suffix
4. Use HealthCheck without --json option
5. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Success
4. HealthCheck should return code DSBLE0002
5. HealthCheck should return code DSBLE0002
"""

RET_CODE = 'DSBLE0002'
NEW_SUFFIX = 'dc=test,dc=com'
NEW_BACKEND = 'userData'

standalone = topology_st.standalone

log.info('Create new suffix')
backends = Backends(standalone)
backends.create(properties={
'cn': NEW_BACKEND,
'nsslapd-suffix': NEW_SUFFIX,
})

log.info('Disable the newly created suffix')
mts = MappingTrees(standalone)
mt_new = mts.get(NEW_SUFFIX)
mt_new.replace('nsslapd-state', 'disabled')

run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)
run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=True)

log.info('Enable the suffix again and check if nothing is broken')
mt_new.replace('nsslapd-state', 'backend')
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/healthcheck_test.py:453:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7fe0331f0820>
instance = <lib389.DirSrv object at 0x7fe0330d2be0>, searched_code = 'DSBLE0002'
json = False, searched_code2 = None, list_checks = False, list_errors = False
check = None, searched_list = None

def run_healthcheck_and_flush_log(topology, instance, searched_code=None, json=False, searched_code2=None,
list_checks=False, list_errors=False, check=None, searched_list=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = list_errors
args.list_checks = list_checks
args.check = check
args.dry_run = False
args.json = json

log.info('Use healthcheck with --json == {} option'.format(json))
health_check_run(instance, topology.logcap.log, args)

if searched_list is not None:
for item in searched_list:
assert topology.logcap.contains(item)
log.info('Healthcheck returned searched item: %s' % item)
else:
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSBLE0002')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7fe0331f0820>.logcap

suites/healthcheck/healthcheck_test.py:49: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking backends:userdata:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userdata:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userdata:search ... INFO LogCapture:health.py:99 Checking backends:userdata:virt_attrs ... INFO LogCapture:health.py:99 Checking backends:userroot:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userroot:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userroot:search ... INFO LogCapture:health.py:99 Checking backends:userroot:virt_attrs ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:99 Checking refint:attr_indexes ... INFO LogCapture:health.py:99 Checking refint:update_delay ... INFO LogCapture:health.py:99 Checking monitor-disk-space:disk_space ... INFO LogCapture:health.py:99 Checking replication:agmts_status ... INFO LogCapture:health.py:99 Checking replication:conflicts ... INFO LogCapture:health.py:99 Checking dseldif:nsstate ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking logs:notes ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 4 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSBLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: backends:userdata:mappingtree INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- userdata INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 This backend may be missing the correct mapping tree references. Mapping Trees allow the directory server to determine which backend an operation is routed to in the abscence of other information. This is extremely important for correct functioning of LDAP ADD for example. A correct Mapping tree for this backend must contain the suffix name, the database name and be a backend type. IE: cn=o3Dexample,cn=mapping tree,cn=config cn: o=example nsslapd-backend: userRoot nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Either you need to create the mapping tree, or you need to repair the related mapping tree. You will need to do this by hand by editing cn=config, or stopping the instance and editing dse.ldif. INFO LogCapture:health.py:45 [2] DS Lint Error: DSBLE0002 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: HIGH INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 26, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\n'}) INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Check the server's error and access logs for more information. INFO LogCapture:health.py:45 [3] DS Lint Error: DSBLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: backends:userdata:mappingtree INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- userdata INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 This backend may be missing the correct mapping tree references. Mapping Trees allow the directory server to determine which backend an operation is routed to in the abscence of other information. This is extremely important for correct functioning of LDAP ADD for example. A correct Mapping tree for this backend must contain the suffix name, the database name and be a backend type. IE: cn=o3Dexample,cn=mapping tree,cn=config cn: o=example nsslapd-backend: userRoot nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Either you need to create the mapping tree, or you need to repair the related mapping tree. You will need to do this by hand by editing cn=config, or stopping the instance and editing dse.ldif. INFO LogCapture:health.py:45 [4] DS Lint Error: DSBLE0002 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: HIGH INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 26, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\n'}) INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Check the server's error and access logs for more information. INFO LogCapture:health.py:124 ===== End Of Report (4 Issues found) ===== INFO LogCapture:health.py:126 [ { "dsle": "DSBLE0001", "severity": "MEDIUM", "description": "Possibly incorrect mapping tree.", "items": [ "userdata" ], "detail": "This backend may be missing the correct mapping tree references. Mapping Trees allow\nthe directory server to determine which backend an operation is routed to in the\nabscence of other information. This is extremely important for correct functioning\nof LDAP ADD for example.\n\nA correct Mapping tree for this backend must contain the suffix name, the database name\nand be a backend type. IE:\n\ncn=o3Dexample,cn=mapping tree,cn=config\ncn: o=example\nnsslapd-backend: userRoot\nnsslapd-state: backend\nobjectClass: top\nobjectClass: extensibleObject\nobjectClass: nsMappingTree\n\n", "fix": "Either you need to create the mapping tree, or you need to repair the related\nmapping tree. You will need to do this by hand by editing cn=config, or stopping\nthe instance and editing dse.ldif.\n", "check": "backends:userdata:mappingtree" }, { "dsle": "DSBLE0002", "severity": "HIGH", "description": "Unable to query backend.", "items": [ "dc=test,dc=com" ], "detail": "Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 26, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\\n'})", "fix": "Check the server's error and access logs for more information.", "check": "backends:userdata:search" }, { "dsle": "DSBLE0001", "severity": "MEDIUM", "description": "Possibly incorrect mapping tree.", "items": [ "userdata" ], "detail": "This backend may be missing the correct mapping tree references. Mapping Trees allow\nthe directory server to determine which backend an operation is routed to in the\nabscence of other information. This is extremely important for correct functioning\nof LDAP ADD for example.\n\nA correct Mapping tree for this backend must contain the suffix name, the database name\nand be a backend type. IE:\n\ncn=o3Dexample,cn=mapping tree,cn=config\ncn: o=example\nnsslapd-backend: userRoot\nnsslapd-state: backend\nobjectClass: top\nobjectClass: extensibleObject\nobjectClass: nsMappingTree\n\n", "fix": "Either you need to create the mapping tree, or you need to repair the related\nmapping tree. You will need to do this by hand by editing cn=config, or stopping\nthe instance and editing dse.ldif.\n", "check": "backends:userdata:mappingtree" }, { "dsle": "DSBLE0002", "severity": "HIGH", "description": "Unable to query backend.", "items": [ "dc=test,dc=com" ], "detail": "Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 26, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\\n'})", "fix": "Check the server's error and access logs for more information.", "check": "backends:userdata:search" } ] INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking backends:userdata:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userdata:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userdata:search ... INFO LogCapture:health.py:99 Checking backends:userdata:virt_attrs ... INFO LogCapture:health.py:99 Checking backends:userroot:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userroot:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userroot:search ... INFO LogCapture:health.py:99 Checking backends:userroot:virt_attrs ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:99 Checking refint:attr_indexes ... INFO LogCapture:health.py:99 Checking refint:update_delay ... INFO LogCapture:health.py:99 Checking monitor-disk-space:disk_space ... INFO LogCapture:health.py:99 Checking replication:agmts_status ... INFO LogCapture:health.py:99 Checking replication:conflicts ... INFO LogCapture:health.py:99 Checking dseldif:nsstate ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking logs:notes ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 2 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSBLE0003 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: LOW INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The backend database has not been initialized yet INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 You need to import an LDIF file, or create the suffix entry, in order to initialize the database. INFO LogCapture:health.py:45 [2] DS Lint Error: DSBLE0003 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: LOW INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The backend database has not been initialized yet INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 You need to import an LDIF file, or create the suffix entry, in order to initialize the database. INFO LogCapture:health.py:124 ===== End Of Report (2 Issues found) =====
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_memberof_groups 8.99
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7fe03345c820>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032d8d430>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7fe03345ca60>

def test_memberof_groups(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with memberOf and groups

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb3
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Enable memberOf plugin
2. Add 30 users to m1 and wait for replication to happen
3. Pause replication
4. Create a group on m1 and m2
5. Create a group on m1 and m2, delete from m1
6. Create a group on m1, delete from m1, and create on m2,
7. Create a group on m2 and m1, delete from m1
8. Create two different groups on m2
9. Resume replication
10. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:402: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_managed_entries 0.08
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7fe032d99640>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032d8d430>

def test_managed_entries(self, topology_m2):
"""Check that conflict properly resolved for operations
with managed entries

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb4
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Create ou=managed_users and ou=managed_groups under test container
2. Configure managed entries plugin and add a template to test container
3. Add a user to m1 and wait for replication to happen
4. Pause replication
5. Create a user on m1 and m2 with a same group ID on both master
6. Create a user on m1 and m2 with a different group ID on both master
7. Resume replication
8. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:493: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoMasters::test_nested_entries_with_children 7.17
self = <tests.suites.replication.conflict_resolve_test.TestTwoMasters object at 0x7fe032e43040>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7fe032d8d430>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7fe032e43370>

def test_nested_entries_with_children(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb5
:setup: Two master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create parent-child on master2 and master1
4. Create parent-child on master1 and master2
5. Create parent-child on master1 and master2 different child rdn
6. Create parent-child on master1 and delete parent on master2
7. Create parent on master1, delete it and parent-child on master2, delete them
8. Create parent on master1, delete it and parent-two children on master2
9. Create parent-two children on master1 and parent-child on master2, delete them
10. Create three subsets inside existing container entry, applying only part of changes on m2
11. Create more combinations of the subset with parent-child on m1 and parent on m2
12. Delete container on m1, modify user1 on m1, create parent on m2 and modify user2 on m2
13. Resume replication
14. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
11. It should pass
12. It should pass
13. It should pass
14. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:584: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestThreeMasters::test_nested_entries 68.61
self = <tests.suites.replication.conflict_resolve_test.TestThreeMasters object at 0x7fe032d999a0>
topology_m3 = <lib389.topologies.TopologyMain object at 0x7fe032d99250>
base_m3 = <lib389.idm.nscontainer.nsContainer object at 0x7fe03390cd90>

def test_nested_entries(self, topology_m3, base_m3):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb6
:setup: Three master replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create two child entries under each of two entries
4. Create three child entries under each of three entries
5. Create two parents on m1 and m2, then on m1 - create a child and delete one parent,
on m2 - delete one parent and create a child
6. Test a few more parent-child combinations with three instances
7. Resume replication
8. Check that the entries on both masters are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:968: XFailed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'master3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect f32eba0f-934e-4c22-ba3b-3800be6c491d / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect 6930dfbe-b833-460a-82d6-50a4364a2f9f / got description=f32eba0f-934e-4c22-ba3b-3800be6c491d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:156 Joining master master3 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is NOT working (expect 8f75742d-3e7d-44fc-bd19-2c280cbbb7a7 / got description=6930dfbe-b833-460a-82d6-50a4364a2f9f) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is NOT working (expect 9f8c9b83-4214-4ed1-b082-55b351c8f2d0 / got description=8f75742d-3e7d-44fc-bd19-2c280cbbb7a7) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master3 to master2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39003 to ldap://host-10-0-139-83:39002 is was created
XFailed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.15
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_add(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf94
:parametrized: yes
:setup: standalone instance
:steps:
1. Use a value that is too small
2. Use a value that is too big
3. Use a value that overflows the int
4. Use a value with character value (not a number)
5. Use a valid value
:expectedresults:
1. Add is rejected
2. Add is rejected
3. Add is rejected
4. Add is rejected
5. Add is allowed
"""

agmt_reset(topo)
replica = replica_setup(topo)

agmts = Agreements(topo.standalone, basedn=replica.dn)

# Test too small
perform_invalid_create(agmts, agmt_dict, attr, too_small)
# Test too big
> perform_invalid_create(agmts, agmt_dict, attr, too_big)

suites/replication/replica_config_test.py:217:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

many = <lib389.agreement.Agreements object at 0x7fe033a1bf10>
properties = {'cn': 'test_agreement', 'nsDS5ReplicaBindDN': 'uid=tester', 'nsDS5ReplicaBindMethod': 'SIMPLE', 'nsDS5ReplicaHost': 'localhost.localdomain', ...}
attr = 'nsds5ReplicaPort', value = '65535'

def perform_invalid_create(many, properties, attr, value):
my_properties = copy.deepcopy(properties)
my_properties[attr] = value
with pytest.raises(ldap.LDAPError) as ei:
> many.create(properties=my_properties)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:108: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.26
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
> perform_invalid_modify(agmt, attr, too_small)

suites/replication/replica_config_test.py:253:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe033498b20>
attr = 'nsds5ReplicaPort', value = '0'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.26
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaTimeout', too_small = '-1', too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe0329920d0>
attr = 'nsds5ReplicaTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.26
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaBusyWaitTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe032e17340>
attr = 'nsds5ReplicaBusyWaitTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaSessionPauseTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe032f96370>
attr = 'nsds5ReplicaSessionPauseTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.26
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaFlowControlWindow', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe0454d1df0>
attr = 'nsds5ReplicaFlowControlWindow', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaFlowControlPause', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe032e436a0>
attr = 'nsds5ReplicaFlowControlPause', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
topo = <lib389.topologies.TopologyMain object at 0x7fe0330546d0>
attr = 'nsds5ReplicaProtocolTimeout', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7fe0331eea60>
attr = 'nsds5ReplicaProtocolTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/ruvstore_test.py::test_memoryruv_sync_with_databaseruv 4.02
topo = <lib389.topologies.TopologyMain object at 0x7fe032f96130>

@pytest.mark.xfail(reason="No method to safety access DB ruv currently exists online.")
def test_memoryruv_sync_with_databaseruv(topo):
"""Check if memory ruv and database ruv are synced

:id: 5f38ac5f-6353-460d-bf60-49cafffda5b3
:setup: Replication with two masters.
:steps: 1. Add user to server and compare memory ruv and database ruv.
2. Modify description of user and compare memory ruv and database ruv.
3. Modrdn of user and compare memory ruv and database ruv.
4. Delete user and compare memory ruv and database ruv.
:expectedresults:
1. For add user, the memory ruv and database ruv should be the same.
2. For modify operation, the memory ruv and database ruv should be the same.
3. For modrdn operation, the memory ruv and database ruv should be the same.
4. For delete operation, the memory ruv and database ruv should be the same.
"""

log.info('Adding user: {} to master1'.format(TEST_ENTRY_NAME))
users = UserAccounts(topo.ms['master1'], DEFAULT_SUFFIX)
tuser = users.create(properties=USER_PROPERTIES)
> _compare_memoryruv_and_databaseruv(topo, 'add')

suites/replication/ruvstore_test.py:139:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topo = <lib389.topologies.TopologyMain object at 0x7fe032f96130>
operation_type = 'add'

def _compare_memoryruv_and_databaseruv(topo, operation_type):
"""Compare the memoryruv and databaseruv for ldap operations"""

log.info('Checking memory ruv for ldap: {} operation'.format(operation_type))
replicas = Replicas(topo.ms['master1'])
replica = replicas.list()[0]
memory_ruv = replica.get_attr_val_utf8('nsds50ruv')

log.info('Checking database ruv for ldap: {} operation'.format(operation_type))
> entry = replicas.get_ruv_entry(DEFAULT_SUFFIX)
E AttributeError: 'Replicas' object has no attribute 'get_ruv_entry'

suites/replication/ruvstore_test.py:81: AttributeError
-------------------------------Captured log call--------------------------------
INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:136 Adding user: rep2lusr to master1 INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:75 Checking memory ruv for ldap: add operation INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:80 Checking database ruv for ldap: add operation
XPassed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_Use_double_equal_instead_of_equal_in_the_targetattr] 0.11
No log output captured.
XPassed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_Use_double_equal_instead_of_equal_in_the_targetfilter] 0.23
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.28
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.29
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
No log output captured.
Skipped suites/auth_token/basic_auth_test.py::test_ldap_auth_token_config 0.00
('suites/auth_token/basic_auth_test.py', 28, 'Skipped: Auth tokens are not available in older versions')
Skipped suites/auth_token/basic_auth_test.py::test_ldap_auth_token_nsuser 0.00
('suites/auth_token/basic_auth_test.py', 75, 'Skipped: Auth tokens are not available in older versions')
Skipped suites/auth_token/basic_auth_test.py::test_ldap_auth_token_disabled 0.00
('suites/auth_token/basic_auth_test.py', 144, 'Skipped: Auth tokens are not available in older versions')
Skipped suites/auth_token/basic_auth_test.py::test_ldap_auth_token_directory_manager 0.00
('suites/auth_token/basic_auth_test.py', 194, 'Skipped: Auth tokens are not available in older versions')
Skipped suites/auth_token/basic_auth_test.py::test_ldap_auth_token_anonymous 0.00
('suites/auth_token/basic_auth_test.py', 217, 'Skipped: Auth tokens are not available in older versions')
Skipped suites/config/regression_test.py::test_set_cachememsize_to_custom_value 0.00
('suites/config/regression_test.py', 34, 'Skipped: available memory is too low')
Skipped suites/ds_logs/ds_logs_test.py::test_etime_at_border_of_second 0.00
('suites/ds_logs/ds_logs_test.py', 736, 'Skipped: rsearch was removed')
Skipped suites/entryuuid/basic_test.py::test_entryuuid_indexed_import_and_search 0.00
('suites/entryuuid/basic_test.py', 73, 'Skipped: Entryuuid is not available in older versions')
Skipped suites/entryuuid/basic_test.py::test_entryuuid_unindexed_import_and_search 0.00
('suites/entryuuid/basic_test.py', 113, 'Skipped: Entryuuid is not available in older versions')
Skipped suites/entryuuid/basic_test.py::test_entryuuid_generation_on_add 0.00
('suites/entryuuid/basic_test.py', 155, 'Skipped: Entryuuid is not available in older versions')
Skipped suites/entryuuid/basic_test.py::test_entryuuid_fixup_task 0.00
('suites/entryuuid/basic_test.py', 179, 'Skipped: Entryuuid is not available in older versions')
Skipped suites/entryuuid/replicated_test.py::test_entryuuid_with_replication 0.00
('suites/entryuuid/replicated_test.py', 23, 'Skipped: Entryuuid is not available in older versions')
Skipped suites/memory_leaks/MMR_double_free_test.py::test_MMR_double_free 0.00
('suites/memory_leaks/MMR_double_free_test.py', 67, "Skipped: Don't run if ASAN is not enabled")
Skipped suites/memory_leaks/range_search_test.py::test_range_search 0.00
('suites/memory_leaks/range_search_test.py', 24, "Skipped: Don't run if ASAN is not enabled")
Skipped suites/migration/export_data_test.py::test_export_data_from_source_host 0.00
('suites/migration/export_data_test.py', 24, 'Skipped: This test is meant to execute in specific test environment')
Skipped suites/migration/import_data_test.py::test_import_data_to_target_host 0.00
('suites/migration/import_data_test.py', 24, 'Skipped: This test is meant to execute in specific test environment')
Skipped suites/replication/changelog_test.py::test_cldump_files_removed 0.00
('suites/replication/changelog_test.py', 235, 'Skipped: does not work for prefix builds')
Skipped suites/replication/changelog_test.py::test_changelog_compactdbinterval 0.00
('suites/replication/changelog_test.py', 630, 'Skipped: changelog compaction is done by the backend itself, with id2entry as well, nsslapd-changelogcompactdb-interval is no longer supported')
Skipped suites/rewriters/adfilter_test.py::test_adfilter_objectSid 1.18
('suites/rewriters/adfilter_test.py', 90, 'Skipped: It is missing samba python bindings')
Skipped suites/syncrepl_plugin/openldap_test.py::test_syncrepl_openldap 0.00
('suites/syncrepl_plugin/openldap_test.py', 29, 'Skipped: Sync repl does not support openldap compat in older versions, and without entryuuid')
Skipped tickets/ticket47815_test.py::test_ticket47815 0.00
('tickets/ticket47815_test.py', 26, 'Skipped: Not implemented, or invalid by nsMemberOf')
Skipped tickets/ticket49121_test.py::test_ticket49121 0.00
('tickets/ticket49121_test.py', 32, "Skipped: Don't run if ASAN is not enabled")
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_EQ_ACI)] 8.20
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_PRES_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_SUB_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_PRES_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_SUB_ACI)] 0.49
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_EQ_ACI)] 0.40
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_PRES_ACI)] 0.68
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_SUB_ACI)] 0.42
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, LDAPURL_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_EQ_ACI)] 0.43
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_OU, REAL_PRES_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_SUB_ACI)] 0.55
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_EQ_ACI)] 0.50
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_PRES_ACI)] 0.42
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_SUB_ACI)] 1.04
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_EQ_ACI)] 0.43
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_PRES_ACI)] 0.68
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_SUB_ACI)] 0.52
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(SALES_UESER, SALES_MANAGER, LDAPURL_ACI)] 0.42
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, ENG_MANAGER, ROLE_EQ_ACI)] 2.70
No log output captured.
Passed suites/acl/acl_deny_test.py::test_multi_deny_aci 23.78
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389:acl_deny_test.py:47 Add uid=tuser1,ou=People,dc=example,dc=com INFO lib389:acl_deny_test.py:58 Add uid=tuser,ou=People,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:acl_deny_test.py:90 Pass 1 INFO lib389:acl_deny_test.py:93 Testing two searches behave the same... INFO lib389:acl_deny_test.py:136 Testing search does not return any entries... INFO lib389:acl_deny_test.py:90 Pass 2 INFO lib389:acl_deny_test.py:93 Testing two searches behave the same... INFO lib389:acl_deny_test.py:136 Testing search does not return any entries... INFO lib389:acl_deny_test.py:200 Test PASSED
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[lang-ja] 24.30
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'master1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for master2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'master2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining master master2 to master1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://host-10-0-139-83:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is NOT working (expect ab9fa07c-b936-4268-b3db-c0c5bee32fb0 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is NOT working (expect bbc4e40e-eb83-4540-918b-fd9a3b0a67b4 / got description=ab9fa07c-b936-4268-b3db-c0c5bee32fb0) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined master from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 INFO lib389.topologies:topologies.py:164 Ensuring master master1 to master2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39001 to ldap://host-10-0-139-83:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring master master2 to master1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://host-10-0-139-83:39002 to ldap://host-10-0-139-83:39001 already exists INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'lang-ja' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'lang-ja' subtype
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[binary] 0.31
-------------------------------Captured log setup-------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'binary' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'binary' subtype
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[phonetic] 0.38
-------------------------------Captured log setup-------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'phonetic' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'phonetic' subtype
Passed suites/acl/acl_test.py::test_mode_default_add_deny 0.45
-------------------------------Captured log setup-------------------------------
INFO lib389:acl_test.py:233 ######## INITIALIZATION ######## INFO lib389:acl_test.py:236 Add uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:254 Add cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:258 Add cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:262 Add cn=excepts,cn=accounts,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:294 ######## mode moddn_aci : ADD (should fail) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:302 Try to add cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:311 Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_mode_default_delete_deny 0.11
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:329 ######## DELETE (should fail) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:336 Try to delete cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:341 Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_moddn_staging_prod[0-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.36
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (0) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[1-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.34
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (1) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[2-cn=staged user,dc=example,dc=com-cn=bad*,dc=example,dc=com-True] 0.31
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (2) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:409 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[3-cn=st*,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.30
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (3) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[4-cn=bad*,dc=example,dc=com-cn=accounts,dc=example,dc=com-True] 0.51
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (4) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:409 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[5-cn=st*,dc=example,dc=com-cn=ac*,dc=example,dc=com-False] 0.27
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (5) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[6-None-cn=ac*,dc=example,dc=com-False] 0.30
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (6) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[7-cn=st*,dc=example,dc=com-None-False] 0.31
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (7) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[8-None-None-False] 0.29
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (8) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod_9 0.89
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:453 ######## MOVE staging -> Prod (9) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:466 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:473 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:479 Disable the moddn right INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:484 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:492 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:499 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:521 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:532 Enable the moddn right INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:536 ######## MOVE staging -> Prod (10) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:548 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:555 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:572 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:579 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:588 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:594 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_prod_staging 0.43
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:623 ######## MOVE staging -> Prod (11) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:636 Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:643 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:647 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:653 Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:668 Try to move back MODDN uid=new_account11,cn=accounts,dc=example,dc=com -> uid=new_account11,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:675 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_check_repl_M2_to_M1 1.12
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:705 Bind as cn=Directory Manager (M2) INFO lib389:acl_test.py:725 Update (M2) uid=new_account12,cn=staged user,dc=example,dc=com (description) INFO lib389:acl_test.py:738 Update uid=new_account12,cn=staged user,dc=example,dc=com (description) replicated on M1
Passed suites/acl/acl_test.py::test_moddn_staging_prod_except 0.31
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:763 ######## MOVE staging -> Prod (13) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:775 Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:782 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:786 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:160 Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:793 Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:799 ######## MOVE staging -> Prod/Except (14) ######## INFO lib389:acl_test.py:805 Try to MODDN uid=new_account14,cn=staged user,dc=example,dc=com -> uid=new_account14,cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:812 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:160 Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_default_ger_no_moddn 0.08
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:839 ######## mode moddn_aci : GER no moddn ######## INFO lib389:acl_test.py:850 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:853 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_default_ger_with_moddn 0.25
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:877 ######## mode moddn_aci: GER with moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:895 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:898 ######## entryLevelRights: b'vn' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn1 0.15
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:928 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:932 ######## mode legacy 1: GER no moddn ######## INFO lib389:acl_test.py:942 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:945 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn2 0.24
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:971 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:975 ######## mode legacy 2: GER no moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:992 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:995 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_with_moddn 0.47
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1031 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:1035 ######## mode legacy : GER with moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1060 ######## entryLevelRights: b'vn' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager
Passed suites/acl/acl_test.py::test_rdn_write_get_ger 0.14
-------------------------------Captured log setup-------------------------------
INFO lib389:acl_test.py:1071 ######## Add entry tuser ########
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1097 ######## GER rights for anonymous ######## INFO lib389:acl_test.py:1107 dn: dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=groups,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=people,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=demo_user,ou=people,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=demo_group,ou=groups,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=group_admin,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=group_modify,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_admin,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_modify,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_passwd_reset,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_private_read,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=replication_managers,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=host-10-0-139-83:63701,ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=host-10-0-139-83:63702,ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account2,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account4,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account12,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account14,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account15,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account16,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account17,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account18,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account19,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=tuser,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_rdn_write_modrdn_anonymous 4.96
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1136 dn: INFO lib389:acl_test.py:1138 ######## 'objectClass': [b'top'] INFO lib389:acl_test.py:1138 ######## 'defaultnamingcontext': [b'dc=example,dc=com'] INFO lib389:acl_test.py:1138 ######## 'dataversion': [b'020201224000704'] INFO lib389:acl_test.py:1138 ######## 'netscapemdsuffix': [b'cn=ldap://dc=localhost,dc=localdomain:39001'] INFO lib389:acl_test.py:1143 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:1150 The entry was not renamed (expected) INFO lib389:acl_test.py:133 Bind as cn=Directory Manager
Passed suites/acl/default_aci_allows_self_write_test.py::test_acl_default_allow_self_write_nsuser 19.63
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/default_aci_allows_self_write_test.py::test_acl_default_allow_self_write_user 9.67
------------------------------Captured stdout call------------------------------
uid cn sn uidNumber gidNumber homeDirectory
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_groupdn 10.14
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/deladd_test.py::test_allow_add_access_to_anyone 0.42
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_anyone 0.38
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_userdn 0.32
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_group 0.35
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_add_access_to_parent 0.30
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_parent 0.28
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_dynamic_group 0.32
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_dynamic_group_uid 0.40
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_dynamic_group 1.11
No log output captured.
Passed suites/acl/enhanced_aci_modrnd_test.py::test_enhanced_aci_modrnd 11.50
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:32 Add a container: ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:38 Add a container: ou=test_ou_2,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:44 Add a user: cn=test_user,ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:58 Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:62 Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_2,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:93 Bind as cn=test_user,ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:97 User MODRDN operation from ou=test_ou_1,dc=example,dc=com to ou=test_ou_2,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:103 Check there is no user in ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:109 Check there is our user in ou=test_ou_2,dc=example,dc=com
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_five 10.36
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_six 0.15
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seven 0.12
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eight 0.11
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_nine 0.12
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_ten 0.14
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eleven 0.13
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_twelve 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fourteen 0.15
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fifteen 0.13
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_sixteen 0.11
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seventeen 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eighteen 2.21
No log output captured.
Passed suites/acl/globalgroup_test.py::test_caching_changes 9.71
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_user 0.17
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_group_members 0.17
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial 0.16
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial_two 0.10
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow 0.11
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow_two 0.13
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval 0.15
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_two 0.36
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_three 0.11
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_four 2.73
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_ip_keyword_test_noip_cannot 0.30
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_at_any_time 0.24
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_only_in_the_morning 0.23
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_only_in_the_afternoon 0.23
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_timeofday_keyword 1.26
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_dayofweek_keyword_test_everyday_can_access 0.20
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_dayofweek_keyword_today_can_access 0.18
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_cannot_access_the_data_at_all 1.15
No log output captured.
Passed suites/acl/keywords_test.py::test_user_binds_with_a_password_and_can_access_the_data 10.07
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/keywords_test.py::test_user_binds_with_a_bad_password_and_cannot_access_the_data 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_anonymous_user_cannot_access_the_data 0.12
No log output captured.
Passed suites/acl/keywords_test.py::test_authenticated_but_has_no_rigth_on_the_data 0.15
No log output captured.
Passed suites/acl/keywords_test.py::test_the_bind_client_is_accessing_the_directory 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_users_binds_with_a_password_and_can_access_the_data 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_user_binds_without_any_password_and_cannot_access_the_data 0.10
No log output captured.
Passed suites/acl/keywords_test.py::test_user_cannot_access_the_data_if_not_from_a_certain_domain 0.14
No log output captured.
Passed suites/acl/keywords_test.py::test_dnsalias_keyword_test_nodns_cannot 0.27
No log output captured.
Passed suites/acl/keywords_test.py::test_user_can_access_from_ipv4_or_ipv6_address[127.0.0.1] 0.15
No log output captured.
Passed suites/acl/keywords_test.py::test_user_can_access_from_ipv4_or_ipv6_address[[::1]] 2.75
No log output captured.
Passed suites/acl/misc_test.py::test_accept_aci_in_addition_to_acl 10.29
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/misc_test.py::test_more_then_40_acl_will_crash_slapd 0.61
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_search_access_should_not_include_read_access 0.14
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_only_allow_some_targetattr 0.20
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_only_allow_some_targetattr_two 0.49
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_memberurl_needs_to_be_normalized 0.27
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_greater_than_200_acls_can_be_created 4.30
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_server_bahaves_properly_with_very_long_attribute_names 0.18
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_do_bind_as_201_distinct_users 150.08
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_a_single_attribute 10.11
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_multiple_attibutes 0.30
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_all 0.33
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_wildcards_in_dn 0.26
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_multiple_dns 0.34
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_target_with_wildcards 0.42
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdnattr 0.49
No log output captured.
Passed suites/acl/modify_test.py::test_allow_selfwrite_access_to_anyone 0.52
No log output captured.
Passed suites/acl/modify_test.py::test_uniquemember_should_also_be_the_owner 0.33
No log output captured.
Passed suites/acl/modify_test.py::test_aci_with_both_allow_and_deny 0.36
No log output captured.
Passed suites/acl/modify_test.py::test_allow_owner_to_modify_entry 2.89
No log output captured.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_anyone 9.94
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_dynamic_group_with_scope_set_to_base_in_ldap_url 0.23
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes 0.26
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes_two 0.29
No log output captured.
Passed suites/acl/modrdn_test.py::test_access_aci_list_contains_any_deny_rule 0.31
No log output captured.
Passed suites/acl/modrdn_test.py::test_renaming_target_entry 2.87
No log output captured.
Passed suites/acl/repeated_ldap_add_test.py::test_repeated_ldap_add 44.10
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stdout call------------------------------
Entry uid=buser123,ou=BOU,dc=example,dc=com is locked
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:184 Testing Bug 1347760 - Information disclosure via repeated use of LDAP ADD operation, etc. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:186 Disabling accesslog logbuffering INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:189 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:192 Adding ou=BOU a bind user belongs to. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:197 Adding a bind user. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:204 Adding a test user. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:211 Deleting aci in dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:214 While binding as DM, acquire an access log path and instance dir INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:220 Bind case 1. the bind user has no rights to read the entry itself, bind should be successful. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:221 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} who has no access rights. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:229 Access log path: /var/log/dirsrv/slapd-standalone1/access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:231 Bind case 2-1. the bind user does not exist, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:233 Bind as {uid=bogus,dc=example,dc=com,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:237 Exception (expected): INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:238 Desc Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:246 Cause found - [23/Dec/2020:19:12:59.473352706 -0500] conn=1 op=11 RESULT err=49 tag=97 nentries=0 wtime=0.000154710 optime=0.003188144 etime=0.003341379 - No such entry INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:249 Bind case 2-2. the bind user's suffix does not exist, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:251 Bind as {uid=bogus,ou=people,dc=bogus,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:260 Cause found - [23/Dec/2020:19:13:00.480763902 -0500] conn=1 op=12 RESULT err=49 tag=97 nentries=0 wtime=0.000500948 optime=0.003080148 etime=0.003575289 - No suffix for bind dn found INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:263 Bind case 2-3. the bind user's password is wrong, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:265 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:269 Exception (expected): INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:270 Desc Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:278 Cause found - 23/Dec/2020:19:13:01.518004216 -0500] conn=1 op=13 RESULT err=49 tag=97 nentries=0 wtime=0.000135883 optime=0.033842699 etime=0.033971350 - Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:281 Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to ou=BOU,dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:283 aci: (targetattr="*")(version 3.0; acl "buser123"; allow(all) userdn = "ldap:///uid=buser123,ou=BOU,dc=example,dc=com";) INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:284 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:289 Bind case 3. the bind user has the right to read the entry itself, bind should be successful. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:290 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:293 The following operations are against the subtree the bind user uid=buser123,ou=BOU,dc=example,dc=com has no rights. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:297 Search case 1. the bind user has no rights to read the search entry, it should return no search results with <class 'ldap.SUCCESS'> INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching existing entry uid=tuser0,ou=people,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:303 Search case 2-1. the search entry does not exist, the search should return no search results with SUCCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:309 Search case 2-2. the search entry does not exist, the search should return no search results with SUCCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:316 Add case 1. the bind user has no rights AND the adding entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:322 Add case 2-1. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:328 Add case 2-2. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:335 Modify case 1. the bind user has no rights AND the modifying entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:341 Modify case 2-1. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:347 Modify case 2-2. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:354 Modrdn case 1. the bind user has no rights AND the renaming entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:360 Modrdn case 2-1. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:366 Modrdn case 2-2. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:372 Modrdn case 3. the bind user has no rights AND the node moving an entry to exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to existing superior ou=groups,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:378 Modrdn case 4-1. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:384 Modrdn case 4-2. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:391 Delete case 1. the bind user has no rights AND the deleting entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:397 Delete case 2-1. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:403 Delete case 2-2. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:407 EXTRA: Check no regressions INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:408 Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:410 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:415 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123}. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:425 Search case. the search entry does not exist, the search should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:431 Add case. the adding entry already exists, it should fail with ALREADY_EXISTS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with ALREADY_EXISTS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): ALREADY_EXISTS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Already exists INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:436 Modify case. the modifying entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:441 Modrdn case 1. the renaming entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:446 Modrdn case 2. the node moving an entry to does not, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:451 Delete case. the deleting entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:454 Inactivate uid=buser123,ou=BOU,dc=example,dc=com INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:461 ['/usr/sbin/dsidm', 'standalone1', '-b', 'dc=example,dc=com', 'account', 'lock', 'uid=buser123,ou=BOU,dc=example,dc=com'] INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:465 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should fail with UNWILLING_TO_PERFORM. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:469 Exception (expected): UNWILLING_TO_PERFORM INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:470 Desc Server is unwilling to perform INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:473 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} which should fail with UNWILLING_TO_PERFORM. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:477 Exception (expected): UNWILLING_TO_PERFORM INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:478 Desc Server is unwilling to perform INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:481 SUCCESS
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, NESTED_ROLE_TESTER)] 9.84
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, NESTED_ROLE_TESTER)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(MARY_ROLE, NOT_RULE_ACCESS)] 0.13
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, OR_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, OR_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, ALL_ACCESS)] 0.13
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, ALL_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(MARY_ROLE, ALL_ACCESS)] 0.34
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(MARY_ROLE, NESTED_ROLE_TESTER)] 0.13
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(STEVE_ROLE, NOT_RULE_ACCESS)] 0.14
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(HARRY_ROLE, NOT_RULE_ACCESS)] 0.13
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(MARY_ROLE , OR_RULE_ACCESS)] 0.14
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_positive[NOT_RULE_ACCESS] 0.19
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_positive[ALL_ACCESS] 0.11
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_negaive[NESTED_ROLE_TESTER] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_negaive[OR_RULE_ACCESS] 1.95
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_non_leaf 11.05
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_non_leaf 0.64
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_leaf 0.62
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search 0.37
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search_two 0.59
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search 0.43
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search_two 1.29
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_boolean_or_of_two_equality_search 0.27
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_to__userdn_two 0.46
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_userdn 0.74
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_presence_search 2.71
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url 10.38
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_two 0.58
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_matching_all_users 0.65
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_a_dynamic_group 0.49
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_host_port_set_on_ldap_url 0.43
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_scope_set_to_one_in_ldap_url 0.47
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_two 0.61
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_access_to_group_should_deny_access_to_all_uniquemember 0.61
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_entry_with_lots_100_attributes 8.67
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_groupdnattr_value_is_another_group 1.62
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_target_set 9.73
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_a_target_with_wild_card 0.58
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_without_a_target_set 1.47
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_search_and_compare_access_with_target_and_targetattr_set 1.02
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_access_to_multiple_groupdns 0.87
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_userdnattr 0.29
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__target_set 0.51
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__targetattr_set 1.17
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_targetattr_set 3.31
No log output captured.
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_add 10.27
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389:selfdn_permissions_test.py:58 Add OCticket47653 that allows 'member' attribute INFO lib389:selfdn_permissions_test.py:63 Add cn=bind_entry, dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:selfdn_permissions_test.py:106 ######################### ADD ###################### INFO lib389:selfdn_permissions_test.py:109 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:139 Try to add Add cn=test_entry, dc=example,dc=com (aci is missing): dn: cn=test_entry, dc=example,dc=com cn: test_entry member: cn=bind_entry, dc=example,dc=com objectclass: top objectclass: person objectclass: OCticket47653 postalAddress: here postalCode: 1234 sn: test_entry INFO lib389:selfdn_permissions_test.py:143 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:147 Bind as cn=Directory Manager and add the ADD SELFDN aci INFO lib389:selfdn_permissions_test.py:159 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:164 Try to add Add cn=test_entry, dc=example,dc=com (member is missing) INFO lib389:selfdn_permissions_test.py:172 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:178 Try to add Add cn=test_entry, dc=example,dc=com (with several member values) INFO lib389:selfdn_permissions_test.py:181 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:184 Try to add Add cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_search 0.31
-------------------------------Captured log call--------------------------------
INFO lib389:selfdn_permissions_test.py:205 ######################### SEARCH ###################### INFO lib389:selfdn_permissions_test.py:207 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:211 Try to search cn=test_entry, dc=example,dc=com (aci is missing) INFO lib389:selfdn_permissions_test.py:216 Bind as cn=Directory Manager and add the READ/SEARCH SELFDN aci INFO lib389:selfdn_permissions_test.py:229 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:233 Try to search cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_modify 0.52
-------------------------------Captured log call--------------------------------
INFO lib389:selfdn_permissions_test.py:256 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:259 ######################### MODIFY ###################### INFO lib389:selfdn_permissions_test.py:263 Try to modify cn=test_entry, dc=example,dc=com (aci is missing) INFO lib389:selfdn_permissions_test.py:267 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:271 Bind as cn=Directory Manager and add the WRITE SELFDN aci INFO lib389:selfdn_permissions_test.py:284 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:288 Try to modify cn=test_entry, dc=example,dc=com. It should succeeds
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_delete 2.82
-------------------------------Captured log call--------------------------------
INFO lib389:selfdn_permissions_test.py:314 ######################### DELETE ###################### INFO lib389:selfdn_permissions_test.py:317 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:322 Try to delete cn=test_entry, dc=example,dc=com (aci is missing) INFO lib389:selfdn_permissions_test.py:325 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:329 Bind as cn=Directory Manager and add the READ/SEARCH SELFDN aci INFO lib389:selfdn_permissions_test.py:341 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:345 Try to delete cn=test_entry, dc=example,dc=com should be successful
Passed suites/acl/syntax_test.py::test_aci_invalid_syntax[test_targattrfilters_1] 0.10
No log output captured.
Passed suites/acl/syntax_test.py::test_aci_invalid_syntax[test_targattrfilters_2] 0.09
No log output captured.
Pas