report.html

Report generated on 26-Apr-2021 at 01:50:04 by pytest-html v3.1.1

Environment

389-ds-base 2.0.4-20210426git0a399a2b4.fc33
Packages {"pluggy": "0.13.1", "py": "1.10.0", "pytest": "5.4.3"}
Platform Linux-5.11.9-200.fc33.x86_64-x86_64-with-glibc2.32
Plugins {"html": "3.1.1", "libfaketime": "0.1.2", "metadata": "1.11.0"}
Python 3.9.4
cyrus-sasl 2.1.27-6.fc33
nspr 4.30.0-1.fc33
nss 3.63.0-1.fc33
openldap 2.4.50-5.fc33

Summary

2139 tests ran in 16268.84 seconds.

2028 passed, 11 skipped, 82 failed, 4 errors, 21 expected failures, 8 unexpected passes

Results

Result Test Duration Links
Error tickets/ticket48973_test.py::test_ticket48973_init::setup 0.99
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:831: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:801: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1246: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation...
Error tickets/ticket48973_test.py::test_ticket48973_ces_not_indexed::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:831: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:801: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1246: AssertionError
Error tickets/ticket48973_test.py::test_ticket48973_homeDirectory_indexing::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:831: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:801: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1246: AssertionError
Error tickets/ticket48973_test.py::test_ticket48973_homeDirectory_caseExactIA5Match_caseIgnoreIA5Match_indexing::setup 0.00
request = <SubRequest 'topology' for <Function test_ticket48973_init>>

@pytest.fixture(scope="module")
def topology(request):
# Creating standalone instance ...
standalone = DirSrv(verbose=False)
args_instance[SER_HOST] = HOST_STANDALONE
args_instance[SER_PORT] = PORT_STANDALONE
args_instance[SER_SERVERID_PROP] = SERVERID_STANDALONE
args_instance[SER_CREATION_SUFFIX] = DEFAULT_SUFFIX
args_standalone = args_instance.copy()
standalone.allocate(args_standalone)
instance_standalone = standalone.exists()
if instance_standalone:
standalone.delete()
> standalone.create()

/export/tests/tickets/ticket48973_test.py:52:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:831: in create
self._createDirsrv(version)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:801: in _createDirsrv
sds.create_from_args(general, slapd, backends, None)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:663: in create_from_args
self._prepare_ds(general, slapd, backends)
/usr/local/lib/python3.9/site-packages/lib389/instance/setup.py:594: in _prepare_ds
assert_c(slapd['root_dn'] is not None, "Configuration root_dn in section [slapd] not found")
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

condition = False, msg = 'Configuration root_dn in section [slapd] not found'

def assert_c(condition, msg="Assertion Failed"):
"""This is the same as assert, but assert is compiled out
when optimisation is enabled. This prevents compiling out.
"""
if not condition:
> raise AssertionError(msg)
E AssertionError: Configuration root_dn in section [slapd] not found

/usr/local/lib/python3.9/site-packages/lib389/utils.py:1246: AssertionError
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_any_machine 0.38
topo = <lib389.topologies.TopologyMain object at 0x7f10ecaad7c0>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_any_machine(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from any machine as per the ACI.

:id: 28cbc008-7ac5-11e8-934e-8c16451d917b
:customerscenario: True
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX)\
.add("aci", f'(target ="ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{FULLDNS_KEY}" and dns = "*" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, FULLDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:253:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec95a430>
func = <built-in method result4 of LDAP object at 0x7f10ec9799c0>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_internal_ds_network_only 0.81
topo = <lib389.topologies.TopologyMain object at 0x7f10ecaad7c0>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_internal_ds_network_only(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from internal ICNC network only as per the ACI.

:id: 2cac2136-7ac5-11e8-8328-8c16451d917b
:customerscenario: True
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
dns_name = socket.getfqdn()
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", [f'(target = "ldap:///{DNS_OU_KEY}")(targetattr="*")'
f'(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{SUNDNS_KEY}" and '
f'(dns = "*redhat.com" or dns = "{dns_name}");)'])

# Create a new connection for this test.
conn = UserAccount(topo.standalone, SUNDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:284:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec7463a0>
func = <built-in method result4 of LDAP object at 0x7f10ec976360>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_can_access_the_data_when_connecting_from_some_network_only 0.23
topo = <lib389.topologies.TopologyMain object at 0x7f10ecaad7c0>
add_user = None, aci_of_user = None

def test_user_can_access_the_data_when_connecting_from_some_network_only(
topo, add_user, aci_of_user
):
"""User can access the data when connecting from some network only as per the ACI.

:id: 3098512a-7ac5-11e8-af85-8c16451d917b
:customerscenario: True
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
dns_name = socket.getfqdn()
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX)\
.add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" '
f'and dns = "{dns_name}" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:315:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec76e280>
func = <built-in method result4 of LDAP object at 0x7f10eca8efc0>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_from_an_unauthorized_network 0.18
topo = <lib389.topologies.TopologyMain object at 0x7f10ecaad7c0>
add_user = None, aci_of_user = None

def test_from_an_unauthorized_network(topo, add_user, aci_of_user):
"""User cannot access the data when connecting from an unauthorized network as per the ACI.

:id: 34cf9726-7ac5-11e8-bc12-8c16451d917b
:customerscenario: True
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" and dns != "red.iplanet.com" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:342:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec980370>
func = <built-in method result4 of LDAP object at 0x7f10ec954150>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/acl/keywords_test.py::test_user_cannot_access_the_data_when_connecting_from_an_unauthorized_network_2 0.24
topo = <lib389.topologies.TopologyMain object at 0x7f10ecaad7c0>
add_user = None, aci_of_user = None

def test_user_cannot_access_the_data_when_connecting_from_an_unauthorized_network_2(
topo, add_user, aci_of_user):
"""User cannot access the data when connecting from an unauthorized network as per the ACI.

:id: 396bdd44-7ac5-11e8-8014-8c16451d917b
:customerscenario: True
:setup: Standalone Server
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
# Add ACI
Domain(topo.standalone, DEFAULT_SUFFIX).\
add("aci", f'(target = "ldap:///{DNS_OU_KEY}")'
f'(targetattr="*")(version 3.0; aci "DNS aci"; allow(all) '
f'userdn = "ldap:///{NETSCAPEDNS_KEY}" '
f'and dnsalias != "www.redhat.com" ;)')

# Create a new connection for this test.
conn = UserAccount(topo.standalone, NETSCAPEDNS_KEY).bind(PW_DM)
# Perform Operation
> OrganizationalUnit(conn, DNS_OU_KEY).replace("seeAlso", "cn=1")

suites/acl/keywords_test.py:371:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec982430>
func = <built-in method result4 of LDAP object at 0x7f10ec94b4e0>
args = (3, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 3, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=dns,ou=keywords,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
Failed suites/clu/dsctl_acceptance_test.py::test_custom_path 12.16
topo = <lib389.topologies.TopologyMain object at 0x7f10eab44880>

def test_custom_path(topo):
"""Test that a custom path, backup directory, is correctly used by lib389
when the server is stopped.

:id: 8659e209-ee83-477e-8183-1d2f555669ea
:setup: Standalone Instance
:steps:
1. Get the LDIF directory
2. Change the server's backup directory to the LDIF directory
3. Stop the server, and perform a backup
4. Backup was written to LDIF directory
:expectedresults:
1. Success
2. Success
3. Success
4. Success
"""

# Get LDIF dir
ldif_dir = topo.standalone.get_ldif_dir()

# Set backup directory to LDIF directory
topo.standalone.config.replace('nsslapd-bakdir', ldif_dir)

# Stop the server and take a backup
topo.standalone.stop()
topo.standalone.db2bak(None)

# Verify backup was written to LDIF directory
backups = os.listdir(ldif_dir)
> assert len(backups)
E assert 0
E + where 0 = len([])

suites/clu/dsctl_acceptance_test.py:48: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/clu/repl_monitor_test.py::test_dsconf_replication_monitor 38.74
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10eb2c2af0>
set_log_file = None

@pytest.mark.ds50545
@pytest.mark.bz1739718
@pytest.mark.skipif(ds_is_older("1.4.0"), reason="Not implemented")
def test_dsconf_replication_monitor(topology_m2, set_log_file):
"""Test replication monitor that was ported from legacy tools

:id: ce48020d-7c30-41b7-8f68-144c9cd757f6
:setup: 2 MM topology
:steps:
1. Create DS instance
2. Run replication monitor with connections option
3. Run replication monitor with aliases option
4. Run replication monitor with --json option
5. Run replication monitor with .dsrc file created
6. Run replication monitor with connections option as if using dsconf CLI
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
"""

m1 = topology_m2.ms["supplier1"]
m2 = topology_m2.ms["supplier2"]

# Enable ldapi if not already done.
for inst in [topology_m2.ms["supplier1"], topology_m2.ms["supplier2"]]:
if not inst.can_autobind():
# Update ns-slapd instance
inst.config.set('nsslapd-ldapilisten', 'on')
inst.config.set('nsslapd-ldapiautobind', 'on')
inst.restart()
# Ensure that updates have been sent both ways.
replicas = Replicas(m1)
replica = replicas.get(DEFAULT_SUFFIX)
replica.test_replication([m2])
replicas = Replicas(m2)
replica = replicas.get(DEFAULT_SUFFIX)
replica.test_replication([m1])

alias_content = ['Supplier: M1 (' + m1.host + ':' + str(m1.port) + ')',
'Supplier: M2 (' + m2.host + ':' + str(m2.port) + ')']

connection_content = 'Supplier: '+ m1.host + ':' + str(m1.port)
content_list = ['Replica Root: dc=example,dc=com',
'Replica ID: 1',
'Replica Status: Available',
'Max CSN',
'Status For Agreement: "002" ('+ m2.host + ':' + str(m2.port) + ')',
'Replica Enabled: on',
'Update In Progress: FALSE',
'Last Update Start:',
'Last Update End:',
'Number Of Changes Sent:',
'Number Of Changes Skipped: None',
'Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded',
'Last Init Start:',
'Last Init End:',
'Last Init Status:',
'Reap Active: 0',
'Replication Status: In Synchronization',
'Replication Lag Time:',
'Supplier: ',
m2.host + ':' + str(m2.port),
'Replica Root: dc=example,dc=com',
'Replica ID: 2',
'Status For Agreement: "001" (' + m1.host + ':' + str(m1.port)+')']

error_list = ['consumer (Unavailable)',
'Failed to retrieve database RUV entry from consumer']

json_list = ['type',
'list',
'items',
'name',
m1.host + ':' + str(m1.port),
'data',
'"replica_id": "1"',
'"replica_root": "dc=example,dc=com"',
'"replica_status": "Available"',
'maxcsn',
'agmts_status',
'agmt-name',
'002',
'replica',
m2.host + ':' + str(m2.port),
'replica-enabled',
'update-in-progress',
'last-update-start',
'last-update-end',
'number-changes-sent',
'number-changes-skipped',
'last-update-status',
'Error (0) Replica acquired successfully: Incremental update succeeded',
'last-init-start',
'last-init-end',
'last-init-status',
'reap-active',
'replication-status',
'In Synchronization',
'replication-lag-time',
'"replica_id": "2"',
'001',
m1.host + ':' + str(m1.port)]

connections = [m1.host + ':' + str(m1.port) + ':' + DN_DM + ':' + PW_DM,
m2.host + ':' + str(m2.port) + ':' + DN_DM + ':' + PW_DM]

args = FakeArgs()
args.connections = connections
args.aliases = None
args.json = False

log.info('Run replication monitor with connections option')
get_repl_monitor_info(m1, DEFAULT_SUFFIX, log, args)
(host_m1, host_m2) = get_hostnames_from_log(m1.port, m2.port)
> check_value_in_log_and_reset(content_list, connection_content, error_list=error_list)

suites/clu/repl_monitor_test.py:211:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

content_list = ['Replica Root: dc=example,dc=com', 'Replica ID: 1', 'Replica Status: Available', 'Max CSN', 'Status For Agreement: "002" (ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002)', 'Replica Enabled: on', ...]
second_list = 'Supplier: ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001'
single_value = None
error_list = ['consumer (Unavailable)', 'Failed to retrieve database RUV entry from consumer']

def check_value_in_log_and_reset(content_list, second_list=None, single_value=None, error_list=None):
with open(LOG_FILE, 'r+') as f:
file_content = f.read()

for item in content_list:
log.info('Check that "{}" is present'.format(item))
> assert item in file_content
E AssertionError: assert 'Replica Status: Available' in 'Run replication monitor with connections option\ndsrc path: /root/.dsrc\ndsrc container path: /data/config/container....t Init Status: unavailable\nReap Active: 0\nReplication Status: In Synchronization\nReplication Lag Time: 00:00:00\n\n'

suites/clu/repl_monitor_test.py:54: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect f073f9e6-e388-4355-a88e-43434fe7f1c8 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 7cbfa0ca-2e9d-417a-9e94-70d6f9826c01 / got description=f073f9e6-e388-4355-a88e-43434fe7f1c8) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.suites.clu.repl_monitor_test:repl_monitor_test.py:208 Run replication monitor with connections option DEBUG tests.suites.clu.repl_monitor_test:dsrc.py:76 dsrc path: /root/.dsrc DEBUG tests.suites.clu.repl_monitor_test:dsrc.py:77 dsrc container path: /data/config/container.inf DEBUG tests.suites.clu.repl_monitor_test:dsrc.py:85 dsrc instances: [] DEBUG tests.suites.clu.repl_monitor_test:dsrc.py:212 dsrc completed with {'connections': None, 'aliases': None} INFO tests.suites.clu.repl_monitor_test:replication.py:446 Supplier: localhost.localdomain:39001 INFO tests.suites.clu.repl_monitor_test:replication.py:450 ------------------------------------- INFO tests.suites.clu.repl_monitor_test:replication.py:464 Replica Root: dc=example,dc=com INFO tests.suites.clu.repl_monitor_test:replication.py:465 Replica ID: 1 INFO tests.suites.clu.repl_monitor_test:replication.py:466 Replica Status: Online INFO tests.suites.clu.repl_monitor_test:replication.py:467 Max CSN: 60861ab8000000010000 INFO tests.suites.clu.repl_monitor_test:replication.py:470 Status For Agreement: "002" (ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002) Replica Enabled: on Update In Progress: FALSE Last Update Start: 20210426014321Z Last Update End: 20210426014321Z Number Of Changes Sent: 1:2/0 Number Of Changes Skipped: None Last Update Status: Error (0) Replica acquired successfully: Incremental update succeeded Last Init Start: 19700101000000Z Last Init End: 19700101000000Z Last Init Status: unavailable Reap Active: 0 Replication Status: In Synchronization Replication Lag Time: 00:00:00 INFO tests.suites.clu.repl_monitor_test:replication.py:446 Supplier: ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO tests.suites.clu.repl_monitor_test:replication.py:450 ----------------------------------------------------------------- INFO tests.suites.clu.repl_monitor_test:replication.py:464 Replica Root: dc=example,dc=com INFO tests.suites.clu.repl_monitor_test:replication.py:465 Replica ID: 2 INFO tests.suites.clu.repl_monitor_test:replication.py:466 Replica Status: Online INFO tests.suites.clu.repl_monitor_test:replication.py:467 Max CSN: 60861aba000000020000 INFO tests.suites.clu.repl_monitor_test:replication.py:470 Status For Agreement: "001" (ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001) Replica Enabled: on Update In Progress: TRUE Last Update Start: 20210426014322Z Last Update End: 19700101000000Z Number Of Changes Sent: 2:2/0 Number Of Changes Skipped: None Last Update Status: Error (0) Replica acquired successfully: Incremental update started Last Init Start: 19700101000000Z Last Init End: 19700101000000Z Last Init Status: unavailable Reap Active: 0 Replication Status: In Synchronization Replication Lag Time: 00:00:00 INFO tests.suites.clu.repl_monitor_test:repl_monitor_test.py:53 Check that "Replica Root: dc=example,dc=com" is present INFO tests.suites.clu.repl_monitor_test:repl_monitor_test.py:53 Check that "Replica ID: 1" is present INFO tests.suites.clu.repl_monitor_test:repl_monitor_test.py:53 Check that "Replica Status: Available" is present
-----------------------------Captured log teardown------------------------------
INFO tests.suites.clu.repl_monitor_test:repl_monitor_test.py:38 Delete files
Failed suites/dynamic_plugins/dynamic_plugins_test.py::test_acceptance 31.01
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ec5a7160>

def test_acceptance(topology_m2):
"""Exercise each plugin and its main features, while
changing the configuration without restarting the server.

:id: 96136538-0151-4b09-9933-0e0cbf2c786c
:setup: 2 Supplier Instances
:steps:
1. Pause all replication
2. Set nsslapd-dynamic-plugins to on
3. Try to update LDBM config entry
4. Go through all plugin basic functionality
5. Resume replication
6. Go through all plugin basic functionality again
7. Check that data in sync and replication is working
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
"""

m1 = topology_m2.ms["supplier1"]
msg = ' (no replication)'
replication_run = False

# First part of the test should be without replication
topology_m2.pause_all_replicas()

# First enable dynamic plugins
m1.config.replace('nsslapd-dynamic-plugins', 'on')

# Test that critical plugins can be updated even though the change might not be applied
ldbm_config = LDBMConfig(m1)
ldbm_config.replace('description', 'test')

while True:
# First run the tests with replication disabled, then rerun them with replication set up

############################################################################
# Test plugin functionality
############################################################################

log.info('####################################################################')
log.info('Testing Dynamic Plugins Functionality' + msg + '...')
log.info('####################################################################\n')

> acceptance_test.check_all_plugins(topology_m2)

suites/dynamic_plugins/dynamic_plugins_test.py:121:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/acceptance_test.py:1807: in check_all_plugins
func(topo, args)
suites/plugins/acceptance_test.py:477: in test_automember
task = plugin.fixup(branch2.dn, _filter='objectclass=top')
/usr/local/lib/python3.9/site-packages/lib389/plugins.py:1087: in fixup
task.create(properties=task_properties)
/usr/local/lib/python3.9/site-packages/lib389/tasks.py:118: in create
return super(Task, self).create(rdn, properties, basedn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec5a7d00>
func = <built-in method result4 of LDAP object at 0x7f10ecebf7e0>
args = (133, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 441010ec-4dc5-4a1b-9e30-bd5ad956b198 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 80226162-f3e1-4aea-a2ee-c8cf1412d52c / got description=441010ec-4dc5-4a1b-9e30-bd5ad956b198) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
Failed suites/dynamic_plugins/dynamic_plugins_test.py::test_memory_corruption 0.08
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ec5a7160>

def test_memory_corruption(topology_m2):
"""Check the plugins for memory corruption issues while
dynamic plugins option is enabled

:id: 96136538-0151-4b09-9933-0e0cbf2c7862
:setup: 2 Supplier Instances
:steps:
1. Pause all replication
2. Set nsslapd-dynamic-plugins to on
3. Try to update LDBM config entry
4. Restart the plugin many times in a linked list fashion
restarting previous and preprevious plugins in the list of all plugins
5. Run the functional test
6. Repeat 4 and 5 steps for all plugins
7. Resume replication
8. Go through 4-6 steps once more
9. Check that data in sync and replication is working
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""


m1 = topology_m2.ms["supplier1"]
msg = ' (no replication)'
replication_run = False

# First part of the test should be without replication
> topology_m2.pause_all_replicas()

suites/dynamic_plugins/dynamic_plugins_test.py:179:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/topologies.py:219: in pause_all_replicas
replica = replicas.get(DEFAULT_SUFFIX)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1765: in get
replica = super(Replicas, self).get(selector, dn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1146: in get
results = self._get_selector(selector)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1177: in _get_selector
return self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec5a7d00>
func = <built-in method search_ext of LDAP object at 0x7f10ecebf7e0>
args = ('cn=mapping tree,cn=config', 2, '(&(&(objectclass=nsds5Replica))(|(nsDS5ReplicaRoot=dc=example,dc=com)))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/dynamic_plugins/dynamic_plugins_test.py::test_stress 2.08
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ec5a7160>

@pytest.mark.tier2
def test_stress(topology_m2):
"""Test plugins while under a big load. Perform the test 5 times

:id: 96136538-0151-4b09-9933-0e0cbf2c7863
:setup: 2 Supplier Instances
:steps:
1. Pause all replication
2. Set nsslapd-dynamic-plugins to on
3. Try to update LDBM config entry
4. Do one run through all tests
5. Enable Referential integrity and MemberOf plugins
6. Launch three new threads to add a bunch of users
7. While we are adding users restart the MemberOf and
Linked Attributes plugins many times
8. Wait for the 'adding' threads to complete
9. Now launch three threads to delete the users
10. Restart both the MemberOf, Referential integrity and
Linked Attributes plugins during these deletes
11. Wait for the 'deleting' threads to complete
12. Now make sure both the MemberOf and Referential integrity plugins still work correctly
13. Cleanup the stress tests (delete the group entry)
14. Perform 4-13 steps five times
15. Resume replication
16. Go through 4-14 steps once more
17. Check that data in sync and replication is working
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
"""

m1 = topology_m2.ms["supplier1"]
msg = ' (no replication)'
replication_run = False
stress_max_runs = 5

# First part of the test should be without replication
> topology_m2.pause_all_replicas()

suites/dynamic_plugins/dynamic_plugins_test.py:297:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/topologies.py:219: in pause_all_replicas
replica = replicas.get(DEFAULT_SUFFIX)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1765: in get
replica = super(Replicas, self).get(selector, dn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1146: in get
results = self._get_selector(selector)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1177: in _get_selector
return self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec5a7d00>
func = <built-in method search_ext of LDAP object at 0x7f10ecebf7e0>
args = ('cn=mapping tree,cn=config', 2, '(&(&(objectclass=nsds5Replica))(|(nsDS5ReplicaRoot=dc=example,dc=com)))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed suites/fourwaymmr/fourwaymmr_test.py::test_replicated_multivalued_entries 1.16
topo_m4 = <lib389.topologies.TopologyMain object at 0x7f10edbd3700>

def test_replicated_multivalued_entries(topo_m4):
"""Replicated multivalued entries are ordered the same way on all consumers

:id: 7bf9a34c-e764-11e8-928c-8c16451d917b
:setup: 4 Instances with replication
:steps:
1. Replicated multivalued entries are ordered the same way on all consumers
:expected results:
1. Should success
"""
# This test case checks that replicated multivalued entries are
# ordered the same way on all consumers
users = UserAccounts(topo_m4.ms["supplier1"], DEFAULT_SUFFIX)
repl = ReplicationManager(DEFAULT_SUFFIX)
user_properties = {
"uid": "test_replicated_multivalued_entries",
"cn": "test_replicated_multivalued_entries",
"sn": "test_replicated_multivalued_entries",
"userpassword": "test_replicated_multivalued_entries",
"uidNumber": "1001",
"gidNumber": "2002",
"homeDirectory": "/home/{}".format("test_replicated_multivalued_entries"),
}
users.create(properties=user_properties)
testuser = users.get("test_replicated_multivalued_entries")
testuser.set("mail", ["test1", "test2", "test3"])
# Now we check the entry on each consumer, making sure the order of the
# multi-valued mail attribute is the same on all server instances
repl.wait_for_replication(topo_m4.ms["supplier4"], topo_m4.ms["supplier1"])
> assert topo_m4.ms["supplier1"].search_s("uid=test_replicated_multivalued_entries,ou=People,dc=example,dc=com",
ldap.SCOPE_SUBTREE, '(objectclass=*)', ['mail']) == topo_m4.ms[
"supplier2"].search_s("uid=test_replicated_multivalued_entries,ou=People,dc=example,dc=com",
ldap.SCOPE_SUBTREE, '(objectclass=*)', ['mail']) == topo_m4.ms["supplier3"].search_s(
"uid=test_replicated_multivalued_entries,ou=People,dc=example,dc=com", ldap.SCOPE_SUBTREE, '(objectclass=*)',
['mail']) == topo_m4.ms["supplier4"].search_s(
"uid=test_replicated_multivalued_entries,ou=People,dc=example,dc=com", ldap.SCOPE_SUBTREE, '(objectclass=*)',
['mail'])
E AssertionError: assert [dn: uid=test...mail: test3\n\n] == [dn: uid=test...mple,dc=com\n\n]
E At index 0 diff: dn: uid=test_replicated_multivalued_entries,ou=people,dc=example,dc=com\nmail: test1\nmail: test2\nmail: test3\n\n != dn: uid=test_replicated_multivalued_entries,ou=people,dc=example,dc=com\n\n
E Full diff:
E [
E dn: uid=test_replicated_multivalued_entries,ou=people,dc=example,dc=com
E + mail: test1
E + mail: test2
E + mail: test3...
E
E ...Full output truncated (4 lines hidden), use '-vv' to show

suites/fourwaymmr/fourwaymmr_test.py:178: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect cd4e554d-1d17-42ca-8425-071211ec70d9 / got description=8e163138-ac5b-4c8a-b357-2eca46afeb84) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working
Failed suites/gssapi/simple_gssapi_test.py::test_gssapi_bind 14.64
topology_st_gssapi = <lib389.topologies.TopologyMain object at 0x7f10eb4822e0>
testuser = <lib389.idm.user.UserAccount object at 0x7f10eb482eb0>

@gssapi_ack
def test_gssapi_bind(topology_st_gssapi, testuser):
"""Test that we can bind with GSSAPI

:id: 894a4c27-3d4c-4ba3-aa33-2910032e3783

:setup: standalone gssapi instance

:steps:
1. Bind with sasl/gssapi
:expectedresults:
1. Bind succeeds

"""
> conn = testuser.bind_gssapi()

suites/gssapi/simple_gssapi_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:258: in bind_gssapi
inst_clone.open(saslmethod='gssapi')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:991: in open
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:476: in sasl_interactive_bind_s
return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eab4b730>
func = <built-in method sasl_interactive_bind_s of LDAP object at 0x7f10ead0e900>
args = ('', <ldap.sasl.gssapi object at 0x7f10ead0e940>, None, None, 2)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INVALID_CREDENTIALS: {'result': 49, 'desc': 'Invalid credentials', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INVALID_CREDENTIALS
-----------------------------Captured stdout setup------------------------------
Kerberos primary password: omA5G7LZgz0vS.61KzZ4iq9OHfZIQV2Wc9exfIYu.FXbDRcRaaYeNVOI13defE5co Loading random data Initializing database '/var/kerberos/krb5kdc/principal' for realm 'HOSTED.UPSHIFT.RDU2.REDHAT.COM', master key name 'K/M@HOSTED.UPSHIFT.RDU2.REDHAT.COM' Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. Principal "ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM" created. Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. K/M@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/changepw@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM kiprop/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM krbtgt/HOSTED.UPSHIFT.RDU2.REDHAT.COM@HOSTED.UPSHIFT.RDU2.REDHAT.COM ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. Entry for principal ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM with kvno 2, encryption type aes256-cts-hmac-sha1-96 added to keytab WRFILE:/etc/krb5.keytab. Entry for principal ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM with kvno 2, encryption type aes128-cts-hmac-sha1-96 added to keytab WRFILE:/etc/krb5.keytab. Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. Principal "testuser@HOSTED.UPSHIFT.RDU2.REDHAT.COM" created. Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. K/M@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/changepw@HOSTED.UPSHIFT.RDU2.REDHAT.COM kadmin/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM kiprop/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM krbtgt/HOSTED.UPSHIFT.RDU2.REDHAT.COM@HOSTED.UPSHIFT.RDU2.REDHAT.COM ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM testuser@HOSTED.UPSHIFT.RDU2.REDHAT.COM Authenticating as principal root/admin@HOSTED.UPSHIFT.RDU2.REDHAT.COM with password. Entry for principal testuser@HOSTED.UPSHIFT.RDU2.REDHAT.COM with kvno 2, encryption type aes256-cts-hmac-sha1-96 added to keytab WRFILE:/tmp/testuser.keytab. Entry for principal testuser@HOSTED.UPSHIFT.RDU2.REDHAT.COM with kvno 2, encryption type aes128-cts-hmac-sha1-96 added to keytab WRFILE:/tmp/testuser.keytab.
-----------------------------Captured stderr setup------------------------------
No policy specified for ldap/ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com@HOSTED.UPSHIFT.RDU2.REDHAT.COM; defaulting to no policy No policy specified for testuser@HOSTED.UPSHIFT.RDU2.REDHAT.COM; defaulting to no policy
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed suites/gssapi/simple_gssapi_test.py::test_support_mech 0.29
topology_st_gssapi = <lib389.topologies.TopologyMain object at 0x7f10eb4822e0>
testuser = <lib389.idm.user.UserAccount object at 0x7f10eb482eb0>

@gssapi_ack
def test_support_mech(topology_st_gssapi, testuser):
"""Test allowed sasl mechs works when GSSAPI is allowed

:id: 6ec80aca-00c4-4141-b96b-3ae8837fc751

:setup: standalone gssapi instance

:steps:
1. Add GSSAPI to allowed sasl mechanisms.
2. Attempt to bind
:expectedresults:
1. The allowed mechs are changed.
2. The bind succeeds.
"""
topology_st_gssapi.standalone.config.set('nsslapd-allowed-sasl-mechanisms', 'GSSAPI EXTERNAL ANONYMOUS')
> conn = testuser.bind_gssapi()

suites/gssapi/simple_gssapi_test.py:125:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:258: in bind_gssapi
inst_clone.open(saslmethod='gssapi')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:991: in open
self.sasl_interactive_bind_s("", sasl_auth, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:476: in sasl_interactive_bind_s
return self._ldap_call(self._l.sasl_interactive_bind_s,who,auth,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls),sasl_flags)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec7ce3a0>
func = <built-in method sasl_interactive_bind_s of LDAP object at 0x7f10ec8736f0>
args = ('', <ldap.sasl.gssapi object at 0x7f10ec8835b0>, None, None, 2)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INVALID_CREDENTIALS: {'result': 49, 'desc': 'Invalid credentials', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INVALID_CREDENTIALS
Failed suites/healthcheck/health_security_test.py::test_healthcheck_certif_expiring_within_30d 11.91
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eab79370>

@pytest.mark.ds50873
@pytest.mark.bz1685160
@pytest.mark.xfail(ds_is_older("1.4.1"), reason="Not implemented")
def test_healthcheck_certif_expiring_within_30d(topology_st):
"""Check if HealthCheck returns DSCERTLE0001 code

:id: c2165032-88ba-4978-a4ca-2fecfd8c35d8
:setup: Standalone instance
:steps:
1. Create DS instance
2. Use libfaketime to tell the process the date is within 30 days before certificate expiration
3. Use HealthCheck without --json option
4. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Healthcheck reports DSCERTLE0001 code and related details
4. Healthcheck reports DSCERTLE0001 code and related details
"""

RET_CODE = 'DSCERTLE0001'

standalone = topology_st.standalone

standalone.enable_tls()

# Cert is valid two years from today, so we count the date that is within 30 days before certificate expiration
date_future = datetime.now() + timedelta(days=701)

with libfaketime.fake_time(date_future):
time.sleep(1)
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/health_security_test.py:304:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7f10eab79370>
instance = <lib389.DirSrv object at 0x7f10eb438100>
searched_code = 'DSCERTLE0001', json = False, searched_code2 = None

def run_healthcheck_and_flush_log(topology, instance, searched_code, json, searched_code2=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = False
args.list_checks = False
args.check = ['config', 'encryption', 'tls', 'fschecks']
args.dry_run = False

if json:
log.info('Use healthcheck with --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
assert topology.logcap.contains(searched_code)
log.info('Healthcheck returned searched code: %s' % searched_code)

if searched_code2 is not None:
assert topology.logcap.contains(searched_code2)
log.info('Healthcheck returned searched code: %s' % searched_code2)
else:
log.info('Use healthcheck without --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSCERTLE0001')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7f10eab79370>.logcap

suites/healthcheck/health_security_test.py:67: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:111 No issues found.
Failed suites/healthcheck/health_security_test.py::test_healthcheck_certif_expired 13.10
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eab79370>

@pytest.mark.ds50873
@pytest.mark.bz1685160
@pytest.mark.xfail(ds_is_older("1.4.1"), reason="Not implemented")
def test_healthcheck_certif_expired(topology_st):
"""Check if HealthCheck returns DSCERTLE0002 code

:id: ceff2c22-62c0-4fd9-b737-930a88458d68
:setup: Standalone instance
:steps:
1. Create DS instance
2. Use libfaketime to tell the process the date is after certificate expiration
3. Use HealthCheck without --json option
4. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Healthcheck reports DSCERTLE0002 code and related details
4. Healthcheck reports DSCERTLE0002 code and related details
"""

RET_CODE = 'DSCERTLE0002'

standalone = topology_st.standalone

standalone.enable_tls()

# Cert is valid two years from today, so we count the date that is after expiration
date_future = datetime.now() + timedelta(days=731)

with libfaketime.fake_time(date_future):
time.sleep(1)
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/health_security_test.py:343:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7f10eab79370>
instance = <lib389.DirSrv object at 0x7f10eb438100>
searched_code = 'DSCERTLE0002', json = False, searched_code2 = None

def run_healthcheck_and_flush_log(topology, instance, searched_code, json, searched_code2=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = False
args.list_checks = False
args.check = ['config', 'encryption', 'tls', 'fschecks']
args.dry_run = False

if json:
log.info('Use healthcheck with --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
assert topology.logcap.contains(searched_code)
log.info('Healthcheck returned searched code: %s' % searched_code)

if searched_code2 is not None:
assert topology.logcap.contains(searched_code2)
log.info('Healthcheck returned searched code: %s' % searched_code2)
else:
log.info('Use healthcheck without --json option')
args.json = json
health_check_run(instance, topology.logcap.log, args)
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSCERTLE0002')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7f10eab79370>.logcap

suites/healthcheck/health_security_test.py:67: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 2 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSCERTLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: tls:certificate_expiration INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- Expiring Certificate INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The certificate (Self-Signed-CA) will expire in less than 30 days INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Renew the certificate before it expires to prevent disruptions with TLS connections. INFO LogCapture:health.py:45 [2] DS Lint Error: DSCERTLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: tls:certificate_expiration INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- Expiring Certificate INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The certificate (Server-Cert) will expire in less than 30 days INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Renew the certificate before it expires to prevent disruptions with TLS connections. INFO LogCapture:health.py:124 ===== End Of Report (2 Issues found) =====
Failed suites/import/import_test.py::test_fast_slow_import 11.74
topo = <lib389.topologies.TopologyMain object at 0x7f10edc2e6a0>
_toggle_private_import_mem = None, _import_clean = None

def test_fast_slow_import(topo, _toggle_private_import_mem, _import_clean):
"""With nsslapd-db-private-import-mem: on is faster import.

:id: 3044331c-9c0e-11ea-ac9f-8c16451d917b
:setup: Standalone Instance
:steps:
1. Let's set nsslapd-db-private-import-mem:on, nsslapd-import-cache-autosize: 0
2. Measure offline import time duration total_time1
3. Now nsslapd-db-private-import-mem:off
4. Measure offline import time duration total_time2
5. total_time1 < total_time2
6. Set nsslapd-db-private-import-mem:on, nsslapd-import-cache-autosize: -1
7. Measure offline import time duration total_time1
8. Now nsslapd-db-private-import-mem:off
9. Measure offline import time duration total_time2
10. total_time1 < total_time2
:expected results:
1. Operation successful
2. Operation successful
3. Operation successful
4. Operation successful
5. Operation successful
6. Operation successful
7. Operation successful
8. Operation successful
9. Operation successful
10. Operation successful
"""
# Let's set nsslapd-db-private-import-mem:on, nsslapd-import-cache-autosize: 0
config = LDBMConfig(topo.standalone)
# Measure offline import time duration total_time1
total_time1 = _import_offline(topo, 20)
# Now nsslapd-db-private-import-mem:off
config.replace('nsslapd-db-private-import-mem', 'off')
accounts = Accounts(topo.standalone, DEFAULT_SUFFIX)
for i in accounts.filter('(uid=*)'):
UserAccount(topo.standalone, i.dn).delete()
# Measure offline import time duration total_time2
total_time2 = _import_offline(topo, 20)
# total_time1 < total_time2
> assert total_time1 < total_time2
E assert 2.2201759815216064 < 2.20324969291687

suites/import/import_test.py:394: AssertionError
Failed suites/indexes/regression_test.py::test_reindex_task_creates_abandoned_index_file 13.09
topo = <lib389.topologies.TopologyMain object at 0x7f10eaf9ab80>

@pytest.mark.skipif(ds_is_older("1.4.4.4"), reason="Not implemented")
def test_reindex_task_creates_abandoned_index_file(topo):
"""
Recreating an index for the same attribute but changing
the case of for example 1 letter, results in abandoned indexfile

:id: 07ae5274-481a-4fa8-8074-e0de50d89ac6
:customerscenario: True
:setup: Standalone instance
:steps:
1. Create a user object with additional attributes:
objectClass: mozillaabpersonalpha
mozillaCustom1: xyz
2. Add an index entry mozillacustom1
3. Reindex the backend
4. Check the content of the index (after it has been flushed to disk) mozillacustom1.db
5. Remove the index
6. Notice the mozillacustom1.db is removed
7. Recreate the index but now use the exact case as mentioned in the schema
8. Reindex the backend
9. Check the content of the index (after it has been flushed to disk) mozillaCustom1.db
10. Check that an ldapsearch does not return a result (mozillacustom1=xyz)
11. Check that an ldapsearch returns the results (mozillaCustom1=xyz)
12. Restart the instance
13. Notice that an ldapsearch does not return a result(mozillacustom1=xyz)
14. Check that an ldapsearch does not return a result (mozillacustom1=xyz)
15. Check that an ldapsearch returns the results (mozillaCustom1=xyz)
16. Reindex the backend
17. Notice the second indexfile for this attribute
18. Check the content of the index (after it has been flushed to disk) no mozillacustom1.db
19. Check the content of the index (after it has been flushed to disk) mozillaCustom1.db
:expectedresults:
1. Should Success.
2. Should Success.
3. Should Success.
4. Should Success.
5. Should Success.
6. Should Success.
7. Should Success.
8. Should Success.
9. Should Success.
10. Should Success.
11. Should Success.
12. Should Success.
13. Should Success.
14. Should Success.
15. Should Success.
16. Should Success.
17. Should Success.
18. Should Success.
19. Should Success.
"""

inst = topo.standalone
attr_name = "mozillaCustom1"
attr_value = "xyz"

users = UserAccounts(inst, DEFAULT_SUFFIX)
user = users.create_test_user()
user.add("objectClass", "mozillaabpersonalpha")
user.add(attr_name, attr_value)

backends = Backends(inst)
backend = backends.get(DEFAULT_BENAME)
indexes = backend.get_indexes()
index = indexes.create(properties={
'cn': attr_name.lower(),
'nsSystemIndex': 'false',
'nsIndexType': ['eq', 'pres']
})

backend.reindex()
time.sleep(3)
> assert os.path.exists(f"{inst.ds_paths.db_home_dir}/{DEFAULT_BENAME}/{attr_name.lower()}.db")
E AssertionError: assert False
E + where False = <function exists at 0x7f10f01ae160>('/var/lib/dirsrv/slapd-standalone1/db/userRoot/mozillacustom1.db')
E + where <function exists at 0x7f10f01ae160> = <module 'posixpath' from '/usr/lib64/python3.9/posixpath.py'>.exists
E + where <module 'posixpath' from '/usr/lib64/python3.9/posixpath.py'> = os.path

suites/indexes/regression_test.py:157: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:tasks.py:825 Index task index_all_04252021_224002 completed successfully
Failed suites/paged_results/paged_results_test.py::test_search_dns_ip_aci[fqdn] 4.92
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eab5ccd0>
create_user = <lib389.idm.user.UserAccount object at 0x7f10eb422cd0>
aci_subject = 'dns = "localhost.localdomain"'

@pytest.mark.parametrize('aci_subject',
('dns = "{}"'.format(HOSTNAME),
'ip = "{}"'.format(IP_ADDRESS)),
ids=['fqdn','ip'])
def test_search_dns_ip_aci(topology_st, create_user, aci_subject):
"""Verify that after performing multiple simple paged searches
to completion on the suffix with DNS or IP based ACI

:id: bbfddc46-a8c8-49ae-8c90-7265d05b22a9
:customerscenario: True
:parametrized: yes
:setup: Standalone instance, test user for binding,
varying number of users for the search base
:steps:
1. Back up and remove all previous ACI from suffix
2. Add an anonymous ACI for DNS check
3. Bind as test user
4. Search through added users with a simple paged control
5. Perform steps 4 three times in a row
6. Return ACI to the initial state
7. Go through all steps once again, but use IP subject dn
instead of DNS
:expectedresults:
1. Operation should be successful
2. Anonymous ACI should be successfully added
3. Bind should be successful
4. No error happens, all users should be found and sorted
5. Results should remain the same
6. ACI should be successfully returned
7. Results should be the same with ACI with IP subject dn
"""

users_num = 100
page_size = 5
users_list = add_users(topology_st, users_num, DEFAULT_SUFFIX)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

try:
log.info('Back up current suffix ACI')
acis_bck = topology_st.standalone.aci.list(DEFAULT_SUFFIX, ldap.SCOPE_BASE)

log.info('Add test ACI')
ACI_TARGET = '(targetattr != "userPassword")'
ACI_ALLOW = '(version 3.0;acl "Anonymous access within domain"; allow (read,compare,search)'
ACI_SUBJECT = '(userdn = "ldap:///anyone") and (%s);)' % aci_subject
ACI_BODY = ensure_bytes(ACI_TARGET + ACI_ALLOW + ACI_SUBJECT)
topology_st.standalone.modify_s(DEFAULT_SUFFIX, [(ldap.MOD_REPLACE, 'aci', ACI_BODY)])
log.info('Set user bind')
conn = create_user.bind(TEST_USER_PWD, uri=f'ldap://{IP_ADDRESS}:{topology_st.standalone.port}')

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

log.info('Initiate three searches with a paged results control')
for ii in range(3):
log.info('%d search' % (ii + 1))
all_results = paged_search(conn, DEFAULT_SUFFIX, controls,
search_flt, searchreq_attrlist)
log.info('%d results' % len(all_results))
> assert len(all_results) == len(users_list)
E assert 0 == 100
E +0
E -100

suites/paged_results/paged_results_test.py:575: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:133 Adding 100 users INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:553 Back up current suffix ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:556 Add test ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:562 Set user bind INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:565 Create simple paged results control instance INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:569 Initiate three searches with a paged results control INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:571 1 search INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:191 Running simple paged result search with - search suffix: dc=example,dc=com; filter: (uid=test*); attr list ['dn', 'sn']; page_size = 5; controls: [<ldap.controls.libldap.SimplePagedResultsControl object at 0x7f10eafe83a0>]. INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:199 Getting page 0 INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:574 0 results INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:579 Restore ACI INFO tests.suites.paged_results.paged_results_test:paged_results_test.py:155 Deleting 100 users
Failed suites/password/regression_test.py::test_unhashed_pw_switch 25.48
topo_supplier = <lib389.topologies.TopologyMain object at 0x7f10ea9322b0>

@pytest.mark.ds49789
def test_unhashed_pw_switch(topo_supplier):
"""Check that nsslapd-unhashed-pw-switch works corrently

:id: e5aba180-d174-424d-92b0-14fe7bb0b92a
:setup: Supplier Instance
:steps:
1. A Supplier is created, enable retrocl (not used here)
2. Create a set of users
3. update userpassword of user1 and check that unhashed#user#password is not logged (default)
4. udpate userpassword of user2 and check that unhashed#user#password is not logged ('nolog')
5. udpate userpassword of user3 and check that unhashed#user#password is logged ('on')
:expectedresults:
1. Success
2. Success
3. Success (unhashed#user#password is not logged in the replication changelog)
4. Success (unhashed#user#password is not logged in the replication changelog)
5. Success (unhashed#user#password is logged in the replication changelog)
"""
MAX_USERS = 10
PEOPLE_DN = ("ou=people," + DEFAULT_SUFFIX)

inst = topo_supplier.ms["supplier1"]
inst.modify_s("cn=Retro Changelog Plugin,cn=plugins,cn=config",
[(ldap.MOD_REPLACE, 'nsslapd-changelogmaxage', b'2m'),
(ldap.MOD_REPLACE, 'nsslapd-changelog-trim-interval', b"5s"),
(ldap.MOD_REPLACE, 'nsslapd-logAccess', b'on')])
inst.config.loglevel(vals=[256 + 4], service='access')
inst.restart()
# If you need any test suite initialization,
# please, write additional fixture for that (including finalizer).
# Topology for suites are predefined in lib389/topologies.py.

# enable dynamic plugins, memberof and retro cl plugin
#
log.info('Enable plugins...')
try:
inst.modify_s(DN_CONFIG,
[(ldap.MOD_REPLACE,
'nsslapd-dynamic-plugins',
b'on')])
except ldap.LDAPError as e:
ldap.error('Failed to enable dynamic plugins! ' + e.message['desc'])
assert False

#topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
inst.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)
#topology_st.standalone.modify_s("cn=changelog,cn=ldbm database,cn=plugins,cn=config", [(ldap.MOD_REPLACE, 'nsslapd-cachememsize', str(100000))])
inst.restart()

log.info('create users and group...')
for idx in range(1, MAX_USERS):
try:
USER_DN = ("uid=member%d,%s" % (idx, PEOPLE_DN))
inst.add_s(Entry((USER_DN,
{'objectclass': 'top extensibleObject'.split(),
'uid': 'member%d' % (idx)})))
except ldap.LDAPError as e:
log.fatal('Failed to add user (%s): error %s' % (USER_DN, e.message['desc']))
assert False

# Check default is that unhashed#user#password is not logged on 1.4.1.6+
user = "uid=member1,%s" % (PEOPLE_DN)
inst.modify_s(user, [(ldap.MOD_REPLACE,
'userpassword',
PASSWORD.encode())])
inst.stop()
if ds_is_newer('1.4.1.6'):
> _check_unhashed_userpw(inst, user, is_present=False)

suites/password/regression_test.py:288:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/password/regression_test.py:48: in _check_unhashed_userpw
dbscanOut = inst.dbscan(DEFAULT_BENAME, 'replication_changelog')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:3015: in dbscan
output = subprocess.check_output(cmd)
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4'],)
kwargs = {'stdout': -1}
process = <Popen: returncode: -6 args: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slap...>
stdout = b'', stderr = None, retcode = -6

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4']' died with <Signals.SIGABRT: 6>.

/usr/lib64/python3.9/subprocess.py:528: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology.
------------------------------Captured stderr call------------------------------
free(): double free detected in tcache 2
-------------------------------Captured log call--------------------------------
INFO tests.suites.password.regression_test:regression_test.py:255 Enable plugins... INFO tests.suites.password.regression_test:regression_test.py:270 create users and group... INFO lib389:__init__.py:3014 Running script: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4']
-----------------------------Captured log teardown------------------------------
INFO tests.suites.password.regression_test:regression_test.py:108 Deleting user-uid=UIDpwtest1,ou=People,dc=example,dc=com INFO tests.suites.password.regression_test:regression_test.py:83 Reset pwpolicy configuration settings
Failed suites/plugins/accpol_test.py::test_glnologin_attr 24.67
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glnologin_attr(topology_st, accpol_global):
"""Verify if user account is inactivated based on createTimeStamp attribute, no lastLoginTime attribute present

:id: 3032f670-705d-4f69-96f5-d75445cffcfb
:setup: Standalone instance, Local account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with createTimestamp as stateattrname
2. lastLoginTime attribute will not be effective.
3. Add few users to ou=groups subtree in the default suffix
4. Wait for 10 secs and check if account is not inactivated, expected 0
5. Modify AccountInactivityLimit to 20 secs
6. Wait for +9 secs and check if account is not inactivated, expected 0
7. Wait for +3 secs and check if account is inactivated, error 19
8. Modify accountInactivityLimit to 3 secs
9. Add few users to ou=groups subtree in the default suffix
10. Wait for 3 secs and check if account is inactivated, error 19
11. Modify accountInactivityLimit to 30 secs
12. Add few users to ou=groups subtree in the default suffix
13. Wait for 90 secs and check if account is not inactivated, expected 0
14. Wait for +28 secs and check if account is not inactivated, expected 0
15. Wait for +2 secs and check if account is inactivated, error 19
16. Replace the lastLoginTime attribute and check if account is activated
17. Modify accountInactivityLimit to 12 secs, which is the default
18. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Success
15. Success
16. Success
17. Success
18. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nologinusr"
nousrs = 3

log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
log.info('Set attribute StateAttrName to createTimestamp, loginTime attr wont be considered')
modify_attr(topology_st, ACCP_CONF, 'stateattrname', 'createTimestamp')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 2)
log.info('Sleep for 9 secs to check if account is not inactivated, expected 0')
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, nousrs, 2, "Enabled")

modify_attr(topology_st, ACCP_CONF, 'accountInactivityLimit', '20')
time.sleep(9)
> account_status(topology_st, suffix, subtree, userid, nousrs, 2, "Enabled")

suites/plugins/accpol_test.py:586:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:311: in account_status
raise e
suites/plugins/accpol_test.py:308: in account_status
user.bind(USER_PASW)
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1021: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1014: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9c5aca0>
func = <built-in method result4 of LDAP object at 0x7f10e9c7d2d0>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'msgtype': 97, 'msgid': 1, 'result': 19, 'desc': 'Constraint violation', 'ctrls': [], 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: CONSTRAINT_VIOLATION
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:575 AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs INFO lib389.utils:accpol_test.py:576 Set attribute StateAttrName to createTimestamp, loginTime attr wont be considered INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:580 Sleep for 9 secs to check if account is not inactivated, expected 0 INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN ERROR lib389.utils:accpol_test.py:310 User uid=nologinusr3,ou=groups,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_glnoalt_stattr 4.49
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glnoalt_stattr(topology_st, accpol_global):
"""Verify if user account can be inactivated based on lastLoginTime attribute, altstateattrname set to 1.1

:id: 8dcc3540-578f-422a-bb44-28c2cf20dbcd
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to 1.1
2. Add few users to ou=groups subtree in the default suffix
3. Wait till it reaches accountInactivityLimit
4. Remove lastLoginTime attribute from the user entry
5. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present
6. Wait till it reaches accountInactivityLimit and check users, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nologinusr"
nousrs = 3
log.info('Set attribute altStateAttrName to 1.1')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', '1.1')
topology_st.standalone.restart(timeout=10)
> add_users(topology_st, suffix, subtree, userid, nousrs, 0)

suites/plugins/accpol_test.py:643:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:283: in add_users
users.create(properties=user_properties)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1215: in create
return co.create(rdn, properties, self._basedn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eb442040>
func = <built-in method result4 of LDAP object at 0x7f10eada0cf0>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.ALREADY_EXISTS: {'msgtype': 105, 'msgid': 5, 'result': 68, 'desc': 'Already exists', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: ALREADY_EXISTS
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:640 Set attribute altStateAttrName to 1.1 INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs
Failed suites/plugins/accpol_test.py::test_glattr_modtime 17.99
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glattr_modtime(topology_st, accpol_global):
"""Verify if user account can be inactivated based on modifyTimeStamp attribute

:id: 67380839-2966-45dc-848a-167a954153e1
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to modifyTimestamp
2. Add few users to ou=groups subtree in the default suffix
3. Wait till the accountInactivityLimit exceeded and check users, expected error 19
4. Modify cn attribute for user, ModifyTimeStamp is updated.
5. Check if user is activated based on ModifyTimeStamp attribute, expected 0
6. Change the plugin to use createTimeStamp and remove lastLoginTime attribute
7. Check if account is inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "modtimeusr"
nousrs = 3
log.info('Set attribute altStateAttrName to modifyTimestamp')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', 'modifyTimestamp')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 13 secs to check if account is inactivated, expected 0')
time.sleep(13)
check_attr(topology_st, suffix, subtree, userid, nousrs, "modifyTimeStamp=*")
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:694:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
suffix = 'dc=example,dc=com', subtree = 'ou=groups', userid = 'modtimeusr'
nousrs = 3, ulimit = 0, tochck = 'Disabled'

def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck):
"""Check account status for the given suffix, subtree, userid and nousrs"""

while (nousrs > ulimit):
usrrdn = '{}{}'.format(userid, nousrs)
userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)
user = UserAccount(topology_st.standalone, dn=userdn)
if (tochck == "Enabled"):
try:
user.bind(USER_PASW)
except ldap.LDAPError as e:
log.error('User {} failed to login, expected 0'.format(userdn))
raise e
elif (tochck == "Expired"):
with pytest.raises(ldap.INVALID_CREDENTIALS):
user.bind(USER_PASW)
log.error('User {} password not expired , expected error 49'.format(userdn))
elif (tochck == "Disabled"):
with pytest.raises(ldap.CONSTRAINT_VIOLATION):
user.bind(USER_PASW)
> log.error('User {} is not inactivated, expected error 19'.format(userdn))
E Failed: DID NOT RAISE <class 'ldap.CONSTRAINT_VIOLATION'>

suites/plugins/accpol_test.py:319: Failed
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:687 Set attribute altStateAttrName to modifyTimestamp INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:691 Sleep for 13 secs to check if account is inactivated, expected 0 INFO lib389.utils:accpol_test.py:202 Check ModifyTimeStamp attribute present for user ERROR lib389.utils:accpol_test.py:319 User uid=modtimeusr3,ou=groups,dc=example,dc=com is not inactivated, expected error 19
Failed suites/plugins/accpol_test.py::test_glnoalt_nologin 27.60
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glnoalt_nologin(topology_st, accpol_global):
"""Verify if account policy plugin works if we set altstateattrname set to 1.1 and alwaysrecordlogin to NO

:id: 49eda7db-84de-47ba-8f81-ac5e4de3a500
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin with altstateattrname to 1.1
2. Set alwaysrecordlogin to NO.
3. Add few users to ou=groups subtree in the default suffix
4. Wait till accountInactivityLimit exceeded and check users, expected 0
5. Check for lastLoginTime attribute, it should not be present
6. Wait for few more secs and check if account is not inactivated, expected 0
7. Run ldapsearch as normal user, expected 0. no lastLoginTime attribute present
8. Set altstateattrname to createTimeStamp
9. Check if user account is inactivated based on createTimeStamp attribute.
10. Account should be inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "norecrodlogusr"
nousrs = 3
log.info('Set attribute altStateAttrName to 1.1')
modify_attr(topology_st, ACCP_CONF, 'altstateattrname', '1.1')
log.info('Set attribute alwaysrecordlogin to No')
modify_attr(topology_st, ACCP_CONF, 'alwaysrecordlogin', 'no')
topology_st.standalone.restart(timeout=10)
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 13 secs to check if account is not inactivated, expected 0')
time.sleep(13)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
time.sleep(3)
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

suites/plugins/accpol_test.py:752:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:311: in account_status
raise e
suites/plugins/accpol_test.py:308: in account_status
user.bind(USER_PASW)
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1021: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1014: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10edba23d0>
func = <built-in method result4 of LDAP object at 0x7f10e9d2f9c0>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'msgtype': 97, 'msgid': 1, 'result': 19, 'desc': 'Constraint violation', 'ctrls': [], 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: CONSTRAINT_VIOLATION
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:742 Set attribute altStateAttrName to 1.1 INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN INFO lib389.utils:accpol_test.py:744 Set attribute alwaysrecordlogin to No INFO lib389.utils:accpol_test.py:189 Modify attribute value for a given DN INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:748 Sleep for 13 secs to check if account is not inactivated, expected 0 ERROR lib389.utils:accpol_test.py:310 User uid=norecrodlogusr1,ou=groups,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_glinact_nsact 15.75
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glinact_nsact(topology_st, accpol_global):
"""Verify if user account can be activated using dsidm.

:id: 876a7a7c-0b3f-4cd2-9b45-1dc80846e334
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Configure Global account policy plugin
2. Add few users to ou=groups subtree in the default suffix
3. Wait for few secs and inactivate user using dsidm
4. Wait till accountInactivityLimit exceeded.
5. Run ldapsearch as normal user, expected error 19.
6. Activate user using ns-activate.pl script
7. Check if account is activated, expected error 19
8. Replace the lastLoginTime attribute and check if account is activated
9. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nsactusr"
nousrs = 1

log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 3 secs to check if account is not inactivated, expected value 0')
time.sleep(3)
nsact_inact(topology_st, suffix, subtree, userid, nousrs, "unlock", "")
log.info('Sleep for 10 secs to check if account is inactivated, expected value 19')
time.sleep(10)
nsact_inact(topology_st, suffix, subtree, userid, nousrs, "unlock", "")
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:807:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
suffix = 'dc=example,dc=com', subtree = 'ou=groups', userid = 'nsactusr'
nousrs = 1, ulimit = 0, tochck = 'Disabled'

def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck):
"""Check account status for the given suffix, subtree, userid and nousrs"""

while (nousrs > ulimit):
usrrdn = '{}{}'.format(userid, nousrs)
userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)
user = UserAccount(topology_st.standalone, dn=userdn)
if (tochck == "Enabled"):
try:
user.bind(USER_PASW)
except ldap.LDAPError as e:
log.error('User {} failed to login, expected 0'.format(userdn))
raise e
elif (tochck == "Expired"):
with pytest.raises(ldap.INVALID_CREDENTIALS):
user.bind(USER_PASW)
log.error('User {} password not expired , expected error 49'.format(userdn))
elif (tochck == "Disabled"):
with pytest.raises(ldap.CONSTRAINT_VIOLATION):
user.bind(USER_PASW)
> log.error('User {} is not inactivated, expected error 19'.format(userdn))
E Failed: DID NOT RAISE <class 'ldap.CONSTRAINT_VIOLATION'>

suites/plugins/accpol_test.py:319: Failed
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:799 AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:801 Sleep for 3 secs to check if account is not inactivated, expected value 0 INFO lib389.utils:accpol_test.py:162 Account activate/in-activate/status using dsidm INFO lib389.utils:accpol_test.py:166 Running unlock for user uid=nsactusr1,ou=groups,dc=example,dc=com INFO lib389.utils:accpol_test.py:174 Running ['/usr/sbin/dsidm', 'slapd-standalone1', '-b', 'dc=example,dc=com', 'account', 'unlock', 'uid=nsactusr1,ou=groups,dc=example,dc=com'] for user uid=nsactusr1,ou=groups,dc=example,dc=com INFO lib389.utils:accpol_test.py:180 output: b'Error: Account is already active\n' INFO lib389.utils:accpol_test.py:804 Sleep for 10 secs to check if account is inactivated, expected value 19 INFO lib389.utils:accpol_test.py:162 Account activate/in-activate/status using dsidm INFO lib389.utils:accpol_test.py:166 Running unlock for user uid=nsactusr1,ou=groups,dc=example,dc=com INFO lib389.utils:accpol_test.py:174 Running ['/usr/sbin/dsidm', 'slapd-standalone1', '-b', 'dc=example,dc=com', 'account', 'unlock', 'uid=nsactusr1,ou=groups,dc=example,dc=com'] for user uid=nsactusr1,ou=groups,dc=example,dc=com INFO lib389.utils:accpol_test.py:180 output: b'Error: Account is already active\n' ERROR lib389.utils:accpol_test.py:319 User uid=nsactusr1,ou=groups,dc=example,dc=com is not inactivated, expected error 19
Failed suites/plugins/accpol_test.py::test_glinact_acclock 14.27
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glinact_acclock(topology_st, accpol_global):
"""Verify if user account is activated when account is unlocked by passwordlockoutduration.

:id: 43601a61-065c-4c80-a7c2-e4f6ae17beb8
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Wait for few secs and attempt invalid binds for user
3. User account should be locked based on Account Lockout policy.
4. Wait till accountInactivityLimit exceeded and check users, expected error 19
5. Wait for passwordlockoutduration and check if account is active
6. Check if account is unlocked, expected error 19, since account is inactivated
7. Replace the lastLoginTime attribute and check users, expected 0
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "pwlockusr"
nousrs = 1
log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 3 secs and try invalid binds to lockout the user')
time.sleep(3)

pwacc_lock(topology_st, suffix, subtree, userid, nousrs)
log.info('Sleep for 10 secs to check if account is inactivated, expected value 19')
time.sleep(10)
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:852:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
suffix = 'dc=example,dc=com', subtree = 'ou=groups', userid = 'pwlockusr'
nousrs = 1, ulimit = 0, tochck = 'Disabled'

def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck):
"""Check account status for the given suffix, subtree, userid and nousrs"""

while (nousrs > ulimit):
usrrdn = '{}{}'.format(userid, nousrs)
userdn = 'uid={},{},{}'.format(usrrdn, subtree, suffix)
user = UserAccount(topology_st.standalone, dn=userdn)
if (tochck == "Enabled"):
try:
user.bind(USER_PASW)
except ldap.LDAPError as e:
log.error('User {} failed to login, expected 0'.format(userdn))
raise e
elif (tochck == "Expired"):
with pytest.raises(ldap.INVALID_CREDENTIALS):
user.bind(USER_PASW)
log.error('User {} password not expired , expected error 49'.format(userdn))
elif (tochck == "Disabled"):
with pytest.raises(ldap.CONSTRAINT_VIOLATION):
user.bind(USER_PASW)
> log.error('User {} is not inactivated, expected error 19'.format(userdn))
E Failed: DID NOT RAISE <class 'ldap.CONSTRAINT_VIOLATION'>

suites/plugins/accpol_test.py:319: Failed
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:844 AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:846 Sleep for 3 secs and try invalid binds to lockout the user INFO lib389.utils:accpol_test.py:118 Lockout user account by attempting invalid password binds INFO lib389.utils:accpol_test.py:850 Sleep for 10 secs to check if account is inactivated, expected value 19 ERROR lib389.utils:accpol_test.py:319 User uid=pwlockusr1,ou=groups,dc=example,dc=com is not inactivated, expected error 19
Failed suites/plugins/accpol_test.py::test_glnact_pwexp 14.23
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_global = None

def test_glnact_pwexp(topology_st, accpol_global):
"""Verify if user account is activated when password is reset after password is expired

:id: 3bb97992-101a-4e5a-b60a-4cc21adcc76e
:setup: Standalone instance, Global account policy plugin configuration,
set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Set passwordmaxage to few secs
3. Wait for passwordmaxage to reach and check if password expired
4. Run ldapsearch as normal user, expected error 19.
5. Reset the password for user account
6. Wait till accountInactivityLimit exceeded and check users
7. Run ldapsearch as normal user, expected error 19.
8. Replace the lastLoginTime attribute and check if account is activated
9. Run ldapsearch as normal user, expected 0.
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "pwexpusr"
nousrs = 1
try:
topology_st.standalone.config.set('passwordmaxage', '9')
except ldap.LDAPError as e:
log.error('Failed to change the value of passwordmaxage to 9')
raise e
log.info('AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs')
log.info('Passwordmaxage is set to 9. Password will expire in 9 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)

log.info('Sleep for 9 secs and check if password expired')
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Expired")
time.sleep(4) # Passed inactivity
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")

suites/plugins/accpol_test.py:917:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:318: in account_status
user.bind(USER_PASW)
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1021: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1014: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9c28eb0>
func = <built-in method result4 of LDAP object at 0x7f10ed88f840>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INVALID_CREDENTIALS: {'msgtype': 97, 'msgid': 1, 'result': 49, 'desc': 'Invalid credentials', 'ctrls': [('2.16.840.1.113730.3.4.4', 0, b'0')], 'info': 'password expired!'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INVALID_CREDENTIALS
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:909 AccountInactivityLimit set to 12. Account will be inactivated if not accessed in 12 secs INFO lib389.utils:accpol_test.py:910 Passwordmaxage is set to 9. Password will expire in 9 secs INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:913 Sleep for 9 secs and check if password expired
Failed suites/plugins/accpol_test.py::test_locact_inact 32.49
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_local = None

def test_locact_inact(topology_st, accpol_local):
"""Verify if user account is inactivated when accountInactivityLimit is exceeded.

:id: 02140e36-79eb-4d88-ba28-66478689289b
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs before it reaches accountInactivityLimit and check users.
3. Run ldapsearch as normal user, expected 0
4. Wait till accountInactivityLimit is exceeded
5. Run ldapsearch as normal user and check if its inactivated, expected error 19.
6. Replace user's lastLoginTime attribute and check if its activated, expected 0
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Should return error code 19
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "inactusr"
nousrs = 3
log.info('AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 9 secs to check if account is not inactivated, expected value 0')
time.sleep(9)
log.info('Account should not be inactivated since AccountInactivityLimit not exceeded')
account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled")
log.info('Sleep for 2 more secs to check if account is inactivated')
time.sleep(2)
account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled")
log.info('Sleep +9 secs to check if account {}3 is inactivated'.format(userid))
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled")
log.info('Add lastLoginTime attribute to all users and check if its activated')
add_time_attr(topology_st, suffix, subtree, userid, nousrs, 'lastLoginTime')
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

suites/plugins/accpol_test.py:995:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:311: in account_status
raise e
suites/plugins/accpol_test.py:308: in account_status
user.bind(USER_PASW)
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1021: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1014: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea922160>
func = <built-in method result4 of LDAP object at 0x7f10e9c8af90>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'msgtype': 97, 'msgid': 1, 'result': 19, 'desc': 'Constraint violation', 'ctrls': [], 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: CONSTRAINT_VIOLATION
-------------------------------Captured log setup-------------------------------
INFO lib389.utils:accpol_test.py:80 Adding Local account policy plugin configuration entries
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:981 AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:983 Sleep for 9 secs to check if account is not inactivated, expected value 0 INFO lib389.utils:accpol_test.py:985 Account should not be inactivated since AccountInactivityLimit not exceeded INFO lib389.utils:accpol_test.py:987 Sleep for 2 more secs to check if account is inactivated INFO lib389.utils:accpol_test.py:990 Sleep +9 secs to check if account inactusr3 is inactivated INFO lib389.utils:accpol_test.py:993 Add lastLoginTime attribute to all users and check if its activated INFO lib389.utils:accpol_test.py:219 Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute ERROR lib389.utils:accpol_test.py:310 User uid=inactusr3,ou=people,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/accpol_test.py::test_locinact_modrdn 26.17
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eb442d30>
accpol_local = None

def test_locinact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when moved from ou=groups to ou=people subtree.

:id: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps:
1. Add few users to ou=groups subtree in the default suffix
2. Plugin configured to ou=people subtree only.
3. Wait for few secs before it reaches accountInactivityLimit and check users.
4. Run ldapsearch as normal user, expected 0
5. Wait till accountInactivityLimit exceeded
6. Move users from ou=groups subtree to ou=people subtree
7. Check if users are inactivated, expected error 19
:assert:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Should return error code 0 and 19
"""

suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nolockusr"
nousrs = 1
log.info('Account should not be inactivated since the subtree is not configured')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('Sleep for 11 secs to check if account is not inactivated, expected value 0')
time.sleep(11)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
log.info('Moving users from ou=groups to ou=people subtree')
user = UserAccount(topology_st.standalone, dn='uid=nolockusr1,ou=groups,dc=example,dc=com')
try:
user.rename('uid=nolockusr1', newsuperior='ou=people,dc=example,dc=com')
except ldap.LDAPError as e:
log.error('Failed to move user uid=nolockusr1 from ou=groups to ou=people')
raise e
subtree = "ou=people"
log.info('Then wait for 11 secs and check if entries are inactivated')
time.sleep(11)
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Disabled")
add_time_attr(topology_st, suffix, subtree, userid, nousrs, 'lastLoginTime')
> account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")

suites/plugins/accpol_test.py:1044:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/plugins/accpol_test.py:311: in account_status
raise e
suites/plugins/accpol_test.py:308: in account_status
user.bind(USER_PASW)
/usr/local/lib/python3.9/site-packages/lib389/idm/account.py:212: in bind
inst_clone.open(*args, **kwargs)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1021: in open
raise e
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1014: in open
self.simple_bind_s(ensure_str(self.binddn), self.bindpw, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:455: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eda0df10>
func = <built-in method result4 of LDAP object at 0x7f10ec7ce780>
args = (1, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.CONSTRAINT_VIOLATION: {'msgtype': 97, 'msgid': 1, 'result': 19, 'desc': 'Constraint violation', 'ctrls': [], 'info': 'Account inactivity limit exceeded. Contact system administrator to reset.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: CONSTRAINT_VIOLATION
-------------------------------Captured log call--------------------------------
INFO lib389.utils:accpol_test.py:1027 Account should not be inactivated since the subtree is not configured INFO lib389.utils:accpol_test.py:271 add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO lib389.utils:accpol_test.py:1029 Sleep for 11 secs to check if account is not inactivated, expected value 0 INFO lib389.utils:accpol_test.py:1032 Moving users from ou=groups to ou=people subtree INFO lib389.utils:accpol_test.py:1040 Then wait for 11 secs and check if entries are inactivated INFO lib389.utils:accpol_test.py:219 Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute ERROR lib389.utils:accpol_test.py:310 User uid=nolockusr1,ou=people,dc=example,dc=com failed to login, expected 0
Failed suites/plugins/managed_entry_test.py::test_mentry01 9.62
topo = <lib389.topologies.TopologyMain object at 0x7f10eb034df0>
_create_inital = None

def test_mentry01(topo, _create_inital):
"""Test Managed Entries basic functionality

:id: 9b87493b-0493-46f9-8364-6099d0e5d806
:setup: Standalone Instance
:steps:
1. Check the plug-in status
2. Add Template and definition entry
3. Add our org units
4. Add users with PosixAccount ObjectClass and verify creation of User Private Group
5. Disable the plug-in and check the status
6. Enable the plug-in and check the status the plug-in is disabled and creation of UPG should fail
7. Add users with PosixAccount ObjectClass and verify creation of User Private Group
8. Add users, run ModRDN operation and check the User Private group
9. Add users, run LDAPMODIFY to change the gidNumber and check the User Private group
10. Checking whether creation of User Private group fails for existing group entry
11. Checking whether adding of posixAccount objectClass to existing user creates UPG
12. Running ModRDN operation and checking the user private groups mepManagedBy attribute
13. Deleting mepManagedBy attribute and running ModRDN operation to check if it creates a new UPG
14. Change the RDN of template entry, DSA Unwilling to perform error expected
15. Change the RDN of cn=Users to cn=TestUsers and check UPG are deleted
:expected results:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
12. Success
13. Success
14. Fail(Unwilling to perform )
15. Success
"""
# Check the plug-in status
mana = ManagedEntriesPlugin(topo.standalone)
assert mana.status()
# Add Template and definition entry
org1 = OrganizationalUnits(topo.standalone, DEFAULT_SUFFIX).create(properties={'ou': 'Users'})
org2 = OrganizationalUnit(topo.standalone, f'ou=Groups,{DEFAULT_SUFFIX}')
meps = MEPTemplates(topo.standalone, DEFAULT_SUFFIX)
mep_template1 = meps.create(properties={
'cn': 'UPG Template1',
'mepRDNAttr': 'cn',
'mepStaticAttr': 'objectclass: posixGroup',
'mepMappedAttr': 'cn: $uid|gidNumber: $gidNumber|description: User private group for $uid'.split('|')})
conf_mep = MEPConfigs(topo.standalone)
mep_config = conf_mep.create(properties={
'cn': 'UPG Definition2',
'originScope': org1.dn,
'originFilter': 'objectclass=posixaccount',
'managedBase': org2.dn,
'managedTemplate': mep_template1.dn})
# Add users with PosixAccount ObjectClass and verify creation of User Private Group
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
assert user.get_attr_val_utf8('mepManagedEntry') == f'cn=test_user_1000,ou=Groups,{DEFAULT_SUFFIX}'
# Disable the plug-in and check the status
mana.disable()
user.delete()
topo.standalone.restart()
# Add users with PosixAccount ObjectClass when the plug-in is disabled and creation of UPG should fail
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
assert not user.get_attr_val_utf8('mepManagedEntry')
# Enable the plug-in and check the status
mana.enable()
user.delete()
topo.standalone.restart()
# Add users with PosixAccount ObjectClass and verify creation of User Private Group
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
assert user.get_attr_val_utf8('mepManagedEntry') == f'cn=test_user_1000,ou=Groups,{DEFAULT_SUFFIX}'
# Add users, run ModRDN operation and check the User Private group
# Add users, run LDAPMODIFY to change the gidNumber and check the User Private group
user.rename(new_rdn='uid=UserNewRDN', newsuperior='ou=Users,dc=example,dc=com')
assert user.get_attr_val_utf8('mepManagedEntry') == f'cn=UserNewRDN,ou=Groups,{DEFAULT_SUFFIX}'
user.replace('gidNumber', '20209')
entry = Account(topo.standalone, f'cn=UserNewRDN,ou=Groups,{DEFAULT_SUFFIX}')
assert entry.get_attr_val_utf8('gidNumber') == '20209'
user.replace_many(('sn', 'new_modified_sn'), ('gidNumber', '31309'))
assert entry.get_attr_val_utf8('gidNumber') == '31309'
user.delete()
# Checking whether creation of User Private group fails for existing group entry
grp = Groups(topo.standalone, f'ou=Groups,{DEFAULT_SUFFIX}', rdn=None).create(properties={'cn': 'MENTRY_14'})
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
with pytest.raises(ldap.NO_SUCH_OBJECT):
entry.status()
user.delete()
# Checking whether adding of posixAccount objectClass to existing user creates UPG
# Add Users without posixAccount objectClass
users = WithObjectClass(topo.standalone, f'uid=test_test, ou=Users,{DEFAULT_SUFFIX}')
user_properties1 = {'uid': 'test_test', 'cn': 'test', 'sn': 'test', 'mail': 'sasa@sasa.com', 'telephoneNumber': '123'}
user = users.create(properties=user_properties1)
assert not user.get_attr_val_utf8('mepManagedEntry')
# Add posixAccount objectClass
user.replace_many(('objectclass', ['top', 'person', 'inetorgperson', 'posixAccount']),
('homeDirectory', '/home/ok'),
('uidNumber', '61603'), ('gidNumber', '61603'))
assert not user.get_attr_val_utf8('mepManagedEntry')
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
entry = Account(topo.standalone, 'cn=test_user_1000,ou=Groups,dc=example,dc=com')
# Add inetuser objectClass
user.replace_many(
('objectclass', ['top', 'account', 'posixaccount', 'inetOrgPerson',
'organizationalPerson', 'nsMemberOf', 'nsAccount',
'person', 'mepOriginEntry', 'inetuser']),
('memberOf', entry.dn))
assert entry.status()
user.delete()
user = UserAccounts(topo.standalone, f'ou=Users,{DEFAULT_SUFFIX}', rdn=None).create_test_user()
entry = Account(topo.standalone, 'cn=test_user_1000,ou=Groups,dc=example,dc=com')
# Add groupofNames objectClass
user.replace_many(
('objectclass', ['top', 'account', 'posixaccount', 'inetOrgPerson',
'organizationalPerson', 'nsMemberOf', 'nsAccount',
'person', 'mepOriginEntry', 'groupofNames']),
('memberOf', user.dn))
assert entry.status()
# Running ModRDN operation and checking the user private groups mepManagedBy attribute
user.replace('mepManagedEntry', f'uid=CheckModRDN,ou=Users,{DEFAULT_SUFFIX}')
> user.rename(new_rdn='uid=UserNewRDN', newsuperior='ou=Users,dc=example,dc=com')

suites/plugins/managed_entry_test.py:238:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:796: in rename
self._instance.rename_s(self._dn, new_rdn, newsuperior,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:702: in rename_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9f9bf10>
func = <built-in method result4 of LDAP object at 0x7f10edba3600>
args = (54, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.NO_SUCH_OBJECT: {'msgtype': 109, 'msgid': 54, 'result': 32, 'desc': 'No such object', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: NO_SUCH_OBJECT
Failed suites/plugins/memberof_test.py::test_memberof_auto_add_oc 2.75
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eabd0d60>

def test_memberof_auto_add_oc(topology_st):
"""Test the auto add objectclass (OC) feature. The plugin should add a predefined
objectclass that will allow memberOf to be added to an entry.

:id: d222af17-17a6-48a0-8f22-a38306726a25
:setup: Standalone instance
:steps:
1. Enable dynamic plugins
2. Enable memberOf plugin
3. Test that the default add OC works.
4. Add a group that already includes one user
5. Assert memberOf on user1
6. Delete user1 and the group
7. Test invalid value (config validation)
8. Add valid objectclass
9. Add two users
10. Add a group that already includes one user
11. Add a user to the group
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
"""

# enable dynamic plugins
try:
topology_st.standalone.modify_s(DN_CONFIG,
[(ldap.MOD_REPLACE,
'nsslapd-dynamic-plugins',
b'on')])
except ldap.LDAPError as e:
ldap.error('Failed to enable dynamic plugins! ' + e.message['desc'])
assert False

# Enable the plugin
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)

# Test that the default add OC works.

try:
topology_st.standalone.add_s(Entry((USER1_DN,
{'objectclass': 'top',
'objectclass': 'person',
'objectclass': 'organizationalPerson',
'objectclass': 'inetorgperson',
'sn': 'last',
'cn': 'full',
'givenname': 'user1',
'uid': 'user1'
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user1 entry, error: ' + e.message['desc'])
assert False

# Add a group(that already includes one user
try:
topology_st.standalone.add_s(Entry((GROUP_DN,
{'objectclass': 'top',
'objectclass': 'groupOfNames',
'cn': 'group',
'member': USER1_DN
})))
except ldap.LDAPError as e:
log.fatal('Failed to add group entry, error: ' + e.message['desc'])
assert False

# Assert memberOf on user1
_check_memberof(topology_st, USER1_DN, GROUP_DN)

# Reset for the next test ....
topology_st.standalone.delete_s(USER1_DN)
topology_st.standalone.delete_s(GROUP_DN)

# Test invalid value (config validation)
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
try:
topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofAutoAddOC',
b'invalid123')])
log.fatal('Incorrectly added invalid objectclass!')
assert False
except ldap.UNWILLING_TO_PERFORM:
log.info('Correctly rejected invalid objectclass')
except ldap.LDAPError as e:
ldap.error('Unexpected error adding invalid objectclass - error: ' + e.message['desc'])
assert False


# Add valid objectclass
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
try:
> topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofAutoAddOC',
b'inetuser')])

suites/plugins/memberof_test.py:2762:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofAutoAddOC', b'inetuser')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e9c62640, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...93, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8933bc0, file '/export/tests/suites/plugins/memberof_test.py', line 2768, code test_m...n='test_memberof_auto_add_oc', code_context=[' topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofAutoAddOC', b'inetuser')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofAutoAddOC', b'inetuser')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofAutoAddOC', b'inetuser')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (919,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>, msgid = 919, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (919, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>, msgid = 919, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10e9c7a6c0>, 919, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>
func = <built-in method result4 of LDAP object at 0x7f10e9c7a6c0>
args = (919, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'msgtype': 103, 'msgid': 919, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []})
exc_traceback = <traceback object at 0x7f10e9fdf5c0>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eabd0190>
func = <built-in method result4 of LDAP object at 0x7f10e9c7a6c0>
args = (919, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 919, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10eabd0d60>

def test_memberof_auto_add_oc(topology_st):
"""Test the auto add objectclass (OC) feature. The plugin should add a predefined
objectclass that will allow memberOf to be added to an entry.

:id: d222af17-17a6-48a0-8f22-a38306726a25
:setup: Standalone instance
:steps:
1. Enable dynamic plugins
2. Enable memberOf plugin
3. Test that the default add OC works.
4. Add a group that already includes one user
5. Assert memberOf on user1
6. Delete user1 and the group
7. Test invalid value (config validation)
8. Add valid objectclass
9. Add two users
10. Add a group that already includes one user
11. Add a user to the group
:expectedresults:
1. Success
2. Success
3. Success
4. Success
5. Success
6. Success
7. Success
8. Success
9. Success
10. Success
11. Success
"""

# enable dynamic plugins
try:
topology_st.standalone.modify_s(DN_CONFIG,
[(ldap.MOD_REPLACE,
'nsslapd-dynamic-plugins',
b'on')])
except ldap.LDAPError as e:
ldap.error('Failed to enable dynamic plugins! ' + e.message['desc'])
assert False

# Enable the plugin
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)

# Test that the default add OC works.

try:
topology_st.standalone.add_s(Entry((USER1_DN,
{'objectclass': 'top',
'objectclass': 'person',
'objectclass': 'organizationalPerson',
'objectclass': 'inetorgperson',
'sn': 'last',
'cn': 'full',
'givenname': 'user1',
'uid': 'user1'
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user1 entry, error: ' + e.message['desc'])
assert False

# Add a group(that already includes one user
try:
topology_st.standalone.add_s(Entry((GROUP_DN,
{'objectclass': 'top',
'objectclass': 'groupOfNames',
'cn': 'group',
'member': USER1_DN
})))
except ldap.LDAPError as e:
log.fatal('Failed to add group entry, error: ' + e.message['desc'])
assert False

# Assert memberOf on user1
_check_memberof(topology_st, USER1_DN, GROUP_DN)

# Reset for the next test ....
topology_st.standalone.delete_s(USER1_DN)
topology_st.standalone.delete_s(GROUP_DN)

# Test invalid value (config validation)
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
try:
topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofAutoAddOC',
b'invalid123')])
log.fatal('Incorrectly added invalid objectclass!')
assert False
except ldap.UNWILLING_TO_PERFORM:
log.info('Correctly rejected invalid objectclass')
except ldap.LDAPError as e:
ldap.error('Unexpected error adding invalid objectclass - error: ' + e.message['desc'])
assert False


# Add valid objectclass
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
try:
topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofAutoAddOC',
b'inetuser')])
except ldap.LDAPError as e:
> log.fatal('Failed to configure memberOf plugin: error ' + e.message['desc'])
E AttributeError: 'UNWILLING_TO_PERFORM' object has no attribute 'message'

suites/plugins/memberof_test.py:2767: AttributeError
-------------------------------Captured log call--------------------------------
INFO tests.suites.plugins.memberof_test:memberof_test.py:109 Lookup memberof from uid=user1,dc=example,dc=com INFO tests.suites.plugins.memberof_test:memberof_test.py:116 memberof: cn=group,dc=example,dc=com INFO tests.suites.plugins.memberof_test:memberof_test.py:119 --> membership verified INFO tests.suites.plugins.memberof_test:memberof_test.py:2753 Correctly rejected invalid objectclass
Failed suites/replication/encryption_cl5_test.py::test_algorithm_unhashed 52.27
topology_with_tls = <lib389.topologies.TopologyMain object at 0x7f10e9d53bb0>

def test_algorithm_unhashed(topology_with_tls):
"""Check encryption algorithm AES
And check unhashed#user#password attribute for encryption.

:id: b7a37bf8-4b2e-4dbd-9891-70117d67558c
:parametrized: yes
:setup: Replication with two suppliers and SSL configured.
:steps: 1. Enable changelog encrytion on supplier1
2. Add a user to supplier1/supplier2
3. Run dbscan -f on m1 to check unhashed#user#password
attribute is encrypted.
4. Run dbscan -f on m2 to check unhashed#user#password
attribute is in cleartext.
5. Modify password in supplier2/supplier1
6. Run dbscan -f on m1 to check unhashed#user#password
attribute is encrypted.
7. Run dbscan -f on m2 to check unhashed#user#password
attribute is in cleartext.
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
"""
encryption = 'AES'
m1 = topology_with_tls.ms['supplier1']
m2 = topology_with_tls.ms['supplier2']
m1.config.set('nsslapd-unhashed-pw-switch', 'on')
m2.config.set('nsslapd-unhashed-pw-switch', 'on')
test_passw = 'm2Test199'

_enable_changelog_encryption(m1, encryption)

for inst1, inst2 in ((m1, m2), (m2, m1)):
# need to create a user specific to the encryption
# else the two runs will hit the same user
user_props={
'uid': 'testuser_%s' % encryption,
'cn' : 'testuser_%s' % encryption,
'sn' : 'user',
'uidNumber' : '1000',
'gidNumber' : '1000',
'homeDirectory' : '/home/testuser_%s' % encryption
}
user_props["userPassword"] = PASSWORD
users = UserAccounts(inst1, DEFAULT_SUFFIX)
tuser = users.create(properties=user_props)

> _check_unhashed_userpw_encrypted(m1, 'add', tuser.dn, PASSWORD, True)

suites/replication/encryption_cl5_test.py:137:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
suites/replication/encryption_cl5_test.py:65: in _check_unhashed_userpw_encrypted
dbscanOut = inst.dbscan(DEFAULT_BENAME, 'replication_changelog')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:3015: in dbscan
output = subprocess.check_output(cmd)
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4'],)
kwargs = {'stdout': -1}
process = <Popen: returncode: -6 args: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slap...>
stdout = b'', stderr = None, retcode = -6

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4']' died with <Signals.SIGABRT: 6>.

/usr/lib64/python3.9/subprocess.py:528: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect e5d81d06-eeba-4d1a-bbac-17c41ba9af9c / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect eb64b5f7-5a3d-4dc4-a362-cc207001d7af / got description=e5d81d06-eeba-4d1a-bbac-17c41ba9af9c) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.replica:replica.py:2498 Retry: Replication from ldaps://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63701 to ldaps://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63702 is NOT working (expect 15e4b744-91c0-4055-a357-0ac90ec2c777 / got description=eb64b5f7-5a3d-4dc4-a362-cc207001d7af) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldaps://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63701 to ldaps://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63702 is working
------------------------------Captured stderr call------------------------------
free(): double free detected in tcache 2
-------------------------------Captured log call--------------------------------
INFO tests.suites.replication.encryption_cl5_test:encryption_cl5_test.py:47 Configuring changelog encryption:supplier1 for: AES INFO tests.suites.replication.encryption_cl5_test:encryption_cl5_test.py:64 Running dbscan -f to check unhashed#user#password attr INFO lib389:__init__.py:3014 Running script: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-supplier1/db/userRoot/replication_changelog.db4']
Failed tickets/ticket47781_test.py::test_ticket47781 14.70
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9c58a00>

def test_ticket47781(topology_st):
"""
Testing for a deadlock after doing an online import of an LDIF with
replication data. The replication agreement should be invalid.
"""

log.info('Testing Ticket 47781 - Testing for deadlock after importing LDIF with replication data')

supplier = topology_st.standalone
repl = ReplicationManager(DEFAULT_SUFFIX)
repl.create_first_supplier(supplier)

properties = {RA_NAME: r'meTo_$host:$port',
RA_BINDDN: defaultProperties[REPLICATION_BIND_DN],
RA_BINDPW: defaultProperties[REPLICATION_BIND_PW],
RA_METHOD: defaultProperties[REPLICATION_BIND_METHOD],
RA_TRANSPORT_PROT: defaultProperties[REPLICATION_TRANSPORT]}
# The agreement should point to a server that does NOT exist (invalid port)
repl_agreement = supplier.agreement.create(suffix=DEFAULT_SUFFIX,
host=supplier.host,
port=5555,
properties=properties)

#
# add two entries
#
log.info('Adding two entries...')

supplier.add_s(Entry(('cn=entry1,dc=example,dc=com', {
'objectclass': 'top person'.split(),
'sn': 'user',
'cn': 'entry1'})))

supplier.add_s(Entry(('cn=entry2,dc=example,dc=com', {
'objectclass': 'top person'.split(),
'sn': 'user',
'cn': 'entry2'})))

#
# export the replication ldif
#
log.info('Exporting replication ldif...')
args = {EXPORT_REPL_INFO: True}
exportTask = Tasks(supplier)
exportTask.exportLDIF(DEFAULT_SUFFIX, None, "/tmp/export.ldif", args)

#
# Restart the server
#
log.info('Restarting server...')
supplier.stop()
supplier.start()

#
# Import the ldif
#
log.info('Import replication LDIF file...')
importTask = Tasks(supplier)
args = {TASK_WAIT: True}
> importTask.importLDIF(DEFAULT_SUFFIX, None, "/tmp/export.ldif", args)

tickets/ticket47781_test.py:85:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7f10e9c587f0>
suffix = 'dc=example,dc=com', benamebase = None, input_file = '/tmp/export.ldif'
args = {'wait': True}

def importLDIF(self, suffix=None, benamebase=None, input_file=None,
args=None):
'''
Import from a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

'input_file' is the ldif input file

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param ldif_input - file that will contain the entries in LDIF format
to import
@param args - is a dictionary that contains modifier of the import task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return

@return None

@raise ValueError

'''
if self.conn.state != DIRSRV_STATE_ONLINE:
raise ValueError("Invalid Server State %s! Must be online" % self.conn.state)

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not input_file:
raise ValueError("input_file is mandatory")

if not os.path.exists(input_file):
> raise ValueError("Import file (%s) does not exist" % input_file)
E ValueError: Import file (/tmp/export.ldif) does not exist

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:487: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:tasks.py:585 Export task export_04262021_003409 for file /tmp/export.ldif completed successfully
Failed tickets/ticket47871_test.py::test_ticket47871_2 64.79
topology_m1c1 = <lib389.topologies.TopologyMain object at 0x7f10ed958e80>

def test_ticket47871_2(topology_m1c1):
'''
Wait until there is just a last entries
'''
MAX_TRIES = 10
TRY_NO = 1
while TRY_NO <= MAX_TRIES:
time.sleep(6) # at least 1 trimming occurred
ents = topology_m1c1.ms["supplier1"].search_s(RETROCL_SUFFIX, ldap.SCOPE_ONELEVEL, "(objectclass=*)")
assert len(ents) <= MAX_OTHERS
topology_m1c1.ms["supplier1"].log.info("\nTry no %d it remains %d entries" % (TRY_NO, len(ents)))
for ent in ents:
topology_m1c1.ms["supplier1"].log.info("%s" % ent.dn)
if len(ents) > 1:
TRY_NO += 1
else:
break
> assert TRY_NO <= MAX_TRIES
E assert 11 <= 10

tickets/ticket47871_test.py:100: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47871_test.py:93 Try no 1 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 2 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 3 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 4 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 5 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 6 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 7 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 8 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 9 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog INFO lib389:ticket47871_test.py:93 Try no 10 it remains 10 entries INFO lib389:ticket47871_test.py:95 changenumber=1,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=2,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=3,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=4,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=5,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=6,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=7,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=8,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=9,cn=changelog INFO lib389:ticket47871_test.py:95 changenumber=10,cn=changelog
Failed tickets/ticket47910_test.py::test_ticket47910_logconv_start_end_positive 9.93
topology_st = <lib389.topologies.TopologyMain object at 0x7f10edf5e9d0>
log_dir = '/var/log/dirsrv/slapd-standalone1/access'

def test_ticket47910_logconv_start_end_positive(topology_st, log_dir):
'''
Execute logconv.pl with -S and -E(endtime) with random time stamp
This is execute successfully
'''
#
# Execute logconv.pl -S -E with random timestamp
#
log.info('Running test_ticket47910 - Execute logconv.pl -S -E with random values')

log.info("taking current time with offset of 2 mins and formatting it to feed -S")
start_time_stamp = (datetime.now() - timedelta(minutes=2))
formatted_start_time_stamp = format_time(start_time_stamp)

log.info("taking current time with offset of 2 mins and formatting it to feed -E")
end_time_stamp = (datetime.now() + timedelta(minutes=2))
formatted_end_time_stamp = format_time(end_time_stamp)

log.info("Executing logconv.pl with -S and -E")
result = execute_logconv(topology_st.standalone, formatted_start_time_stamp, formatted_end_time_stamp, log_dir)
> assert result == 0
E assert 2 == 0
E +2
E -0

tickets/ticket47910_test.py:91: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.utils:ticket47910_test.py:36 Diable access log buffering INFO lib389.utils:ticket47910_test.py:39 Do a ldapsearch operation INFO lib389.utils:ticket47910_test.py:42 sleep for sometime so that access log file get generated
-------------------------------Captured log call--------------------------------
INFO lib389.utils:ticket47910_test.py:79 Running test_ticket47910 - Execute logconv.pl -S -E with random values INFO lib389.utils:ticket47910_test.py:81 taking current time with offset of 2 mins and formatting it to feed -S INFO lib389.utils:ticket47910_test.py:85 taking current time with offset of 2 mins and formatting it to feed -E INFO lib389.utils:ticket47910_test.py:89 Executing logconv.pl with -S and -E INFO lib389.utils:ticket47910_test.py:61 Executing logconv.pl with -S current time and -E end time INFO lib389.utils:ticket47910_test.py:63 /usr/bin/logconv.pl -S [26/Apr/2021:00:40:07] -E [26/Apr/2021:00:44:07] /var/log/dirsrv/slapd-standalone1/access INFO lib389.utils:ticket47910_test.py:66 standard output INFO lib389.utils:ticket47910_test.py:67 standard errorsCan't locate sigtrap.pm in @INC (you may need to install the sigtrap module) (@INC contains: /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/logconv.pl line 23. BEGIN failed--compilation aborted at /usr/bin/logconv.pl line 23.
Failed tickets/ticket47910_test.py::test_ticket47910_logconv_start_end_negative 0.11
topology_st = <lib389.topologies.TopologyMain object at 0x7f10edf5e9d0>
log_dir = '/var/log/dirsrv/slapd-standalone1/access'

def test_ticket47910_logconv_start_end_negative(topology_st, log_dir):
'''
Execute logconv.pl with -S and -E(endtime) with random time stamp
This is a negative test case, where endtime will be lesser than the
starttime
This should give error message
'''

#
# Execute logconv.pl -S and -E with random timestamp
#
log.info('Running test_ticket47910 - Execute logconv.pl -S -E with starttime>endtime')

log.info("taking current time with offset of 2 mins and formatting it to feed -S")
start_time_stamp = (datetime.now() + timedelta(minutes=2))
formatted_start_time_stamp = format_time(start_time_stamp)

log.info("taking current time with offset of 2 mins and formatting it to feed -E")
end_time_stamp = (datetime.now() - timedelta(minutes=2))
formatted_end_time_stamp = format_time(end_time_stamp)

log.info("Executing logconv.pl with -S and -E")
result = execute_logconv(topology_st.standalone, formatted_start_time_stamp, formatted_end_time_stamp, log_dir)
> assert result == 1
E assert 2 == 1
E +2
E -1

tickets/ticket47910_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389.utils:ticket47910_test.py:105 Running test_ticket47910 - Execute logconv.pl -S -E with starttime>endtime INFO lib389.utils:ticket47910_test.py:107 taking current time with offset of 2 mins and formatting it to feed -S INFO lib389.utils:ticket47910_test.py:111 taking current time with offset of 2 mins and formatting it to feed -E INFO lib389.utils:ticket47910_test.py:115 Executing logconv.pl with -S and -E INFO lib389.utils:ticket47910_test.py:61 Executing logconv.pl with -S current time and -E end time INFO lib389.utils:ticket47910_test.py:63 /usr/bin/logconv.pl -S [26/Apr/2021:00:44:08] -E [26/Apr/2021:00:40:08] /var/log/dirsrv/slapd-standalone1/access INFO lib389.utils:ticket47910_test.py:66 standard output INFO lib389.utils:ticket47910_test.py:67 standard errorsCan't locate sigtrap.pm in @INC (you may need to install the sigtrap module) (@INC contains: /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/logconv.pl line 23. BEGIN failed--compilation aborted at /usr/bin/logconv.pl line 23.
Failed tickets/ticket47910_test.py::test_ticket47910_logconv_start_end_invalid 0.11
topology_st = <lib389.topologies.TopologyMain object at 0x7f10edf5e9d0>
log_dir = '/var/log/dirsrv/slapd-standalone1/access'

def test_ticket47910_logconv_start_end_invalid(topology_st, log_dir):
'''
Execute logconv.pl with -S and -E(endtime) with invalid time stamp
This is a negative test case, where it should give error message
'''
#
# Execute logconv.pl -S and -E with invalid timestamp
#
log.info('Running test_ticket47910 - Execute logconv.pl -S -E with invalid timestamp')
log.info("Set start time and end time to invalid values")
start_time_stamp = "invalid"
end_time_stamp = "invalid"

log.info("Executing logconv.pl with -S and -E")
result = execute_logconv(topology_st.standalone, start_time_stamp, end_time_stamp, log_dir)
> assert result == 1
E assert 2 == 1
E +2
E -1

tickets/ticket47910_test.py:135: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389.utils:ticket47910_test.py:128 Running test_ticket47910 - Execute logconv.pl -S -E with invalid timestamp INFO lib389.utils:ticket47910_test.py:129 Set start time and end time to invalid values INFO lib389.utils:ticket47910_test.py:133 Executing logconv.pl with -S and -E INFO lib389.utils:ticket47910_test.py:61 Executing logconv.pl with -S current time and -E end time INFO lib389.utils:ticket47910_test.py:63 /usr/bin/logconv.pl -S invalid -E invalid /var/log/dirsrv/slapd-standalone1/access INFO lib389.utils:ticket47910_test.py:66 standard output INFO lib389.utils:ticket47910_test.py:67 standard errorsCan't locate sigtrap.pm in @INC (you may need to install the sigtrap module) (@INC contains: /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/logconv.pl line 23. BEGIN failed--compilation aborted at /usr/bin/logconv.pl line 23.
Failed tickets/ticket47910_test.py::test_ticket47910_logconv_noaccesslogs 0.99
topology_st = <lib389.topologies.TopologyMain object at 0x7f10edf5e9d0>
log_dir = '/var/log/dirsrv/slapd-standalone1/access'

def test_ticket47910_logconv_noaccesslogs(topology_st, log_dir):
'''
Execute logconv.pl -S(starttime) without specify
access logs location
'''

#
# Execute logconv.pl -S with random timestamp and no access log location
#
log.info('Running test_ticket47910 - Execute logconv.pl without access logs')

log.info("taking current time with offset of 2 mins and formatting it to feed -S")
time_stamp = (datetime.now() - timedelta(minutes=2))
formatted_time_stamp = format_time(time_stamp)
log.info("Executing logconv.pl with -S current time")
cmd = [os.path.join(topology_st.standalone.get_bin_dir(), 'logconv.pl'), '-S', formatted_time_stamp]
log.info(" ".join(cmd))
proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
stdout, stderr = proc.communicate()
log.info("standard output" + ensure_str(stdout))
log.info("standard errors" + ensure_str(stderr))

> assert proc.returncode == 1
E assert 2 == 1
E +2
E -1

tickets/ticket47910_test.py:160: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389.utils:ticket47910_test.py:147 Running test_ticket47910 - Execute logconv.pl without access logs INFO lib389.utils:ticket47910_test.py:149 taking current time with offset of 2 mins and formatting it to feed -S INFO lib389.utils:ticket47910_test.py:152 Executing logconv.pl with -S current time INFO lib389.utils:ticket47910_test.py:154 /usr/bin/logconv.pl -S [26/Apr/2021:00:40:08] INFO lib389.utils:ticket47910_test.py:157 standard output INFO lib389.utils:ticket47910_test.py:158 standard errorsCan't locate sigtrap.pm in @INC (you may need to install the sigtrap module) (@INC contains: /usr/local/lib64/perl5/5.32 /usr/local/share/perl5/5.32 /usr/lib64/perl5/vendor_perl /usr/share/perl5/vendor_perl /usr/lib64/perl5 /usr/share/perl5) at /usr/bin/logconv.pl line 23. BEGIN failed--compilation aborted at /usr/bin/logconv.pl line 23.
Failed tickets/ticket47931_test.py::test_ticket47931 11.47
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9ff6df0>

def test_ticket47931(topology_st):
"""Test Retro Changelog and MemberOf deadlock fix.
Verification steps:
- Enable retro cl and memberOf.
- Create two backends: A & B.
- Configure retrocl scoping for backend A.
- Configure memberOf plugin for uniquemember
- Create group in backend A.
- In parallel, add members to the group on A, and make modifications
to entries in backend B.
- Make sure the server does not hang during the updates to both
backends.

"""

# Enable dynamic plugins to make plugin configuration easier
try:
topology_st.standalone.modify_s(DN_CONFIG,
[(ldap.MOD_REPLACE,
'nsslapd-dynamic-plugins',
b'on')])
except ldap.LDAPError as e:
log.error('Failed to enable dynamic plugins! ' + e.args[0]['desc'])
assert False

# Enable the plugins
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)

# Create second backend
topology_st.standalone.backend.create(SECOND_SUFFIX, {BACKEND_NAME: SECOND_BACKEND})
topology_st.standalone.mappingtree.create(SECOND_SUFFIX, bename=SECOND_BACKEND)

# Create the root node of the second backend
try:
topology_st.standalone.add_s(Entry((SECOND_SUFFIX,
{'objectclass': 'top domain'.split(),
'dc': 'deadlock'})))
except ldap.LDAPError as e:
log.fatal('Failed to create suffix entry: error ' + e.args[0]['desc'])
assert False

# Configure retrocl scope
try:
topology_st.standalone.modify_s(RETROCL_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'nsslapd-include-suffix',
ensure_bytes(DEFAULT_SUFFIX))])
except ldap.LDAPError as e:
log.error('Failed to configure retrocl plugin: ' + e.args[0]['desc'])
assert False

# Configure memberOf group attribute
try:
> topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofgroupattr',
b'uniquemember')])

tickets/ticket47931_test.py:107:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofgroupattr', b'uniquemember')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e9fefc40, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...93, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8a76dc0, file '/export/tests/tickets/ticket47931_test.py', line 113, code test_ticket..., function='test_ticket47931', code_context=[' topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofgroupattr', b'uniquemember')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofgroupattr', b'uniquemember')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofgroupattr', b'uniquemember')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (17,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>, msgid = 17, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (17, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>, msgid = 17, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10eabd6030>, 17, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>
func = <built-in method result4 of LDAP object at 0x7f10eabd6030>
args = (17, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'msgtype': 103, 'msgid': 17, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []})
exc_traceback = <traceback object at 0x7f10ea05d0c0>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db580>
func = <built-in method result4 of LDAP object at 0x7f10eabd6030>
args = (17, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 17, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9ff6df0>

def test_ticket47931(topology_st):
"""Test Retro Changelog and MemberOf deadlock fix.
Verification steps:
- Enable retro cl and memberOf.
- Create two backends: A & B.
- Configure retrocl scoping for backend A.
- Configure memberOf plugin for uniquemember
- Create group in backend A.
- In parallel, add members to the group on A, and make modifications
to entries in backend B.
- Make sure the server does not hang during the updates to both
backends.

"""

# Enable dynamic plugins to make plugin configuration easier
try:
topology_st.standalone.modify_s(DN_CONFIG,
[(ldap.MOD_REPLACE,
'nsslapd-dynamic-plugins',
b'on')])
except ldap.LDAPError as e:
log.error('Failed to enable dynamic plugins! ' + e.args[0]['desc'])
assert False

# Enable the plugins
topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)

# Create second backend
topology_st.standalone.backend.create(SECOND_SUFFIX, {BACKEND_NAME: SECOND_BACKEND})
topology_st.standalone.mappingtree.create(SECOND_SUFFIX, bename=SECOND_BACKEND)

# Create the root node of the second backend
try:
topology_st.standalone.add_s(Entry((SECOND_SUFFIX,
{'objectclass': 'top domain'.split(),
'dc': 'deadlock'})))
except ldap.LDAPError as e:
log.fatal('Failed to create suffix entry: error ' + e.args[0]['desc'])
assert False

# Configure retrocl scope
try:
topology_st.standalone.modify_s(RETROCL_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'nsslapd-include-suffix',
ensure_bytes(DEFAULT_SUFFIX))])
except ldap.LDAPError as e:
log.error('Failed to configure retrocl plugin: ' + e.args[0]['desc'])
assert False

# Configure memberOf group attribute
try:
topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofgroupattr',
b'uniquemember')])
except ldap.LDAPError as e:
log.fatal('Failed to configure memberOf plugin: error ' + e.args[0]['desc'])
> assert False
E assert False

tickets/ticket47931_test.py:113: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:backend.py:80 List backend with suffix=dc=deadlock INFO lib389:backend.py:290 Creating a local backend INFO lib389:backend.py:76 List backend cn=deadlock,cn=ldbm database,cn=plugins,cn=config INFO lib389:__init__.py:1710 Found entry dn: cn=deadlock,cn=ldbm database,cn=plugins,cn=config cn: deadlock nsslapd-cachememsize: 512000 nsslapd-cachesize: -1 nsslapd-directory: /var/lib/dirsrv/slapd-standalone1/db/deadlock nsslapd-dncachememsize: 16777216 nsslapd-readonly: off nsslapd-require-index: off nsslapd-require-internalop-index: off nsslapd-suffix: dc=deadlock objectClass: top objectClass: extensibleObject objectClass: nsBackendInstance INFO lib389:mappingTree.py:153 Entry dn: cn="dc=deadlock",cn=mapping tree,cn=config cn: dc=deadlock nsslapd-backend: deadlock nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree INFO lib389:__init__.py:1710 Found entry dn: cn=dc\3Ddeadlock,cn=mapping tree,cn=config cn: dc=deadlock nsslapd-backend: deadlock nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree CRITICAL tests.tickets.ticket47931_test:ticket47931_test.py:112 Failed to configure memberOf plugin: error Server is unwilling to perform
Failed tickets/ticket47988_test.py::test_ticket47988_init 29.94
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_init(topology_m2):
"""
It adds
- Objectclass with MAY 'member'
- an entry ('bind_entry') with which we bind to test the 'SELFDN' operation
It deletes the anonymous aci

"""

_header(topology_m2, 'test_ticket47988_init')

# enable acl error logging
mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', ensure_bytes(str(8192)))] # REPL
topology_m2.ms["supplier1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["supplier2"].modify_s(DN_CONFIG, mod)

mod = [(ldap.MOD_REPLACE, 'nsslapd-accesslog-level', ensure_bytes(str(260)))] # Internal op
topology_m2.ms["supplier1"].modify_s(DN_CONFIG, mod)
topology_m2.ms["supplier2"].modify_s(DN_CONFIG, mod)

# add dummy entries
for cpt in range(MAX_OTHERS):
name = "%s%d" % (OTHER_NAME, cpt)
topology_m2.ms["supplier1"].add_s(Entry(("cn=%s,%s" % (name, SUFFIX), {
'objectclass': "top person".split(),
'sn': name,
'cn': name})))

# check that entry 0 is replicated before
loop = 0
entryDN = "cn=%s0,%s" % (OTHER_NAME, SUFFIX)
while loop <= 10:
try:
ent = topology_m2.ms["supplier2"].getEntry(entryDN, ldap.SCOPE_BASE, "(objectclass=*)", ['telephonenumber'])
break
except ldap.NO_SUCH_OBJECT:
time.sleep(1)
loop += 1
assert (loop <= 10)

topology_m2.ms["supplier1"].stop(timeout=10)
topology_m2.ms["supplier2"].stop(timeout=10)

# install the specific schema M1: ipa3.3, M2: ipa4.1
schema_file = os.path.join(topology_m2.ms["supplier1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa3.3.tar.gz")
_install_schema(topology_m2.ms["supplier1"], schema_file)
schema_file = os.path.join(topology_m2.ms["supplier1"].getDir(__file__, DATA_DIR), "ticket47988/schema_ipa4.1.tar.gz")
_install_schema(topology_m2.ms["supplier2"], schema_file)

> topology_m2.ms["supplier1"].start(timeout=10)

/export/tests/tickets/ticket47988_test.py:157:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1075: in start
subprocess.check_output(["systemctl", "start", "dirsrv@%s" % self.serverid], stderr=subprocess.STDOUT)
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['systemctl', 'start', 'dirsrv@supplier1'],)
kwargs = {'stderr': -2, 'stdout': -1}
process = <Popen: returncode: 1 args: ['systemctl', 'start', 'dirsrv@supplier1']>
stdout = b'Job for dirsrv@supplier1.service failed because the control process exited with error code.\nSee "systemctl status dirsrv@supplier1.service" and "journalctl -xe" for details.\n'
stderr = None, retcode = 1

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['systemctl', 'start', 'dirsrv@supplier1']' returned non-zero exit status 1.

/usr/lib64/python3.9/subprocess.py:528: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 075f2487-4d8a-4a63-ac08-244c84cfac00 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect fe59aa8a-668e-4855-9804-d084ec2b646d / got description=075f2487-4d8a-4a63-ac08-244c84cfac00) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_init INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ################################################### INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/02common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-admin.ldif INFO lib389:ticket47988_test.py:98 replace /etc/dirsrv/slapd-supplier1/schema/99user.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60nss-ldap.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60autofs.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-web.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60samba.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/10dna-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/05rfc4523.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60basev2.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/10automember-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/05rfc2927.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/10mep-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60ipadns.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/10rfc2307.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-mail.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/05rfc4524.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60trust.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60ipaconfig.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-directory.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60eduperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60mozilla.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/65ipasudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60rfc3712.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60rfc2739.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-value.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60acctpolicy.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/01core389.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60sabayon.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60pam-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/00core.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/25java-object.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60sudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/70ipaotp.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60pureftpd.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/61kerberos-ipav3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60kerberos.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60basev3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/06inetorgperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/30ns-common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/28pilot.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/20subscriber.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/50ns-certificate.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier1/schema/60posix-winsync-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/02common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-admin.ldif INFO lib389:ticket47988_test.py:98 replace /etc/dirsrv/slapd-supplier2/schema/99user.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60nss-ldap.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60autofs.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-web.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60samba.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/10dna-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/05rfc4523.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60basev2.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/10automember-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/05rfc2927.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/10mep-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60ipadns.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/10rfc2307.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-mail.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/05rfc4524.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60trust.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60ipaconfig.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-directory.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60eduperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60mozilla.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/65ipasudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60rfc3712.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60rfc2739.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-value.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60acctpolicy.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/01core389.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60sabayon.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60pam-plugin.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/00core.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/25java-object.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60sudo.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/70ipaotp.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60pureftpd.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/61kerberos-ipav3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60kerberos.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60basev3.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/06inetorgperson.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/30ns-common.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/28pilot.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/20subscriber.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/50ns-certificate.ldif INFO lib389:ticket47988_test.py:102 add /etc/dirsrv/slapd-supplier2/schema/60posix-winsync-plugin.ldif
Failed tickets/ticket47988_test.py::test_ticket47988_1 0.08
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_1(topology_m2):
'''
Check that replication is working and pause replication M2->M1
'''
_header(topology_m2, 'test_ticket47988_1')

topology_m2.ms["supplier1"].log.debug("\n\nCheck that replication is working and pause replication M2->M1\n")
> _do_update_entry(supplier=topology_m2.ms["supplier2"], consumer=topology_m2.ms["supplier1"], attempts=5)

/export/tests/tickets/ticket47988_test.py:234:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:184: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db760>
func = <built-in method result4 of LDAP object at 0x7f10ea06e150>
args = (26, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_1 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_2 0.07
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_2(topology_m2):
'''
Update M1 schema and trigger update M1->M2
So M1 should learn new/extended definitions that are in M2 schema
'''
_header(topology_m2, 'test_ticket47988_2')

topology_m2.ms["supplier1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> supplier1_schema_csn = topology_m2.ms["supplier1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:246:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:614: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:864: in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:141: in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:756: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:760: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea109490>
func = <built-in method result4 of LDAP object at 0x7f10e9edd270>
args = (62, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_2 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_3 0.07
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_3(topology_m2):
'''
Resume replication M2->M1 and check replication is still working
'''
_header(topology_m2, 'test_ticket47988_3')

> _resume_M2_to_M1(topology_m2)

/export/tests/tickets/ticket47988_test.py:283:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:222: in _resume_M2_to_M1
ents = topology_m2.ms["supplier2"].agreement.list(suffix=SUFFIX)
/usr/local/lib/python3.9/site-packages/lib389/agreement.py:904: in list
replica_entries = self.conn.replica.list(suffix)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:178: in list
ents = self.conn.search_s(base, ldap.SCOPE_SUBTREE, filtr)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea0db760>
func = <built-in method search_ext of LDAP object at 0x7f10ea06e150>
args = ('cn=mapping tree,cn=config', 2, '(&(objectclass=nsds5Replica)(nsDS5ReplicaRoot=dc=example,dc=com))', None, 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_3 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ################################################### INFO lib389:ticket47988_test.py:221 ######################### resume RA M2->M1 ######################
Failed tickets/ticket47988_test.py::test_ticket47988_4 0.07
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_4(topology_m2):
'''
Check schemaCSN is identical on both server
And save the nsschemaCSN to later check they do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_4')

> supplier1_schema_csn = topology_m2.ms["supplier1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:295:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:614: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea109490>
func = <built-in method search_ext of LDAP object at 0x7f10e9edd270>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_4 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_5 0.07
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_5(topology_m2):
'''
Check schemaCSN do not change unexpectedly
'''
_header(topology_m2, 'test_ticket47988_5')

> _do_update_entry(supplier=topology_m2.ms["supplier1"], consumer=topology_m2.ms["supplier2"], attempts=5)

/export/tests/tickets/ticket47988_test.py:313:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket47988_test.py:184: in _do_update_entry
supplier.modify_s(entryDN, mod)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:612: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:609: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea109490>
func = <built-in method modify_ext of LDAP object at 0x7f10e9edd270>
args = ('cn=other_entry0,dc=example,dc=com', [(2, 'telephonenumber', b'108')], None, None)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_5 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket47988_test.py::test_ticket47988_6 0.12
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea109be0>

def test_ticket47988_6(topology_m2):
'''
Update M1 schema and trigger update M2->M1
So M2 should learn new/extended definitions that are in M1 schema
'''

_header(topology_m2, 'test_ticket47988_6')

topology_m2.ms["supplier1"].log.debug("\n\nUpdate M1 schema and an entry on M1\n")
> supplier1_schema_csn = topology_m2.ms["supplier1"].schema.get_schema_csn()

/export/tests/tickets/ticket47988_test.py:336:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/schema.py:614: in get_schema_csn
ents = self.conn.search_s(DN_SCHEMA, ldap.SCOPE_BASE,
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:870: in search_s
return self.search_ext_s(base,scope,filterstr,attrlist,attrsonly,None,None,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ea109490>
func = <built-in method search_ext of LDAP object at 0x7f10e9edd270>
args = ('cn=schema', 0, 'objectclass=*', ['nsSchemaCSN'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None, exc_type = None
exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log call--------------------------------
INFO lib389:ticket47988_test.py:64 ############################################### INFO lib389:ticket47988_test.py:65 ####### INFO lib389:ticket47988_test.py:66 ####### test_ticket47988_6 INFO lib389:ticket47988_test.py:67 ####### INFO lib389:ticket47988_test.py:68 ###################################################
Failed tickets/ticket48005_test.py::test_ticket48005_setup 13.31
topology_st = <lib389.topologies.TopologyMain object at 0x7f10ed61a7f0>

def test_ticket48005_setup(topology_st):
'''
allow dump core
generate a test ldif file using dbgen.pl
import the ldif
'''
log.info("Ticket 48005 setup...")
if hasattr(topology_st.standalone, 'prefix'):
prefix = topology_st.standalone.prefix
else:
prefix = None
sysconfig_dirsrv = os.path.join(topology_st.standalone.get_initconfig_dir(), 'dirsrv')
cmdline = 'egrep "ulimit -c unlimited" %s' % sysconfig_dirsrv
p = os.popen(cmdline, "r")
ulimitc = p.readline()
if ulimitc == "":
log.info('No ulimit -c in %s' % sysconfig_dirsrv)
log.info('Adding it')
cmdline = 'echo "ulimit -c unlimited" >> %s' % sysconfig_dirsrv

sysconfig_dirsrv_systemd = sysconfig_dirsrv + ".systemd"
cmdline = 'egrep LimitCORE=infinity %s' % sysconfig_dirsrv_systemd
p = os.popen(cmdline, "r")
lcore = p.readline()
if lcore == "":
log.info('No LimitCORE in %s' % sysconfig_dirsrv_systemd)
log.info('Adding it')
cmdline = 'echo LimitCORE=infinity >> %s' % sysconfig_dirsrv_systemd

topology_st.standalone.restart(timeout=10)

ldif_file = topology_st.standalone.get_ldif_dir() + "/ticket48005.ldif"
os.system('ls %s' % ldif_file)
os.system('rm -f %s' % ldif_file)
if hasattr(topology_st.standalone, 'prefix'):
prefix = topology_st.standalone.prefix
else:
prefix = ""
dbgen_prog = prefix + '/bin/dbgen.pl'
log.info('dbgen_prog: %s' % dbgen_prog)
os.system('%s -s %s -o %s -u -n 10000' % (dbgen_prog, SUFFIX, ldif_file))
cmdline = 'egrep dn: %s | wc -l' % ldif_file
p = os.popen(cmdline, "r")
dnnumstr = p.readline()
num = int(dnnumstr)
log.info("We have %d entries.\n", num)

importTask = Tasks(topology_st.standalone)
args = {TASK_WAIT: True}
> importTask.importLDIF(SUFFIX, None, ldif_file, args)

/export/tests/tickets/ticket48005_test.py:74:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.tasks.Tasks object at 0x7f10e8089940>
suffix = 'dc=example,dc=com', benamebase = None
input_file = '/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif'
args = {'wait': True}

def importLDIF(self, suffix=None, benamebase=None, input_file=None,
args=None):
'''
Import from a LDIF format a given 'suffix' (or 'benamebase' that stores
that suffix). It uses an internal task to acheive this request.

If 'suffix' and 'benamebase' are specified, it uses 'benamebase' first
else 'suffix'.
If both 'suffix' and 'benamebase' are missing it raise ValueError

'input_file' is the ldif input file

@param suffix - suffix of the backend
@param benamebase - 'commonname'/'cn' of the backend (e.g. 'userRoot')
@param ldif_input - file that will contain the entries in LDIF format
to import
@param args - is a dictionary that contains modifier of the import task
wait: True/[False] - If True, 'export' waits for the completion
of the task before to return

@return None

@raise ValueError

'''
if self.conn.state != DIRSRV_STATE_ONLINE:
raise ValueError("Invalid Server State %s! Must be online" % self.conn.state)

# Checking the parameters
if not benamebase and not suffix:
raise ValueError("Specify either bename or suffix")

if not input_file:
raise ValueError("input_file is mandatory")

if not os.path.exists(input_file):
> raise ValueError("Import file (%s) does not exist" % input_file)
E ValueError: Import file (/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif) does not exist

/usr/local/lib/python3.9/site-packages/lib389/tasks.py:487: ValueError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stderr call------------------------------
grep: /etc/sysconfig/dirsrv: No such file or directory grep: /etc/sysconfig/dirsrv.systemd: No such file or directory ls: cannot access '/var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif': No such file or directory sh: /bin/dbgen.pl: No such file or directory grep: /var/lib/dirsrv/slapd-standalone1/ldif/ticket48005.ldif: No such file or directory
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48005_test:ticket48005_test.py:31 Ticket 48005 setup... INFO tests.tickets.ticket48005_test:ticket48005_test.py:41 No ulimit -c in /etc/sysconfig/dirsrv INFO tests.tickets.ticket48005_test:ticket48005_test.py:42 Adding it INFO tests.tickets.ticket48005_test:ticket48005_test.py:50 No LimitCORE in /etc/sysconfig/dirsrv.systemd INFO tests.tickets.ticket48005_test:ticket48005_test.py:51 Adding it INFO tests.tickets.ticket48005_test:ticket48005_test.py:64 dbgen_prog: /bin/dbgen.pl INFO tests.tickets.ticket48005_test:ticket48005_test.py:70 We have 0 entries.
Failed tickets/ticket48013_test.py::test_ticket48013 9.90
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e8080400>

def test_ticket48013(topology_st):
'''
Content Synchonization: Test that invalid cookies are caught
'''

cookies = ('#', '##', 'a#a#a', 'a#a#1')

# Enable dynamic plugins
try:
topology_st.standalone.modify_s(DN_CONFIG, [(ldap.MOD_REPLACE, 'nsslapd-dynamic-plugins', b'on')])
except ldap.LDAPError as e:
log.error('Failed to enable dynamic plugin! {}'.format(e.args[0]['desc']))
assert False

# Enable retro changelog
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)

# Enbale content sync plugin
> topology_st.standalone.plugins.enable(name=PLUGIN_REPL_SYNC)

/export/tests/tickets/ticket48013_test.py:61:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/plugins.py:2105: in enable
plugin.enable()
/usr/local/lib/python3.9/site-packages/lib389/plugins.py:58: in enable
self.set('nsslapd-pluginEnabled', 'on')
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9d6df10>
func = <built-in method result4 of LDAP object at 0x7f10e8080f30>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48194_test.py::test_run_1 7.01
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_1(topology_st):
"""
Check nsSSL3Ciphers: +all
All ciphers are enabled except null.
Note: default allowWeakCipher (i.e., off) for +all
"""
_header(topology_st, 'Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'64')])
# Make sure allowWeakCipher is not set.
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_DELETE, 'allowWeakCipher', None)])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_0' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:158:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 2 - Check the ciphers availability for "+all" with default allowWeakCiphers INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:151 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_2 6.51
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_2(topology_st):
"""
Check nsSSL3Ciphers: +rsa_aes_128_sha,+rsa_aes_256_sha
rsa_aes_128_sha, tls_rsa_aes_128_sha, rsa_aes_256_sha, tls_rsa_aes_256_sha are enabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN,
[(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+rsa_aes_128_sha,+rsa_aes_256_sha')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_1' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)
connectWithOpenssl(topology_st, 'AES256-SHA256', False)
> connectWithOpenssl(topology_st, 'AES128-SHA', True)

/export/tests/tickets/ticket48194_test.py:184:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'AES128-SHA', expect = True

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:108: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 3 - Check the ciphers availability for "+rsa_aes_128_sha,+rsa_aes_256_sha" with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:175 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n' INFO lib389.utils:ticket48194_test.py:86 Testing AES256-SHA256 -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher AES256-SHA256 INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n' INFO lib389.utils:ticket48194_test.py:86 Testing AES128-SHA -- expect to handshake successfully INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher AES128-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, (NONE), Cipher is (NONE)\n'
Failed tickets/ticket48194_test.py::test_run_4 6.86
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_4(topology_st):
"""
Check no nsSSL3Ciphers
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_DELETE, 'nsSSL3Ciphers', b'-all')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_3' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:228:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 5 - Check no nsSSL3Ciphers (-all) with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:221 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_5 6.74
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_5(topology_st):
"""
Check nsSSL3Ciphers: default
Default ciphers are enabled.
default allowWeakCipher
"""
_header(topology_st, 'Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'default')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_4' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:250:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 6 - Check default nsSSL3Ciphers (default setting) with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:243 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_6 6.64
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_6(topology_st):
"""
Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256
All ciphers are disabled.
default allowWeakCipher
"""
_header(topology_st,
'Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN,
[(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'+all,-TLS_RSA_WITH_AES_256_CBC_SHA256')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_5' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:274:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 7 - Check nsSSL3Ciphers: +all,-TLS_RSA_WITH_AES_256_CBC_SHA256 with default allowWeakCipher INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:267 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48194_test.py::test_run_8 6.70
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>

def test_run_8(topology_st):
"""
Check nsSSL3Ciphers: default + allowWeakCipher: off
Strong Default ciphers are enabled.
"""
_header(topology_st, 'Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off)')

topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(ENCRYPTION_DN, [(ldap.MOD_REPLACE, 'nsSSL3Ciphers', b'default'),
(ldap.MOD_REPLACE, 'allowWeakCipher', b'off')])

log.info("\n######################### Restarting the server ######################\n")
topology_st.standalone.stop(timeout=10)
os.system('mv %s %s.48194_7' % (topology_st.standalone.errlog, topology_st.standalone.errlog))
os.system('touch %s' % (topology_st.standalone.errlog))
time.sleep(2)
topology_st.standalone.start(timeout=120)

> connectWithOpenssl(topology_st, 'DES-CBC3-SHA', False)

/export/tests/tickets/ticket48194_test.py:297:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e81ecd60>
cipher = 'DES-CBC3-SHA', expect = False

def connectWithOpenssl(topology_st, cipher, expect):
"""
Connect with the given cipher
Condition:
If expect is True, the handshake should be successful.
If expect is False, the handshake should be refused with
access log: "Cannot communicate securely with peer:
no common encryption algorithm(s)."
"""
log.info("Testing %s -- expect to handshake %s", cipher, "successfully" if expect else "failed")

myurl = 'localhost:%s' % LDAPSPORT
cmdline = ['/usr/bin/openssl', 's_client', '-connect', myurl, '-cipher', cipher]

strcmdline = " ".join(cmdline)
log.info("Running cmdline: %s", strcmdline)

try:
proc = subprocess.Popen(cmdline, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.STDOUT)
except ValueError:
log.info("%s failed: %s", cmdline, ValueError)
proc.kill()

while True:
l = proc.stdout.readline()
if l == b"":
break
if b'Cipher is' in l:
log.info("Found: %s", l)
if expect:
if b'(NONE)' in l:
assert False
else:
proc.stdin.close()
assert True
else:
if b'(NONE)' in l:
assert True
else:
proc.stdin.close()
> assert False
E assert False

/export/tests/tickets/ticket48194_test.py:117: AssertionError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48194_test.py:40 ############################################### INFO lib389:ticket48194_test.py:41 ####### Test Case 9 - Check default nsSSL3Ciphers (default setting + allowWeakCipher: off) INFO lib389:ticket48194_test.py:42 ############################################### INFO lib389.utils:ticket48194_test.py:290 ######################### Restarting the server ###################### INFO lib389.utils:ticket48194_test.py:86 Testing DES-CBC3-SHA -- expect to handshake failed INFO lib389.utils:ticket48194_test.py:92 Running cmdline: /usr/bin/openssl s_client -connect localhost:63601 -cipher DES-CBC3-SHA INFO lib389.utils:ticket48194_test.py:105 Found: b'New, TLSv1.3, Cipher is TLS_AES_128_GCM_SHA256\n'
Failed tickets/ticket48228_test.py::test_ticket48228_test_global_policy 11.24
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e82c2070>
user = 'uid=user1,dc=example,dc=com', passwd = 'password', times = 6

def update_passwd(topology_st, user, passwd, times):
# Set the default value
cpw = passwd
for i in range(times):
log.info(" Bind as {%s,%s}" % (user, cpw))
topology_st.standalone.simple_bind_s(user, cpw)
# Now update the value for this iter.
cpw = 'password%d' % i
try:
> topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])

/export/tests/tickets/ticket48228_test.py:136:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user1,dc=example,dc=com', [(2, 'userpassword', b'password0')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e9f47a40, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b73725a0, file '/export/tests/tickets/ticket48228_test.py', line 141, code update_pass...t=[" topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>
dn = 'uid=user1,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user1,dc=example,dc=com', [(2, 'userpassword', b'password0')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>
dn = 'uid=user1,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>, msgid = 10, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (10, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>, msgid = 10, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10e82c2bd0>, 10, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>
func = <built-in method result4 of LDAP object at 0x7f10e82c2bd0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 10, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user1,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7f10dbfe69c0>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9af98b0>
func = <built-in method result4 of LDAP object at 0x7f10e82c2bd0>
args = (10, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 10, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user1,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e82c2070>

def test_ticket48228_test_global_policy(topology_st):
"""
Check global password policy
"""
log.info(' Set inhistory = 6')
set_global_pwpolicy(topology_st, 6)

log.info(' Bind as directory manager')
log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

log.info(' Add an entry' + USER1_DN)
try:
topology_st.standalone.add_s(
Entry((USER1_DN, {'objectclass': "top person organizationalPerson inetOrgPerson".split(),
'sn': '1',
'cn': 'user 1',
'uid': 'user1',
'givenname': 'user',
'mail': 'user1@example.com',
'userpassword': 'password'})))
except ldap.LDAPError as e:
log.fatal('test_ticket48228: Failed to add user' + USER1_DN + ': error ' + e.message['desc'])
assert False

log.info(' Update the password of ' + USER1_DN + ' 6 times')
> update_passwd(topology_st, USER1_DN, 'password', 6)

/export/tests/tickets/ticket48228_test.py:174:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e82c2070>
user = 'uid=user1,dc=example,dc=com', passwd = 'password', times = 6

def update_passwd(topology_st, user, passwd, times):
# Set the default value
cpw = passwd
for i in range(times):
log.info(" Bind as {%s,%s}" % (user, cpw))
topology_st.standalone.simple_bind_s(user, cpw)
# Now update the value for this iter.
cpw = 'password%d' % i
try:
topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', cpw.encode())])
except ldap.LDAPError as e:
log.fatal(
> 'test_ticket48228: Failed to update the password ' + cpw + ' of user ' + user + ': error ' + e.message[
'desc'])
E AttributeError: 'INSUFFICIENT_ACCESS' object has no attribute 'message'

/export/tests/tickets/ticket48228_test.py:139: AttributeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket48252_test.py::test_ticket48252_run_0 2.41
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9b8c520>

def test_ticket48252_run_0(topology_st):
"""
Delete an entry cn=test_entry0
Check it is not in the 'cn' index file
"""
log.info("Case 1 - Check deleted entry is not in the 'cn' index file")
uas = UserAccounts(topology_st.standalone, DEFAULT_SUFFIX)
del_rdn = "uid=%s0" % TEST_USER
del_entry = uas.get('%s0' % TEST_USER)
log.info(" Deleting a test entry %s..." % del_entry)
del_entry.delete()

> assert in_index_file(topology_st, 0, 'cn') is False

/export/tests/tickets/ticket48252_test.py:80:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48252_test.py:57: in in_index_file
dbscanOut = topology_st.standalone.dbscan(DEFAULT_BENAME, index)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:3015: in dbscan
output = subprocess.check_output(cmd)
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = (['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-standalone1/db/userRoot/cn.db4'],)
kwargs = {'stdout': -1}
process = <Popen: returncode: -6 args: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slap...>
stdout = b'*%20us \n*389 \n*89_ ...9_ds_system \n=demo%20user \n=demo_group '
stderr = None, retcode = -6

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command '['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-standalone1/db/userRoot/cn.db4']' died with <Signals.SIGABRT: 6>.

/usr/lib64/python3.9/subprocess.py:528: CalledProcessError
------------------------------Captured stderr call------------------------------
free(): double free detected in tcache 2
-------------------------------Captured log call--------------------------------
INFO lib389:__init__.py:3014 Running script: ['/usr/bin/dbscan', '-f', '/var/lib/dirsrv/slapd-standalone1/db/userRoot/cn.db4']
Failed tickets/ticket48252_test.py::test_ticket48252_run_1 0.10
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9b8c520>

def test_ticket48252_run_1(topology_st):
"""
Delete an entry cn=test_entry1
Check it is in the 'objectclass' index file as a tombstone entry
"""
log.info("Case 2 - Check deleted entry is in the 'objectclass' index file as a tombstone entry")
uas = UserAccounts(topology_st.standalone, DEFAULT_SUFFIX)
del_rdn = "uid=%s1" % TEST_USER
> del_entry = uas.get('%s1' % TEST_USER)

/export/tests/tickets/ticket48252_test.py:98:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1146: in get
results = self._get_selector(selector)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1177: in _get_selector
return self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:864: in search_ext_s
return self.result(msgid,all=1,timeout=timeout)[1]
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:141: in inner
objtype, data = f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:756: in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:760: in result2
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b8c7f0>
func = <built-in method result4 of LDAP object at 0x7f10eb034150>
args = (40, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.SERVER_DOWN: {'result': -1, 'desc': "Can't contact LDAP server", 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: SERVER_DOWN
Failed tickets/ticket48266_test.py::test_ticket48266_count_csn_evaluation 3.36
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10e81ec820>
entries = None

def test_ticket48266_count_csn_evaluation(topology_m2, entries):
ents = topology_m2.ms["supplier1"].agreement.list(suffix=SUFFIX)
assert len(ents) == 1
> first_csn = _get_first_not_replicated_csn(topology_m2)

/export/tests/tickets/ticket48266_test.py:176:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10e81ec820>

def _get_first_not_replicated_csn(topology_m2):
name = "cn=%s2,%s" % (NEW_ACCOUNT, SUFFIX)

# read the first CSN that will not be replicated
mod = [(ldap.MOD_REPLACE, 'telephonenumber', ensure_bytes('123456'))]
topology_m2.ms["supplier1"].modify_s(name, mod)
msgid = topology_m2.ms["supplier1"].search_ext(name, ldap.SCOPE_SUBTREE, 'objectclass=*', ['nscpentrywsi'])
rtype, rdata, rmsgid = topology_m2.ms["supplier1"].result2(msgid)
attrs = None
for dn, raw_attrs in rdata:
topology_m2.ms["supplier1"].log.info("dn: %s" % dn)
if 'nscpentrywsi' in raw_attrs:
attrs = raw_attrs['nscpentrywsi']
assert attrs
for attr in attrs:
if ensure_str(attr.lower()).startswith('telephonenumber'):
break
assert attr

log.info("############# %s " % name)
# now retrieve the CSN of the operation we are looking for
csn = None
found_ops = topology_m2.ms['supplier1'].ds_access_log.match(".*MOD dn=\"%s\".*" % name)
assert(len(found_ops) > 0)
found_op = topology_m2.ms['supplier1'].ds_access_log.parse_line(found_ops[-1])
log.info(found_op)

# Now look for the related CSN
found_csns = topology_m2.ms['supplier1'].ds_access_log.match(".*conn=%s op=%s RESULT.*" % (found_op['conn'], found_op['op']))
assert(len(found_csns) > 0)
found_csn = topology_m2.ms['supplier1'].ds_access_log.parse_line(found_csns[-1])
log.info(found_csn)
> return found_csn['csn']
E KeyError: 'csn'

/export/tests/tickets/ticket48266_test.py:147: KeyError
-------------------------------Captured log call--------------------------------
INFO lib389:ticket48266_test.py:125 dn: cn=new_account2,dc=example,dc=com INFO tests.tickets.ticket48266_test:ticket48266_test.py:134 ############# cn=new_account2,dc=example,dc=com INFO tests.tickets.ticket48266_test:ticket48266_test.py:140 {'action': 'MOD', 'timestamp': '[26/Apr/2021:00:51:11.116569545 -0400]', 'conn': '1', 'op': '12', 'rem': 'dn="cn=new_account2,dc=example,dc=com"', 'datetime': datetime.datetime(2021, 4, 26, 0, 0, 0, 116569, tzinfo=tzoffset(None, -14400))} INFO tests.tickets.ticket48266_test:ticket48266_test.py:146 {'action': 'RESULT', 'timestamp': '[26/Apr/2021:00:51:11.167190592 -0400]', 'conn': '1', 'op': '12', 'rem': 'err=0 tag=103 nentries=0 wtime=0.000183874 optime=0.050636427 etime=0.050815392 csn=608646bf000000010000', 'datetime': datetime.datetime(2021, 4, 26, 0, 0, 0, 167190, tzinfo=tzoffset(None, -14400))}
Failed tickets/ticket48325_test.py::test_ticket48325 46.78
topology_m1h1c1 = <lib389.topologies.TopologyMain object at 0x7f10e9aea580>

def test_ticket48325(topology_m1h1c1):
"""
Test that the RUV element order is correctly maintained when promoting
a hub or consumer.
"""

#
# Promote consumer to supplier
#
C1 = topology_m1h1c1.cs["consumer1"]
M1 = topology_m1h1c1.ms["supplier1"]
H1 = topology_m1h1c1.hs["hub1"]
repl = ReplicationManager(DEFAULT_SUFFIX)
> repl._ensure_changelog(C1)

/export/tests/tickets/ticket48325_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9e2e8b0>
func = <built-in method result4 of LDAP object at 0x7f10ea004720>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 15, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for hub1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39101, 'ldap-secureport': 63801, 'server-id': 'hub1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for consumer1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39201, 'ldap-secureport': 63901, 'server-id': 'consumer1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:524 Creating replication topology. INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 is NOT working (expect 55a112fc-25da-417f-9796-091c9faecd3a / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 is working INFO lib389.replica:replica.py:2211 SUCCESS: joined consumer from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is was created INFO lib389.replica:replica.py:2268 SUCCESS: joined consumer from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39101 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is NOT working (expect 562bd423-86da-4f7a-bc33-a17363bd3640 / got description=55a112fc-25da-417f-9796-091c9faecd3a) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is working
Failed tickets/ticket48342_test.py::test_ticket4026 146.01
topology_m3 = <lib389.topologies.TopologyMain object at 0x7f10e9e56b50>

def test_ticket4026(topology_m3):
"""Write your replication testcase here.

To access each DirSrv instance use: topology_m3.ms["supplier1"], topology_m3.ms["supplier2"],
..., topology_m3.hub1, ..., topology_m3.consumer1, ...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).
"""

try:
topology_m3.ms["supplier1"].add_s(Entry((PEOPLE_DN, {
'objectclass': "top extensibleObject".split(),
'ou': 'people'})))
except ldap.ALREADY_EXISTS:
pass

topology_m3.ms["supplier1"].add_s(Entry(('ou=ranges,' + SUFFIX, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'ranges'
})))
for cpt in range(MAX_ACCOUNTS):
name = "user%d" % (cpt)
topology_m3.ms["supplier1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))

# make supplier3 having more free slots that supplier2
# so supplier1 will contact supplier3
_dna_config(topology_m3.ms["supplier1"], nextValue=100, maxValue=10)
_dna_config(topology_m3.ms["supplier2"], nextValue=200, maxValue=10)
_dna_config(topology_m3.ms["supplier3"], nextValue=300, maxValue=3000)

# Turn on lots of error logging now.

mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', b'16384')]
# mod = [(ldap.MOD_REPLACE, 'nsslapd-errorlog-level', '1')]
topology_m3.ms["supplier1"].modify_s('cn=config', mod)
topology_m3.ms["supplier2"].modify_s('cn=config', mod)
topology_m3.ms["supplier3"].modify_s('cn=config', mod)

# We need to wait for the event in dna.c to fire to start the servers
# see dna.c line 899
time.sleep(60)

# add on supplier1 users with description DNA
for cpt in range(10):
name = "user_with_desc1_%d" % (cpt)
topology_m3.ms["supplier1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'description': '-1',
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))
# give time to negociate supplier1 <--> supplier3
time.sleep(10)
# add on supplier1 users with description DNA
for cpt in range(11, 20):
name = "user_with_desc1_%d" % (cpt)
> topology_m3.ms["supplier1"].add_s(Entry(("uid=%s,%s" % (name, PEOPLE_DN), {
'objectclass': 'top posixAccount extensibleObject'.split(),
'uid': name,
'cn': name,
'description': '-1',
'uidNumber': '1',
'gidNumber': '1',
'homeDirectory': '/home/%s' % name
})))

/export/tests/tickets/ticket48342_test.py:118:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:439: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:171: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9e56520>
func = <built-in method result4 of LDAP object at 0x7f10ed984ea0>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 105, 'msgid': 15, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Allocation of a new value for range cn=dna config,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed! Unable to proceed.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'supplier3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 012539b2-e768-41ed-932d-f5ca878146e1 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect e8e4718f-fe0e-4746-bef3-229edd5c896d / got description=012539b2-e768-41ed-932d-f5ca878146e1) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:156 Joining supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect cc51f839-cc20-4dc0-8dc7-bb63733d846f / got description=e8e4718f-fe0e-4746-bef3-229edd5c896d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 2484934e-c16b-4e10-81b4-5741d9644378 / got description=cc51f839-cc20-4dc0-8dc7-bb63733d846f) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 2484934e-c16b-4e10-81b4-5741d9644378 / got description=cc51f839-cc20-4dc0-8dc7-bb63733d846f) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 2484934e-c16b-4e10-81b4-5741d9644378 / got description=cc51f839-cc20-4dc0-8dc7-bb63733d846f) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server... INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server... INFO tests.tickets.ticket48342_test:ticket48342_test.py:19 Add dna plugin config entry...ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 INFO tests.tickets.ticket48342_test:ticket48342_test.py:37 Enable the DNA plugin... INFO tests.tickets.ticket48342_test:ticket48342_test.py:44 Restarting the server...
Failed tickets/ticket48637_test.py::test_ticket48637 15.59
topology_st = <lib389.topologies.TopologyMain object at 0x7f10ea0f2ac0>

def test_ticket48637(topology_st):
"""Test for entry cache corruption

This requires automember and managed entry plugins to be configured.

Then remove the group that automember would use to trigger a failure when
adding a new entry. Automember fails, and then managed entry also fails.

Make sure a base search on the entry returns error 32
"""

if DEBUGGING:
# Add debugging steps(if any)...
pass

#
# Add our setup entries
#
try:
topology_st.standalone.add_s(Entry((PEOPLE_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'people'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add people ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((GROUP_OU, {
'objectclass': 'top organizationalunit'.split(),
'ou': 'groups'})))
except ldap.ALREADY_EXISTS:
pass
except ldap.LDAPError as e:
log.fatal('Failed to add groups ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_OU, {
'objectclass': 'top extensibleObject'.split(),
'ou': 'mep'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

try:
topology_st.standalone.add_s(Entry((MEP_TEMPLATE, {
'objectclass': 'top mepTemplateEntry'.split(),
'cn': 'mep template',
'mepRDNAttr': 'cn',
'mepStaticAttr': 'objectclass: groupofuniquenames',
'mepMappedAttr': 'cn: $uid'})))
except ldap.LDAPError as e:
log.fatal('Failed to add MEP ou: ' + str(e))
assert False

#
# Configure automember
#
try:
topology_st.standalone.add_s(Entry((AUTO_DN, {
'cn': 'All Users',
'objectclass': ['top', 'autoMemberDefinition'],
'autoMemberScope': 'dc=example,dc=com',
'autoMemberFilter': 'objectclass=person',
'autoMemberDefaultGroup': GROUP_DN,
'autoMemberGroupingAttr': 'uniquemember:dn'})))
except ldap.LDAPError as e:
log.fatal('Failed to configure automember plugin : ' + str(e))
assert False

#
# Configure managed entry plugin
#
try:
topology_st.standalone.add_s(Entry((MEP_DN, {
'cn': 'MEP Definition',
'objectclass': ['top', 'extensibleObject'],
'originScope': 'ou=people,dc=example,dc=com',
'originFilter': 'objectclass=person',
'managedBase': 'ou=groups,dc=example,dc=com',
'managedTemplate': MEP_TEMPLATE})))
except ldap.LDAPError as e:
log.fatal('Failed to configure managed entry plugin : ' + str(e))
assert False

#
# Restart DS
#
topology_st.standalone.restart(timeout=30)

#
# Add entry that should fail since the automember group does not exist
#
try:
topology_st.standalone.add_s(Entry((USER_DN, {
'uid': 'test',
'objectclass': ['top', 'person', 'extensibleObject'],
'sn': 'test',
'cn': 'test'})))
except ldap.LDAPError as e:
pass

#
# Search for the entry - it should not be returned
#
try:
entry = topology_st.standalone.search_s(USER_DN, ldap.SCOPE_SUBTREE,
'objectclass=*')
if entry:
log.fatal('Entry was incorrectly returned')
> assert False
E assert False

/export/tests/tickets/ticket48637_test.py:139: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
CRITICAL tests.tickets.ticket48637_test:ticket48637_test.py:138 Entry was incorrectly returned
Failed tickets/ticket48759_test.py::test_ticket48759 11.22
topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbe98040>

def test_ticket48759(topology_st):
"""
The fix for ticket 48759 has to prevent plugin calls for tombstone purging

The test uses the memberof and retrocl plugins to verify this.
In tombstone purging without the fix the mmeberof plugin is called,
if the tombstone entry is a group,
it modifies the user entries for the group
and if retrocl is enabled this mod is written to the retrocl

The test sequence is:
- enable replication
- enable memberof and retro cl plugin
- add user entries
- add a group and add the users as members
- verify memberof is set to users
- delete the group
- verify memberof is removed from users
- add group again
- verify memberof is set to users
- get number of changes in retro cl for one user
- configure tombstone purging
- wait for purge interval to pass
- add a dummy entry to increase maxcsn
- wait for purge interval to pass two times
- get number of changes in retro cl for user again
- assert there was no additional change
"""

log.info('Testing Ticket 48759 - no plugin calls for tombstone purging')

#
# Setup Replication
#
log.info('Setting up replication...')
repl = ReplicationManager(DEFAULT_SUFFIX)
repl.create_first_supplier(topology_st.standalone)
#
# enable dynamic plugins, memberof and retro cl plugin
#
log.info('Enable plugins...')
try:
topology_st.standalone.config.set('nsslapd-dynamic-plugins', 'on')
except ldap.LDAPError as e:
ldap.error('Failed to enable dynamic plugins! ' + e.args[0]['desc'])
assert False

topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)
# Configure memberOf group attribute
try:
> topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofgroupattr',
b'member')])

/export/tests/tickets/ticket48759_test.py:128:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofgroupattr', b'member')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e9e24c40, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...93, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8bb3ad0, file '/export/tests/tickets/ticket48759_test.py', line 134, code test_ticket..., function='test_ticket48759', code_context=[' topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,\n'], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofgroupattr', b'member')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn=MemberOf Plugin,cn=plugins,cn=config', [(2, 'memberofgroupattr', b'member')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>
dn = 'cn=MemberOf Plugin,cn=plugins,cn=config'
modlist = [(2, 'memberofgroupattr', b'member')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (20,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>, msgid = 20, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (20, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>, msgid = 20, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10dbf2b420>, 20, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>
func = <built-in method result4 of LDAP object at 0x7f10dbf2b420>
args = (20, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'msgtype': 103, 'msgid': 20, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []})
exc_traceback = <traceback object at 0x7f10e9ffc7c0>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfef0d0>
func = <built-in method result4 of LDAP object at 0x7f10dbf2b420>
args = (20, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 103, 'msgid': 20, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbe98040>

def test_ticket48759(topology_st):
"""
The fix for ticket 48759 has to prevent plugin calls for tombstone purging

The test uses the memberof and retrocl plugins to verify this.
In tombstone purging without the fix the mmeberof plugin is called,
if the tombstone entry is a group,
it modifies the user entries for the group
and if retrocl is enabled this mod is written to the retrocl

The test sequence is:
- enable replication
- enable memberof and retro cl plugin
- add user entries
- add a group and add the users as members
- verify memberof is set to users
- delete the group
- verify memberof is removed from users
- add group again
- verify memberof is set to users
- get number of changes in retro cl for one user
- configure tombstone purging
- wait for purge interval to pass
- add a dummy entry to increase maxcsn
- wait for purge interval to pass two times
- get number of changes in retro cl for user again
- assert there was no additional change
"""

log.info('Testing Ticket 48759 - no plugin calls for tombstone purging')

#
# Setup Replication
#
log.info('Setting up replication...')
repl = ReplicationManager(DEFAULT_SUFFIX)
repl.create_first_supplier(topology_st.standalone)
#
# enable dynamic plugins, memberof and retro cl plugin
#
log.info('Enable plugins...')
try:
topology_st.standalone.config.set('nsslapd-dynamic-plugins', 'on')
except ldap.LDAPError as e:
ldap.error('Failed to enable dynamic plugins! ' + e.args[0]['desc'])
assert False

topology_st.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topology_st.standalone.plugins.enable(name=PLUGIN_RETRO_CHANGELOG)
# Configure memberOf group attribute
try:
topology_st.standalone.modify_s(MEMBEROF_PLUGIN_DN,
[(ldap.MOD_REPLACE,
'memberofgroupattr',
b'member')])
except ldap.LDAPError as e:
log.fatal('Failed to configure memberOf plugin: error ' + e.args[0]['desc'])
> assert False
E assert False

/export/tests/tickets/ticket48759_test.py:134: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
CRITICAL tests.tickets.ticket48759_test:ticket48759_test.py:133 Failed to configure memberOf plugin: error Server is unwilling to perform
Failed tickets/ticket48784_test.py::test_ticket48784 63.25
Fixture "add_entry" called directly. Fixtures are not meant to be called directly,
but are created automatically when test functions request them as parameters.
See https://docs.pytest.org/en/latest/fixture.html for more information about fixtures, and
https://docs.pytest.org/en/latest/deprecations.html#calling-fixtures-directly about how to update your code.
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect e5f08b6b-6297-4bbd-9cea-42c993f92551 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 22d8c1da-eefb-48ac-95cd-15ab003e7217 / got description=e5f08b6b-6297-4bbd-9cea-42c993f92551) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48784_test:ticket48784_test.py:90 Ticket 48784 - Allow usage of OpenLDAP libraries that don't use NSS for crypto INFO tests.tickets.ticket48784_test:ticket48784_test.py:50 ######################### Configure SSL/TLS agreements ###################### INFO tests.tickets.ticket48784_test:ticket48784_test.py:51 ######################## supplier1 <-- startTLS -> supplier2 ##################### INFO tests.tickets.ticket48784_test:ticket48784_test.py:53 ##### Update the agreement of supplier1 INFO tests.tickets.ticket48784_test:ticket48784_test.py:58 ##### Update the agreement of supplier2 INFO tests.tickets.ticket48784_test:ticket48784_test.py:68 ######################### Configure SSL/TLS agreements Done ######################
Failed tickets/ticket48798_test.py::test_ticket48798 19.40
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9b7eee0>

def test_ticket48798(topology_st):
"""
Test DH param sizes offered by DS.

"""
topology_st.standalone.enable_tls()

# Confirm that we have a connection, and that it has DH

# Open a socket to the port.
# Check the security settings.
> size = check_socket_dh_param_size(topology_st.standalone.host, topology_st.standalone.sslport)

/export/tests/tickets/ticket48798_test.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48798_test.py:23: in check_socket_dh_param_size
output = check_output(cmd, shell=True)
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

input = None, capture_output = False, timeout = None, check = True
popenargs = ('echo quit | openssl s_client -connect ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63601 -msg -cipher DH | grep -A 1 ServerKeyExchange',)
kwargs = {'shell': True, 'stdout': -1}
process = <Popen: returncode: 1 args: ['e', 'c', 'h', 'o', ' ', 'q', 'u', 'i', 't', ' ...>
stdout = b'', stderr = None, retcode = 1

def run(*popenargs,
input=None, capture_output=False, timeout=None, check=False, **kwargs):
"""Run command with arguments and return a CompletedProcess instance.

The returned instance will have attributes args, returncode, stdout and
stderr. By default, stdout and stderr are not captured, and those attributes
will be None. Pass stdout=PIPE and/or stderr=PIPE in order to capture them.

If check is True and the exit code was non-zero, it raises a
CalledProcessError. The CalledProcessError object will have the return code
in the returncode attribute, and output & stderr attributes if those streams
were captured.

If timeout is given, and the process takes too long, a TimeoutExpired
exception will be raised.

There is an optional argument "input", allowing you to
pass bytes or a string to the subprocess's stdin. If you use this argument
you may not also use the Popen constructor's "stdin" argument, as
it will be used internally.

By default, all communication is in bytes, and therefore any "input" should
be bytes, and the stdout and stderr will be bytes. If in text mode, any
"input" should be a string, and stdout and stderr will be strings decoded
according to locale encoding, or by "encoding" if set. Text mode is
triggered by setting any of text, encoding, errors or universal_newlines.

The other arguments are the same as for the Popen constructor.
"""
if input is not None:
if kwargs.get('stdin') is not None:
raise ValueError('stdin and input arguments may not both be used.')
kwargs['stdin'] = PIPE

if capture_output:
if kwargs.get('stdout') is not None or kwargs.get('stderr') is not None:
raise ValueError('stdout and stderr arguments may not be used '
'with capture_output.')
kwargs['stdout'] = PIPE
kwargs['stderr'] = PIPE

with Popen(*popenargs, **kwargs) as process:
try:
stdout, stderr = process.communicate(input, timeout=timeout)
except TimeoutExpired as exc:
process.kill()
if _mswindows:
# Windows accumulates the output in a single blocking
# read() call run on child threads, with the timeout
# being done in a join() on those threads. communicate()
# _after_ kill() is required to collect that and add it
# to the exception.
exc.stdout, exc.stderr = process.communicate()
else:
# POSIX _communicate already populated the output so
# far into the TimeoutExpired exception.
process.wait()
raise
except: # Including KeyboardInterrupt, communicate handled that.
process.kill()
# We don't call process.wait() as .__exit__ does that for us.
raise
retcode = process.poll()
if check and retcode:
> raise CalledProcessError(retcode, process.args,
output=stdout, stderr=stderr)
E subprocess.CalledProcessError: Command 'echo quit | openssl s_client -connect ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63601 -msg -cipher DH | grep -A 1 ServerKeyExchange' returned non-zero exit status 1.

/usr/lib64/python3.9/subprocess.py:528: CalledProcessError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stderr call------------------------------
depth=1 C = AU, ST = Queensland, L = 389ds, O = testing, CN = ssca.389ds.example.com verify return:1 depth=0 C = AU, ST = Queensland, L = 389ds, O = testing, GN = a8155deb-0abe-41e6-a523-e01234b932ae, CN = ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com verify return:1 DONE
Failed tickets/ticket48808_test.py::test_ticket48808 16.86
topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbfefdc0>
create_user = None

def test_ticket48808(topology_st, create_user):
log.info('Run multiple paging controls on a single connection')
users_num = 100
page_size = 30
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

for ii in range(3):
log.info('Iteration %d' % ii)
msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
rtype, rdata, rmsgid, rctrls = topology_st.standalone.result3(msgid)
pctrls = [
c
for c in rctrls
if c.controlType == SimplePagedResultsControl.controlType
]

req_ctrl.cookie = pctrls[0].cookie
msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
log.info('Set Directory Manager bind back')
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
del_users(topology_st, users_list)

log.info('Abandon the search')
users_num = 10
page_size = 0
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

msgid = topology_st.standalone.search_ext(DEFAULT_SUFFIX,
ldap.SCOPE_SUBTREE,
search_flt,
searchreq_attrlist,
serverctrls=controls)
rtype, rdata, rmsgid, rctrls = topology_st.standalone.result3(msgid)
pctrls = [
c
for c in rctrls
if c.controlType == SimplePagedResultsControl.controlType
]
assert not pctrls[0].cookie

log.info('Set Directory Manager bind back')
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
del_users(topology_st, users_list)

log.info("Search should fail with 'nsPagedSizeLimit = 5'"
"and 'nsslapd-pagedsizelimit = 15' with 10 users")
conf_attr = b'15'
user_attr = b'5'
expected_rs = ldap.SIZELIMIT_EXCEEDED
users_num = 10
page_size = 10
users_list = add_users(topology_st, users_num)
search_flt = r'(uid=test*)'
searchreq_attrlist = ['dn', 'sn']
conf_attr_bck = change_conf_attr(topology_st, DN_CONFIG,
'nsslapd-pagedsizelimit', conf_attr)
user_attr_bck = change_conf_attr(topology_st, TEST_USER_DN,
'nsPagedSizeLimit', user_attr)

log.info('Set user bind')
topology_st.standalone.simple_bind_s(TEST_USER_DN, TEST_USER_PWD)

log.info('Create simple paged results control instance')
req_ctrl = SimplePagedResultsControl(True, size=page_size, cookie='')
controls = [req_ctrl]

log.info('Expect to fail with SIZELIMIT_EXCEEDED')
with pytest.raises(expected_rs):
> all_results = paged_search(topology_st, controls,
search_flt, searchreq_attrlist)
E Failed: DID NOT RAISE <class 'ldap.SIZELIMIT_EXCEEDED'>

/export/tests/tickets/ticket48808_test.py:252: Failed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48808_test:ticket48808_test.py:159 Run multiple paging controls on a single connection INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 100 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:166 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:169 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 0 INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 1 INFO tests.tickets.ticket48808_test:ticket48808_test.py:174 Iteration 2 INFO tests.tickets.ticket48808_test:ticket48808_test.py:193 Set Directory Manager bind back INFO tests.tickets.ticket48808_test:ticket48808_test.py:75 Deleting 100 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:197 Abandon the search INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:204 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:207 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:224 Set Directory Manager bind back INFO tests.tickets.ticket48808_test:ticket48808_test.py:75 Deleting 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:228 Search should fail with 'nsPagedSizeLimit = 5'and 'nsslapd-pagedsizelimit = 15' with 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:48 Adding 10 users INFO tests.tickets.ticket48808_test:ticket48808_test.py:95 Set nsslapd-pagedsizelimit to b'15'. Previous value - [b'0']. Modified suffix - cn=config. INFO tests.tickets.ticket48808_test:ticket48808_test.py:95 Set nsPagedSizeLimit to b'5'. Previous value - None. Modified suffix - uid=simplepaged_test,dc=example,dc=com. INFO tests.tickets.ticket48808_test:ticket48808_test.py:243 Set user bind INFO tests.tickets.ticket48808_test:ticket48808_test.py:246 Create simple paged results control instance INFO tests.tickets.ticket48808_test:ticket48808_test.py:250 Expect to fail with SIZELIMIT_EXCEEDED INFO tests.tickets.ticket48808_test:ticket48808_test.py:130 Getting page 0
Failed tickets/ticket48896_test.py::test_ticket48896 10.68
server = <lib389.DirSrv object at 0x7f10e9b691f0>, curpw = 'password'
newpw = 'Abcd012+', expstr = 'be ok', rc = 0

def replace_pw(server, curpw, newpw, expstr, rc):
log.info('Binding as {%s, %s}' % (TESTDN, curpw))
server.simple_bind_s(TESTDN, curpw)

hit = 0
log.info('Replacing password: %s -> %s, which should %s' % (curpw, newpw, expstr))
try:
> server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])

/export/tests/tickets/ticket48896_test.py:53:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=buser123,dc=example,dc=com', [(2, 'userPassword', b'Abcd012+')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e9f47040, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8c1e9c0, file '/export/tests/tickets/ticket48896_test.py', line 57, code replace_pw>,...code_context=[" server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>
dn = 'uid=buser123,dc=example,dc=com'
modlist = [(2, 'userPassword', b'Abcd012+')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=buser123,dc=example,dc=com', [(2, 'userPassword', b'Abcd012+')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>
dn = 'uid=buser123,dc=example,dc=com'
modlist = [(2, 'userPassword', b'Abcd012+')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>, msgid = 8, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (8, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>, msgid = 8, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10dbf1e0f0>, 8, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>
func = <built-in method result4 of LDAP object at 0x7f10dbf1e0f0>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 8, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=buser123,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7f10e9eec500>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10e9b691f0>
func = <built-in method result4 of LDAP object at 0x7f10dbf1e0f0>
args = (8, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 8, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=buser123,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9b69a30>

def test_ticket48896(topology_st):
"""
"""
log.info('Testing Ticket 48896 - Default Setting for passwordMinTokenLength does not work')

log.info("Setting global password policy with password syntax.")
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
topology_st.standalone.modify_s(CONFIG_DN, [(ldap.MOD_REPLACE, 'passwordCheckSyntax', b'on'),
(ldap.MOD_REPLACE, 'nsslapd-pwpolicy-local', b'on')])

config = topology_st.standalone.search_s(CONFIG_DN, ldap.SCOPE_BASE, 'cn=*')
mintokenlen = config[0].getValue('passwordMinTokenLength')
history = config[0].getValue('passwordInHistory')

log.info('Default passwordMinTokenLength == %s' % mintokenlen)
log.info('Default passwordInHistory == %s' % history)

log.info('Adding a user.')
curpw = 'password'
topology_st.standalone.add_s(Entry((TESTDN,
{'objectclass': "top person organizationalPerson inetOrgPerson".split(),
'cn': 'test user',
'sn': 'user',
'userPassword': curpw})))

newpw = 'Abcd012+'
exp = 'be ok'
rc = 0
> replace_pw(topology_st.standalone, curpw, newpw, exp, rc)

/export/tests/tickets/ticket48896_test.py:94:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

server = <lib389.DirSrv object at 0x7f10e9b691f0>, curpw = 'password'
newpw = 'Abcd012+', expstr = 'be ok', rc = 0

def replace_pw(server, curpw, newpw, expstr, rc):
log.info('Binding as {%s, %s}' % (TESTDN, curpw))
server.simple_bind_s(TESTDN, curpw)

hit = 0
log.info('Replacing password: %s -> %s, which should %s' % (curpw, newpw, expstr))
try:
server.modify_s(TESTDN, [(ldap.MOD_REPLACE, 'userPassword', ensure_bytes(newpw))])
except Exception as e:
log.info("Exception (expected): %s" % type(e).__name__)
hit = 1
> assert isinstance(e, rc)
E TypeError: isinstance() arg 2 must be a type or tuple of types

/export/tests/tickets/ticket48896_test.py:57: TypeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48896_test:ticket48896_test.py:69 Testing Ticket 48896 - Default Setting for passwordMinTokenLength does not work INFO tests.tickets.ticket48896_test:ticket48896_test.py:71 Setting global password policy with password syntax. INFO tests.tickets.ticket48896_test:ticket48896_test.py:80 Default passwordMinTokenLength == b'3' INFO tests.tickets.ticket48896_test:ticket48896_test.py:81 Default passwordInHistory == b'6' INFO tests.tickets.ticket48896_test:ticket48896_test.py:83 Adding a user. INFO tests.tickets.ticket48896_test:ticket48896_test.py:47 Binding as {uid=buser123,dc=example,dc=com, password} INFO tests.tickets.ticket48896_test:ticket48896_test.py:51 Replacing password: password -> Abcd012+, which should be ok INFO tests.tickets.ticket48896_test:ticket48896_test.py:55 Exception (expected): INSUFFICIENT_ACCESS
Failed tickets/ticket48916_test.py::test_ticket48916 77.32
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10ea111d90>

def test_ticket48916(topology_m2):
"""
https://bugzilla.redhat.com/show_bug.cgi?id=1353629

This is an issue with ID exhaustion in DNA causing a crash.

To access each DirSrv instance use: topology_m2.ms["supplier1"], topology_m2.ms["supplier2"],
..., topology_m2.hub1, ..., topology_m2.consumer1,...


"""

if DEBUGGING:
# Add debugging steps(if any)...
pass

# Enable the plugin on both servers

dna_m1 = topology_m2.ms["supplier1"].plugins.get('Distributed Numeric Assignment Plugin')
dna_m2 = topology_m2.ms["supplier2"].plugins.get('Distributed Numeric Assignment Plugin')

# Configure it
# Create the container for the ranges to go into.

topology_m2.ms["supplier1"].add_s(Entry(
('ou=Ranges,%s' % DEFAULT_SUFFIX, {
'objectClass': 'top organizationalUnit'.split(' '),
'ou': 'Ranges',
})
))

# Create the dnaAdmin?

# For now we just pinch the dn from the dna_m* types, and add the relevant child config
# but in the future, this could be a better plugin template type from lib389

config_dn = dna_m1.dn

topology_m2.ms["supplier1"].add_s(Entry(
('cn=uids,%s' % config_dn, {
'objectClass': 'top dnaPluginConfig'.split(' '),
'cn': 'uids',
'dnatype': 'uidNumber gidNumber'.split(' '),
'dnafilter': '(objectclass=posixAccount)',
'dnascope': '%s' % DEFAULT_SUFFIX,
'dnaNextValue': '1',
'dnaMaxValue': '50',
'dnasharedcfgdn': 'ou=Ranges,%s' % DEFAULT_SUFFIX,
'dnaThreshold': '0',
'dnaRangeRequestTimeout': '60',
'dnaMagicRegen': '-1',
'dnaRemoteBindDN': 'uid=dnaAdmin,ou=People,%s' % DEFAULT_SUFFIX,
'dnaRemoteBindCred': 'secret123',
'dnaNextRange': '80-90'
})
))

topology_m2.ms["supplier2"].add_s(Entry(
('cn=uids,%s' % config_dn, {
'objectClass': 'top dnaPluginConfig'.split(' '),
'cn': 'uids',
'dnatype': 'uidNumber gidNumber'.split(' '),
'dnafilter': '(objectclass=posixAccount)',
'dnascope': '%s' % DEFAULT_SUFFIX,
'dnaNextValue': '61',
'dnaMaxValue': '70',
'dnasharedcfgdn': 'ou=Ranges,%s' % DEFAULT_SUFFIX,
'dnaThreshold': '2',
'dnaRangeRequestTimeout': '60',
'dnaMagicRegen': '-1',
'dnaRemoteBindDN': 'uid=dnaAdmin,ou=People,%s' % DEFAULT_SUFFIX,
'dnaRemoteBindCred': 'secret123',
})
))

# Enable the plugins
dna_m1.enable()
dna_m2.enable()

# Restart the instances
topology_m2.ms["supplier1"].restart(60)
topology_m2.ms["supplier2"].restart(60)

# Wait for a replication .....
time.sleep(40)

# Allocate the 10 members to exhaust

for i in range(1, 11):
_create_user(topology_m2.ms["supplier2"], i)

# Allocate the 11th
> _create_user(topology_m2.ms["supplier2"], 11)

/export/tests/tickets/ticket48916_test.py:126:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48916_test.py:21: in _create_user
inst.add_s(Entry(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:439: in add_s
return self.add_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:171: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbea4850>
func = <built-in method result4 of LDAP object at 0x7f10eaa7c7b0>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.OPERATIONS_ERROR: {'msgtype': 105, 'msgid': 13, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Allocation of a new value for range cn=uids,cn=distributed numeric assignment plugin,cn=plugins,cn=config failed! Unable to proceed.'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: OPERATIONS_ERROR
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 91007dd8-2e38-4150-b394-412e6709e2fb / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 0d1f12a4-d650-4bf6-b7f8-96da611ff059 / got description=91007dd8-2e38-4150-b394-412e6709e2fb) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
Failed tickets/ticket48956_test.py::test_ticket48956 16.07
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e80da430>

def test_ticket48956(topology_st):
"""Write your testcase here...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).

"""

topology_st.standalone.modify_s(ACCT_POLICY_PLUGIN_DN,
[(ldap.MOD_REPLACE, 'nsslapd-pluginarg0', ensure_bytes(ACCT_POLICY_CONFIG_DN))])

topology_st.standalone.modify_s(ACCT_POLICY_CONFIG_DN, [(ldap.MOD_REPLACE, 'alwaysrecordlogin', b'yes'),
(ldap.MOD_REPLACE, 'stateattrname', b'lastLoginTime'),
(ldap.MOD_REPLACE, 'altstateattrname', b'createTimestamp'),
(ldap.MOD_REPLACE, 'specattrname', b'acctPolicySubentry'),
(ldap.MOD_REPLACE, 'limitattrname',
b'accountInactivityLimit')])

# Enable the plugins
topology_st.standalone.plugins.enable(name=PLUGIN_ACCT_POLICY)
topology_st.standalone.restart(timeout=10)

# Check inactivity on standard suffix (short)
> _check_inactivity(topology_st, SUFFIX)

/export/tests/tickets/ticket48956_test.py:107:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket48956_test.py:78: in _check_inactivity
assert (_check_status(topology_st, TEST_USER_DN, b'- activated'))
/export/tests/tickets/ticket48956_test.py:39: in _check_status
output = subprocess.check_output([nsaccountstatus, '-Z', topology_st.standalone.serverid,
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:505: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:951: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/ns-accountstatus.pl', '-Z', 'stand...>
args = ['/usr/sbin/ns-accountstatus.pl', '-Z', 'standalone1', '-D', 'cn=Directory Manager', '-w', ...]
executable = b'/usr/sbin/ns-accountstatus.pl', preexec_fn = None
close_fds = True, pass_fds = (), cwd = None, env = None, startupinfo = None
creationflags = 0, shell = False, p2cread = -1, p2cwrite = -1, c2pread = 46
c2pwrite = 47, errread = -1, errwrite = -1, restore_signals = True, gid = None
gids = None, uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/ns-accountstatus.pl'

/usr/lib64/python3.9/subprocess.py:1821: FileNotFoundError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket48956_test:ticket48956_test.py:54 ######################### Adding Account Policy entry: cn=Account Inactivation Policy,dc=example,dc=com ###################### INFO tests.tickets.ticket48956_test:ticket48956_test.py:61 ######################### Adding Test User entry: uid=ticket48956user,dc=example,dc=com ######################
Failed tickets/ticket49039_test.py::test_ticket49039 17.91
topo = <lib389.topologies.TopologyMain object at 0x7f10dbe41a60>

def test_ticket49039(topo):
"""Test "password must change" verses "password min age". Min age should not
block password update if the password was reset.
"""

# Setup SSL (for ldappasswd test)
topo.standalone.enable_tls()

# Configure password policy
try:
policy = PwPolicyManager(topo.standalone)
policy.set_global_policy(properties={'nsslapd-pwpolicy-local': 'on',
'passwordMustChange': 'on',
'passwordExp': 'on',
'passwordMaxAge': '86400000',
'passwordMinAge': '8640000',
'passwordChange': 'on'})
except ldap.LDAPError as e:
log.fatal('Failed to set password policy: ' + str(e))

# Add user, bind, and set password
try:
topo.standalone.add_s(Entry((USER_DN, {
'objectclass': 'top extensibleObject'.split(),
'uid': 'user1',
'userpassword': PASSWORD
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user: error ' + e.args[0]['desc'])
assert False

# Reset password as RootDN
try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

time.sleep(1)

# Reset password as user
try:
topo.standalone.simple_bind_s(USER_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

try:
> topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])

/export/tests/tickets/ticket49039_test.py:75:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user,dc=example,dc=com', [(2, 'userpassword', b'password')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x55e0b8c20a30, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...93, function='_hookexec', code_context=[' return self._inner_hookexec(hook, methods, kwargs)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8a522d0, file '/export/tests/tickets/ticket49039_test.py', line 78, code test_ticket4...[" topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>
dn = 'uid=user,dc=example,dc=com', modlist = [(2, 'userpassword', b'password')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user,dc=example,dc=com', [(2, 'userpassword', b'password')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>
dn = 'uid=user,dc=example,dc=com', modlist = [(2, 'userpassword', b'password')]
serverctrls = None, clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (7,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>, msgid = 7, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (7, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>, msgid = 7, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10dbe41b10>, 7, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>
func = <built-in method result4 of LDAP object at 0x7f10dbe41b10>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 7, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7f10dbf1c080>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41a00>
func = <built-in method result4 of LDAP object at 0x7f10dbe41b10>
args = (7, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 7, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topo = <lib389.topologies.TopologyMain object at 0x7f10dbe41a60>

def test_ticket49039(topo):
"""Test "password must change" verses "password min age". Min age should not
block password update if the password was reset.
"""

# Setup SSL (for ldappasswd test)
topo.standalone.enable_tls()

# Configure password policy
try:
policy = PwPolicyManager(topo.standalone)
policy.set_global_policy(properties={'nsslapd-pwpolicy-local': 'on',
'passwordMustChange': 'on',
'passwordExp': 'on',
'passwordMaxAge': '86400000',
'passwordMinAge': '8640000',
'passwordChange': 'on'})
except ldap.LDAPError as e:
log.fatal('Failed to set password policy: ' + str(e))

# Add user, bind, and set password
try:
topo.standalone.add_s(Entry((USER_DN, {
'objectclass': 'top extensibleObject'.split(),
'uid': 'user1',
'userpassword': PASSWORD
})))
except ldap.LDAPError as e:
log.fatal('Failed to add user: error ' + e.args[0]['desc'])
assert False

# Reset password as RootDN
try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

time.sleep(1)

# Reset password as user
try:
topo.standalone.simple_bind_s(USER_DN, PASSWORD)
except ldap.LDAPError as e:
log.fatal('Failed to bind: error ' + e.args[0]['desc'])
assert False

try:
topo.standalone.modify_s(USER_DN, [(ldap.MOD_REPLACE, 'userpassword', ensure_bytes(PASSWORD))])
except ldap.LDAPError as e:
log.fatal('Failed to change password: error ' + e.args[0]['desc'])
> assert False
E assert False

/export/tests/tickets/ticket49039_test.py:78: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
CRITICAL tests.tickets.ticket49039_test:ticket49039_test.py:77 Failed to change password: error Insufficient access
Failed tickets/ticket49072_test.py::test_ticket49072_basedn 13.49
topo = <lib389.topologies.TopologyMain object at 0x7f10dbfeb880>

def test_ticket49072_basedn(topo):
"""memberOf fixup task does not validate args

:id: dce9b898-119d-42b8-a236-1130e59bfe18
:feature: memberOf
:setup: Standalone instance, with memberOf plugin
:steps: 1. Run fixup-memberOf.pl with invalid DN entry
2. Check if error log reports "Failed to get be backend"
:expectedresults: Fixup-memberOf.pl task should complete, but errors logged.
"""

log.info("Ticket 49072 memberof fixup task with invalid basedn...")
topo.standalone.plugins.enable(name=PLUGIN_MEMBER_OF)
topo.standalone.restart(timeout=10)

if ds_is_older('1.3'):
inst_dir = topo.standalone.get_inst_dir()
memof_task = os.path.join(inst_dir, FIXUP_MEMOF)
try:
output = subprocess.check_output([memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', TEST_BASEDN, '-f', FILTER])
except subprocess.CalledProcessError as err:
output = err.output
else:
sbin_dir = topo.standalone.get_sbin_dir()
memof_task = os.path.join(sbin_dir, FIXUP_MEMOF)
try:
> output = subprocess.check_output(
[memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', TEST_BASEDN, '-Z', SERVERID_STANDALONE, '-f', FILTER])

/export/tests/tickets/ticket49072_test.py:55:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:505: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:951: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Dire...>
args = ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Directory Manager', '-w', 'password', '-b', ...]
executable = b'/usr/sbin/fixup-memberof.pl', preexec_fn = None, close_fds = True
pass_fds = (), cwd = None, env = None, startupinfo = None, creationflags = 0
shell = False, p2cread = -1, p2cwrite = -1, c2pread = 36, c2pwrite = 37
errread = -1, errwrite = -1, restore_signals = True, gid = None, gids = None
uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/fixup-memberof.pl'

/usr/lib64/python3.9/subprocess.py:1821: FileNotFoundError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49072_test:ticket49072_test.py:40 Ticket 49072 memberof fixup task with invalid basedn...
Failed tickets/ticket49072_test.py::test_ticket49072_filter 12.33
topo = <lib389.topologies.TopologyMain object at 0x7f10dbfeb880>

def test_ticket49072_filter(topo):
"""memberOf fixup task does not validate args

:id: dde9e893-119d-42c8-a236-1190e56bfe98
:feature: memberOf
:setup: Standalone instance, with memberOf plugin
:steps: 1. Run fixup-memberOf.pl with invalid filter
2. Check if error log reports "Bad search filter"
:expectedresults: Fixup-memberOf.pl task should complete, but errors logged.
"""
log.info("Ticket 49072 memberof fixup task with invalid filter...")
log.info('Wait for 10 secs and check if task is completed')
time.sleep(10)
task_memof = 'cn=memberOf task,cn=tasks,cn=config'
if topo.standalone.search_s(task_memof, ldap.SCOPE_SUBTREE, 'cn=memberOf_fixup*', ['dn:']):
log.info('memberof task is still running, wait for +10 secs')
time.sleep(10)

if ds_is_older('1.3'):
inst_dir = topo.standalone.get_inst_dir()
memof_task = os.path.join(inst_dir, FIXUP_MEMOF)
try:
output = subprocess.check_output([memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', SUFFIX, '-f', TEST_FILTER])
except subprocess.CalledProcessError as err:
output = err.output
else:
sbin_dir = topo.standalone.get_sbin_dir()
memof_task = os.path.join(sbin_dir, FIXUP_MEMOF)
try:
> output = subprocess.check_output(
[memof_task, '-D', DN_DM, '-w', PASSWORD, '-b', SUFFIX, '-Z', SERVERID_STANDALONE, '-f', TEST_FILTER])

/export/tests/tickets/ticket49072_test.py:96:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/lib64/python3.9/subprocess.py:424: in check_output
return run(*popenargs, stdout=PIPE, timeout=timeout, check=True,
/usr/lib64/python3.9/subprocess.py:505: in run
with Popen(*popenargs, **kwargs) as process:
/usr/lib64/python3.9/subprocess.py:951: in __init__
self._execute_child(args, executable, preexec_fn, close_fds,
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <Popen: returncode: 255 args: ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Dire...>
args = ['/usr/sbin/fixup-memberof.pl', '-D', 'cn=Directory Manager', '-w', 'password', '-b', ...]
executable = b'/usr/sbin/fixup-memberof.pl', preexec_fn = None, close_fds = True
pass_fds = (), cwd = None, env = None, startupinfo = None, creationflags = 0
shell = False, p2cread = -1, p2cwrite = -1, c2pread = 36, c2pwrite = 37
errread = -1, errwrite = -1, restore_signals = True, gid = None, gids = None
uid = None, umask = -1, start_new_session = False

def _execute_child(self, args, executable, preexec_fn, close_fds,
pass_fds, cwd, env,
startupinfo, creationflags, shell,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite,
restore_signals,
gid, gids, uid, umask,
start_new_session):
"""Execute program (POSIX version)"""

if isinstance(args, (str, bytes)):
args = [args]
elif isinstance(args, os.PathLike):
if shell:
raise TypeError('path-like args is not allowed when '
'shell is true')
args = [args]
else:
args = list(args)

if shell:
# On Android the default shell is at '/system/bin/sh'.
unix_shell = ('/system/bin/sh' if
hasattr(sys, 'getandroidapilevel') else '/bin/sh')
args = [unix_shell, "-c"] + args
if executable:
args[0] = executable

if executable is None:
executable = args[0]

sys.audit("subprocess.Popen", executable, args, cwd, env)

if (_USE_POSIX_SPAWN
and os.path.dirname(executable)
and preexec_fn is None
and not close_fds
and not pass_fds
and cwd is None
and (p2cread == -1 or p2cread > 2)
and (c2pwrite == -1 or c2pwrite > 2)
and (errwrite == -1 or errwrite > 2)
and not start_new_session
and gid is None
and gids is None
and uid is None
and umask < 0):
self._posix_spawn(args, executable, env, restore_signals,
p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)
return

orig_executable = executable

# For transferring possible exec failure from child to parent.
# Data format: "exception name:hex errno:description"
# Pickle is not used; it is complex and involves memory allocation.
errpipe_read, errpipe_write = os.pipe()
# errpipe_write must not be in the standard io 0, 1, or 2 fd range.
low_fds_to_close = []
while errpipe_write < 3:
low_fds_to_close.append(errpipe_write)
errpipe_write = os.dup(errpipe_write)
for low_fd in low_fds_to_close:
os.close(low_fd)
try:
try:
# We must avoid complex work that could involve
# malloc or free in the child process to avoid
# potential deadlocks, thus we do all this here.
# and pass it to fork_exec()

if env is not None:
env_list = []
for k, v in env.items():
k = os.fsencode(k)
if b'=' in k:
raise ValueError("illegal environment variable name")
env_list.append(k + b'=' + os.fsencode(v))
else:
env_list = None # Use execv instead of execve.
executable = os.fsencode(executable)
if os.path.dirname(executable):
executable_list = (executable,)
else:
# This matches the behavior of os._execvpe().
executable_list = tuple(
os.path.join(os.fsencode(dir), executable)
for dir in os.get_exec_path(env))
fds_to_keep = set(pass_fds)
fds_to_keep.add(errpipe_write)
self.pid = _posixsubprocess.fork_exec(
args, executable_list,
close_fds, tuple(sorted(map(int, fds_to_keep))),
cwd, env_list,
p2cread, p2cwrite, c2pread, c2pwrite,
errread, errwrite,
errpipe_read, errpipe_write,
restore_signals, start_new_session,
gid, gids, uid, umask,
preexec_fn)
self._child_created = True
finally:
# be sure the FD is closed no matter what
os.close(errpipe_write)

self._close_pipe_fds(p2cread, p2cwrite,
c2pread, c2pwrite,
errread, errwrite)

# Wait for exec to fail or succeed; possibly raising an
# exception (limited in size)
errpipe_data = bytearray()
while True:
part = os.read(errpipe_read, 50000)
errpipe_data += part
if not part or len(errpipe_data) > 50000:
break
finally:
# be sure the FD is closed no matter what
os.close(errpipe_read)

if errpipe_data:
try:
pid, sts = os.waitpid(self.pid, 0)
if pid == self.pid:
self._handle_exitstatus(sts)
else:
self.returncode = sys.maxsize
except ChildProcessError:
pass

try:
exception_name, hex_errno, err_msg = (
errpipe_data.split(b':', 2))
# The encoding here should match the encoding
# written in by the subprocess implementations
# like _posixsubprocess
err_msg = err_msg.decode()
except ValueError:
exception_name = b'SubprocessError'
hex_errno = b'0'
err_msg = 'Bad exception data from child: {!r}'.format(
bytes(errpipe_data))
child_exception_type = getattr(
builtins, exception_name.decode('ascii'),
SubprocessError)
if issubclass(child_exception_type, OSError) and hex_errno:
errno_num = int(hex_errno, 16)
child_exec_never_called = (err_msg == "noexec")
if child_exec_never_called:
err_msg = ""
# The error must be from chdir(cwd).
err_filename = cwd
else:
err_filename = orig_executable
if errno_num != 0:
err_msg = os.strerror(errno_num)
> raise child_exception_type(errno_num, err_msg, err_filename)
E FileNotFoundError: [Errno 2] No such file or directory: '/usr/sbin/fixup-memberof.pl'

/usr/lib64/python3.9/subprocess.py:1821: FileNotFoundError
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49072_test:ticket49072_test.py:77 Ticket 49072 memberof fixup task with invalid filter... INFO tests.tickets.ticket49072_test:ticket49072_test.py:78 Wait for 10 secs and check if task is completed
Failed tickets/ticket49073_test.py::test_ticket49073 36.99
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10dbe7b430>

def test_ticket49073(topology_m2):
"""Write your replication test here.

To access each DirSrv instance use: topology_m2.ms["supplier1"], topology_m2.ms["supplier2"],
..., topology_m2.hub1, ..., topology_m2.consumer1,...

Also, if you need any testcase initialization,
please, write additional fixture for that(include finalizer).
"""
topology_m2.ms["supplier1"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["supplier1"].restart(timeout=10)
topology_m2.ms["supplier2"].plugins.enable(name=PLUGIN_MEMBER_OF)
topology_m2.ms["supplier2"].restart(timeout=10)

# Configure fractional to prevent total init to send memberof
ents = topology_m2.ms["supplier1"].agreement.list(suffix=SUFFIX)
assert len(ents) == 1
log.info('update %s to add nsDS5ReplicatedAttributeListTotal' % ents[0].dn)
> topology_m2.ms["supplier1"].modify_s(ents[0].dn,
[(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeListTotal',
'(objectclass=*) $ EXCLUDE '),
(ldap.MOD_REPLACE,
'nsDS5ReplicatedAttributeList',
'(objectclass=*) $ EXCLUDE memberOf')])

/export/tests/tickets/ticket49073_test.py:97:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:612: in modify_ext_s
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:609: in modify_ext
return self._ldap_call(self._l.modify_ext,dn,modlist,RequestControlTuples(serverctrls),RequestControlTuples(clientctrls))
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe7ba30>
func = <built-in method modify_ext of LDAP object at 0x7f10eb05f510>
args = ('cn=002,cn=replica,cn=dc\\3Dexample\\2Cdc\\3Dcom,cn=mapping tree,cn=config', [(2, 'nsDS5ReplicatedAttributeListTotal', '(objectclass=*) $ EXCLUDE '), (2, 'nsDS5ReplicatedAttributeList', '(objectclass=*) $ EXCLUDE memberOf')], None, None)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: ('Tuple_to_LDAPMod(): expected a byte string in the list', '(')

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: TypeError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 31f28e1e-90fa-4a33-9347-9216b2a4901e / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect f3af334c-5ac3-4550-ba6a-cee225444ded / got description=31f28e1e-90fa-4a33-9347-9216b2a4901e) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49073_test:ticket49073_test.py:96 update cn=002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config to add nsDS5ReplicatedAttributeListTotal
Failed tickets/ticket49104_test.py::test_ticket49104_setup 8.62
topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbe414c0>

def test_ticket49104_setup(topology_st):
"""
Generate an ldif file having 10K entries and import it.
"""
# Generate a test ldif (100k entries)
ldif_dir = topology_st.standalone.get_ldif_dir()
import_ldif = ldif_dir + '/49104.ldif'
try:
> topology_st.standalone.buildLDIF(100000, import_ldif)

/export/tests/tickets/ticket49104_test.py:30:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe41bb0>, num = 100000
ldif_file = '/var/lib/dirsrv/slapd-standalone1/ldif/49104.ldif'
suffix = 'dc=example,dc=com'

def buildLDIF(self, num, ldif_file, suffix='dc=example,dc=com'):
"""Generate a simple ldif file using the dbgen.pl script, and set the
ownership and permissions to match the user that the server runs as.

@param num - number of entries to create
@param ldif_file - ldif file name(including the path)
@suffix - DN of the parent entry in the ldif file
@return - nothing
@raise - OSError
"""
> raise Exception("Perl tools disabled on this system. Try dbgen py module.")
E Exception: Perl tools disabled on this system. Try dbgen py module.

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:3236: Exception
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket49192_test.py::test_ticket49192 11.28
topo = <lib389.topologies.TopologyMain object at 0x7f10dbcab520>

def test_ticket49192(topo):
"""Trigger deadlock when removing suffix
"""

#
# Create a second suffix/backend
#
log.info('Creating second backend...')
> topo.standalone.backends.create(None, properties={
BACKEND_NAME: "Second_Backend",
'suffix': "o=hang.com",
})

/export/tests/tickets/ticket49192_test.py:35:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1215: in create
return co.create(rdn, properties, self._basedn)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.backend.Backend object at 0x7f10e821c700>, dn = None
properties = {'name': 'Second_Backend', 'suffix': 'o=hang.com'}
basedn = 'cn=ldbm database,cn=plugins,cn=config', create_mapping_tree = True

def create(self, dn=None, properties=None, basedn=DN_LDBM, create_mapping_tree=True):
"""Add a new backend entry, create mapping tree,
and, if requested, sample entries

:param dn: DN of the new entry
:type dn: str
:param properties: Attributes and parameters for the new entry
:type properties: dict
:param basedn: Base DN of the new entry
:type basedn: str
:param create_mapping_tree: If a related mapping tree node should be created
:type create_mapping_tree: bool

:returns: DSLdapObject of the created entry
"""

sample_entries = False
parent_suffix = False

# normalize suffix (remove spaces between comps)
if dn is not None:
dn_comps = ldap.dn.explode_dn(dn.lower())
dn = ",".join(dn_comps)

if properties is not None:
> suffix_dn = properties['nsslapd-suffix'].lower()
E KeyError: 'nsslapd-suffix'

/usr/local/lib/python3.9/site-packages/lib389/backend.py:613: KeyError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49192_test:ticket49192_test.py:34 Creating second backend...
Failed tickets/ticket49287_test.py::test_ticket49287 42.55
self = <lib389.mappingTree.MappingTreeLegacy object at 0x7f10e9f540d0>
suffix = 'dc=test,dc=com', bename = 'test', parent = None

def create(self, suffix=None, bename=None, parent=None):
'''
Create a mapping tree entry (under "cn=mapping tree,cn=config"),
for the 'suffix' and that is stored in 'bename' backend.
'bename' backend must exist before creating the mapping tree entry.

If a 'parent' is provided that means that we are creating a
sub-suffix mapping tree.

@param suffix - suffix mapped by this mapping tree entry. It will
be the common name ('cn') of the entry
@param benamebase - backend common name (e.g. 'userRoot')
@param parent - if provided is a parent suffix of 'suffix'

@return DN of the mapping tree entry

@raise ldap.NO_SUCH_OBJECT - if the backend entry or parent mapping
tree does not exist
ValueError - if missing a parameter,

'''
# Check suffix is provided
if not suffix:
raise ValueError("suffix is mandatory")
else:
nsuffix = normalizeDN(suffix)

# Check backend name is provided
if not bename:
raise ValueError("backend name is mandatory")

# Check that if the parent suffix is provided then
# it exists a mapping tree for it
if parent:
nparent = normalizeDN(parent)
filt = suffixfilt(parent)
try:
entry = self.conn.getEntry(DN_MAPPING_TREE, ldap.SCOPE_SUBTREE,
filt)
pass
except NoSuchEntryError:
raise ValueError("parent suffix has no mapping tree")
else:
nparent = ""

# Check if suffix exists, return
filt = suffixfilt(suffix)
try:
entry = self.conn.getEntry(DN_MAPPING_TREE, ldap.SCOPE_SUBTREE,
filt)
return entry
except ldap.NO_SUCH_OBJECT:
entry = None

#
# Now start the real work
#

# fix me when we can actually used escaped DNs
dn = ','.join(('cn="%s"' % nsuffix, DN_MAPPING_TREE))
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject', MT_OBJECTCLASS_VALUE],
'nsslapd-state': 'backend',
# the value in the dn has to be DN escaped
# internal code will add the quoted value - unquoted value is
# useful for searching.
MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]: nsuffix,
MT_PROPNAME_TO_ATTRNAME[MT_BACKEND]: bename
})

# possibly add the parent
if parent:
entry.setValues(MT_PROPNAME_TO_ATTRNAME[MT_PARENT_SUFFIX], nparent)

try:
self.log.debug("Creating entry: %s", entry.dn)
self.log.info("Entry %r", entry)
> self.conn.add_s(entry)

/usr/local/lib/python3.9/site-packages/lib389/mappingTree.py:154:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (dn: cn="dc=test,dc=com",cn=mapping tree,cn=config
cn: dc=test,dc=com
nsslapd-backend: test
nsslapd-state: backend
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree

,)
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x55e0b8bb2580, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 169,...neno=187, function='_multicall', code_context=[' res = hook_impl.function(*args)\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8c23410, file '/usr/local/lib/python3.9/site-packages/lib389/mappingTree.py', line 15.../lib389/mappingTree.py', lineno=154, function='create', code_context=[' self.conn.add_s(entry)\n'], index=0)
ent = dn: cn="dc=test,dc=com",cn=mapping tree,cn=config
cn: dc=test,dc=com
nsslapd-backend: test
nsslapd-state: backend
objectclass: top
objectclass: extensibleObject
objectclass: nsMappingTree



def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
> return f(ent.dn, ent.toTupleList(), *args[2:])

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>
dn = 'cn="dc=test,dc=com",cn=mapping tree,cn=config'
modlist = [('objectclass', [b'top', b'extensibleObject', b'nsMappingTree']), ('nsslapd-state', [b'backend']), ('cn', [b'dc=test,dc=com']), ('nsslapd-backend', [b'test'])]

def add_s(self,dn,modlist):
> return self.add_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:439:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('cn="dc=test,dc=com",cn=mapping tree,cn=config', [('objectclass', [b'top', b'extensibleObject', b'nsMappingTree']), ('nsslapd-state', [b'backend']), ('cn', [b'dc=test,dc=com']), ('nsslapd-backend', [b'test'])], None, None)
kwargs = {}, ent = 'cn="dc=test,dc=com",cn=mapping tree,cn=config'

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:171:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>
dn = 'cn="dc=test,dc=com",cn=mapping tree,cn=config'
modlist = [('objectclass', [b'top', b'extensibleObject', b'nsMappingTree']), ('nsslapd-state', [b'backend']), ('cn', [b'dc=test,dc=com']), ('nsslapd-backend', [b'test'])]
serverctrls = None, clientctrls = None

def add_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.add_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (4,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>, msgid = 4, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (4, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>, msgid = 4, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10e9e562d0>, 4, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>
func = <built-in method result4 of LDAP object at 0x7f10e9e562d0>
args = (4, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.UNWILLING_TO_PERFORM'>
exc_value = UNWILLING_TO_PERFORM({'msgtype': 105, 'msgid': 4, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []})
exc_traceback = <traceback object at 0x7f10dbfc0400>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbfe2490>
func = <built-in method result4 of LDAP object at 0x7f10e9e562d0>
args = (4, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 4, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM

During handling of the above exception, another exception occurred:

topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10dbf37a90>

def test_ticket49287(topology_m2):
"""
test case for memberof and conflict entries

"""

# return
M1 = topology_m2.ms["supplier1"]
M2 = topology_m2.ms["supplier2"]

config_memberof(M1)
config_memberof(M2)

_enable_spec_logging(M1)
_enable_spec_logging(M2)

_disable_nunc_stans(M1)
_disable_nunc_stans(M2)

M1.restart(timeout=10)
M2.restart(timeout=10)

testbase = 'dc=test,dc=com'
bename = 'test'
> create_backend(M1, M2, testbase, bename)

/export/tests/tickets/ticket49287_test.py:282:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket49287_test.py:204: in create_backend
s1.mappingtree.create(beSuffix, beName)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.mappingTree.MappingTreeLegacy object at 0x7f10e9f540d0>
suffix = 'dc=test,dc=com', bename = 'test', parent = None

def create(self, suffix=None, bename=None, parent=None):
'''
Create a mapping tree entry (under "cn=mapping tree,cn=config"),
for the 'suffix' and that is stored in 'bename' backend.
'bename' backend must exist before creating the mapping tree entry.

If a 'parent' is provided that means that we are creating a
sub-suffix mapping tree.

@param suffix - suffix mapped by this mapping tree entry. It will
be the common name ('cn') of the entry
@param benamebase - backend common name (e.g. 'userRoot')
@param parent - if provided is a parent suffix of 'suffix'

@return DN of the mapping tree entry

@raise ldap.NO_SUCH_OBJECT - if the backend entry or parent mapping
tree does not exist
ValueError - if missing a parameter,

'''
# Check suffix is provided
if not suffix:
raise ValueError("suffix is mandatory")
else:
nsuffix = normalizeDN(suffix)

# Check backend name is provided
if not bename:
raise ValueError("backend name is mandatory")

# Check that if the parent suffix is provided then
# it exists a mapping tree for it
if parent:
nparent = normalizeDN(parent)
filt = suffixfilt(parent)
try:
entry = self.conn.getEntry(DN_MAPPING_TREE, ldap.SCOPE_SUBTREE,
filt)
pass
except NoSuchEntryError:
raise ValueError("parent suffix has no mapping tree")
else:
nparent = ""

# Check if suffix exists, return
filt = suffixfilt(suffix)
try:
entry = self.conn.getEntry(DN_MAPPING_TREE, ldap.SCOPE_SUBTREE,
filt)
return entry
except ldap.NO_SUCH_OBJECT:
entry = None

#
# Now start the real work
#

# fix me when we can actually used escaped DNs
dn = ','.join(('cn="%s"' % nsuffix, DN_MAPPING_TREE))
entry = Entry(dn)
entry.update({
'objectclass': ['top', 'extensibleObject', MT_OBJECTCLASS_VALUE],
'nsslapd-state': 'backend',
# the value in the dn has to be DN escaped
# internal code will add the quoted value - unquoted value is
# useful for searching.
MT_PROPNAME_TO_ATTRNAME[MT_SUFFIX]: nsuffix,
MT_PROPNAME_TO_ATTRNAME[MT_BACKEND]: bename
})

# possibly add the parent
if parent:
entry.setValues(MT_PROPNAME_TO_ATTRNAME[MT_PARENT_SUFFIX], nparent)

try:
self.log.debug("Creating entry: %s", entry.dn)
self.log.info("Entry %r", entry)
self.conn.add_s(entry)
except ldap.LDAPError as e:
> raise ldap.LDAPError("Error adding suffix entry " + dn, e)
E ldap.LDAPError: ('Error adding suffix entry cn="dc=test,dc=com",cn=mapping tree,cn=config', UNWILLING_TO_PERFORM({'msgtype': 105, 'msgid': 4, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': []}))

/usr/local/lib/python3.9/site-packages/lib389/mappingTree.py:156: LDAPError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 687fa5ad-749b-4ffc-b8a0-b43dff264567 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect f2c13e97-6808-4154-8303-8c734728e97f / got description=687fa5ad-749b-4ffc-b8a0-b43dff264567) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49287_test:ticket49287_test.py:77 update cn=002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config to add nsDS5ReplicatedAttributeListTotal INFO tests.tickets.ticket49287_test:ticket49287_test.py:77 update cn=001,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config to add nsDS5ReplicatedAttributeListTotal INFO lib389:mappingTree.py:153 Entry dn: cn="dc=test,dc=com",cn=mapping tree,cn=config cn: dc=test,dc=com nsslapd-backend: test nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree
Failed tickets/ticket49303_test.py::test_ticket49303 26.77
topo = <lib389.topologies.TopologyMain object at 0x7f10e9d859a0>

def test_ticket49303(topo):
"""
Test the nsTLSAllowClientRenegotiation setting.
"""
sslport = SECUREPORT_STANDALONE1

log.info("Ticket 49303 - Allow disabling of SSL renegotiation")

# No value set, defaults to reneg allowed
enable_ssl(topo.standalone, sslport)
> assert try_reneg(HOST_STANDALONE1, sslport) is True
E AssertionError: assert False is True
E + where False = try_reneg('LOCALHOST', 63601)

/export/tests/tickets/ticket49303_test.py:88: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.tickets.ticket49303_test:ticket49303_test.py:84 Ticket 49303 - Allow disabling of SSL renegotiation
Failed tickets/ticket49412_test.py::test_ticket49412 27.37
topo = <lib389.topologies.TopologyMain object at 0x7f10e9fea340>

def test_ticket49412(topo):
"""Specify a test case purpose or name here

:id: 4c7681ff-0511-4256-9589-bdcad84c13e6
:setup: Fill in set up configuration here
:steps:
1. Fill in test case steps here
2. And indent them like this (RST format requirement)
:expectedresults:
1. Fill in the result that is expected
2. For each test step
"""

M1 = topo.ms["supplier1"]

# wrong call with invalid value (should be str(60)
# that create replace with NULL value
# it should fail with UNWILLING_TO_PERFORM
try:
> M1.modify_s(CHANGELOG, [(ldap.MOD_REPLACE, MAXAGE_ATTR, 60),
(ldap.MOD_REPLACE, TRIMINTERVAL, 10)])

/export/tests/tickets/ticket49412_test.py:44:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640: in modify_s
return self.modify_ext_s(dn,modlist,None,None)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbe4bd90>
func = <built-in method result4 of LDAP object at 0x7f10dbe4be40>
args = (39, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.NO_SUCH_OBJECT: {'msgtype': 103, 'msgid': 39, 'result': 32, 'desc': 'No such object', 'ctrls': []}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: NO_SUCH_OBJECT
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for consumer1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39201, 'ldap-secureport': 63901, 'server-id': 'consumer1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:169 Joining consumer consumer1 from supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is NOT working (expect 4e56556b-d64f-4f71-89fd-0077261cad33 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 is working INFO lib389.replica:replica.py:2268 SUCCESS: joined consumer from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 INFO lib389.topologies:topologies.py:174 Ensuring consumer consumer1 from supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39201 already exists
Failed tickets/ticket49463_test.py::test_ticket_49463 224.06
topo = <lib389.topologies.TopologyMain object at 0x7f10e9e97e80>

def test_ticket_49463(topo):
"""Specify a test case purpose or name here

:id: 2a68e8be-387d-4ac7-9452-1439e8483c13
:setup: Fill in set up configuration here
:steps:
1. Enable fractional replication
2. Enable replication logging
3. Check that replication is working fine
4. Generate skipped updates to create keep alive entries
5. Remove M3 from the topology
6. issue cleanAllRuv FORCE that will run on M1 then propagated M2 and M4
7. Check that Number DEL keep alive '3' is <= 1
8. Check M1 is the originator of cleanAllRuv and M2/M4 the propagated ones
9. Check replication M1,M2 and M4 can recover
10. Remove M4 from the topology
11. Issue cleanAllRuv not force while M2 is stopped (that hangs the cleanAllRuv)
12. Check that nsds5ReplicaCleanRUV is correctly encoded on M1 (last value: 1)
13. Check that nsds5ReplicaCleanRUV encoding survives M1 restart
14. Check that nsds5ReplicaCleanRUV encoding is valid on M2 (last value: 0)
15. Check that (for M4 cleanAllRUV) M1 is Originator and M2 propagation
:expectedresults:
1. No report of failure when the RUV is updated
"""

# Step 1 - Configure fractional (skip telephonenumber) replication
M1 = topo.ms["supplier1"]
M2 = topo.ms["supplier2"]
M3 = topo.ms["supplier3"]
M4 = topo.ms["supplier4"]
repl = ReplicationManager(DEFAULT_SUFFIX)
fractional_server_to_replica(M1, M2)
fractional_server_to_replica(M1, M3)
fractional_server_to_replica(M1, M4)

fractional_server_to_replica(M2, M1)
fractional_server_to_replica(M2, M3)
fractional_server_to_replica(M2, M4)

fractional_server_to_replica(M3, M1)
fractional_server_to_replica(M3, M2)
fractional_server_to_replica(M3, M4)

fractional_server_to_replica(M4, M1)
fractional_server_to_replica(M4, M2)
fractional_server_to_replica(M4, M3)

# Step 2 - enable internal op logging and replication debug
for i in (M1, M2, M3, M4):
i.config.loglevel(vals=[256 + 4], service='access')
i.config.loglevel(vals=[LOG_REPLICA, LOG_DEFAULT], service='error')

# Step 3 - Check that replication is working fine
add_user(M1, 11, desc="add to M1")
add_user(M2, 21, desc="add to M2")
add_user(M3, 31, desc="add to M3")
add_user(M4, 41, desc="add to M4")

for i in (M1, M2, M3, M4):
for j in (M1, M2, M3, M4):
if i == j:
continue
repl.wait_for_replication(i, j)

# Step 4 - Generate skipped updates to create keep alive entries
for i in (M1, M2, M3, M4):
cn = '%s_%d' % (USER_CN, 11)
dn = 'uid=%s,ou=People,%s' % (cn, SUFFIX)
users = UserAccount(i, dn)
for j in range(110):
users.set('telephoneNumber', str(j))

# Step 5 - Remove M3 from the topology
M3.stop()
M1.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)
M2.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)
M4.agreement.delete(suffix=SUFFIX, consumer_host=M3.host, consumer_port=M3.port)

# Step 6 - Then issue cleanAllRuv FORCE that will run on M1, M2 and M4
M1.tasks.cleanAllRUV(suffix=SUFFIX, replicaid='3',
force=True, args={TASK_WAIT: True})

# Step 7 - Count the number of received DEL of the keep alive 3
for i in (M1, M2, M4):
i.restart()
regex = re.compile(".*DEL dn=.cn=repl keep alive 3.*")
for i in (M1, M2, M4):
count = count_pattern_accesslog(M1, regex)
log.debug("count on %s = %d" % (i, count))

# check that DEL is replicated once (If DEL is kept in the fix)
# check that DEL is is not replicated (If DEL is finally no long done in the fix)
assert ((count == 1) or (count == 0))

# Step 8 - Check that M1 is Originator of cleanAllRuv and M2, M4 propagation
regex = re.compile(".*Original task deletes Keep alive entry .3.*")
assert pattern_errorlog(M1, regex)

regex = re.compile(".*Propagated task does not delete Keep alive entry .3.*")
assert pattern_errorlog(M2, regex)
assert pattern_errorlog(M4, regex)

# Step 9 - Check replication M1,M2 and M4 can recover
add_user(M1, 12, desc="add to M1")
add_user(M2, 22, desc="add to M2")
for i in (M1, M2, M4):
for j in (M1, M2, M4):
if i == j:
continue
repl.wait_for_replication(i, j)

# Step 10 - Remove M4 from the topology
M4.stop()
M1.agreement.delete(suffix=SUFFIX, consumer_host=M4.host, consumer_port=M4.port)
M2.agreement.delete(suffix=SUFFIX, consumer_host=M4.host, consumer_port=M4.port)

# Step 11 - Issue cleanAllRuv not force while M2 is stopped (that hangs the cleanAllRuv)
M2.stop()
M1.tasks.cleanAllRUV(suffix=SUFFIX, replicaid='4',
force=False, args={TASK_WAIT: False})

# Step 12
# CleanAllRuv is hanging waiting for M2 to restart
# Check that nsds5ReplicaCleanRUV is correctly encoded on M1
replicas = Replicas(M1)
replica = replicas.list()[0]
time.sleep(0.5)
replica.present('nsds5ReplicaCleanRUV')
log.info("M1: nsds5ReplicaCleanRUV=%s" % replica.get_attr_val_utf8('nsds5replicacleanruv'))
regex = re.compile("^4:.*:no:1$")
> assert regex.match(replica.get_attr_val_utf8('nsds5replicacleanruv'))
E AssertionError: assert None
E + where None = <built-in method match of re.Pattern object at 0x7f10e9e91c70>('4:no:1:dc=example,dc=com')
E + where <built-in method match of re.Pattern object at 0x7f10e9e91c70> = re.compile('^4:.*:no:1$').match
E + and '4:no:1:dc=example,dc=com' = <bound method DSLdapObject.get_attr_val_utf8 of <lib389.replica.Replica object at 0x7f10dbcac310>>('nsds5replicacleanruv')
E + where <bound method DSLdapObject.get_attr_val_utf8 of <lib389.replica.Replica object at 0x7f10dbcac310>> = <lib389.replica.Replica object at 0x7f10dbcac310>.get_attr_val_utf8

/export/tests/tickets/ticket49463_test.py:188: AssertionError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'supplier3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier4 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39004, 'ldap-secureport': 63704, 'server-id': 'supplier4', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 92b1dd4b-a234-4783-88d1-33c6c0059ccf / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 47b37bda-35f4-4824-8e0b-90aeb97c9bf3 / got description=92b1dd4b-a234-4783-88d1-33c6c0059ccf) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:156 Joining supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect f4023fd6-097e-4761-9af7-14507ff95632 / got description=47b37bda-35f4-4824-8e0b-90aeb97c9bf3) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 800b3d29-70ac-4c03-b195-b63833d3d3ba / got description=f4023fd6-097e-4761-9af7-14507ff95632) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 INFO lib389.topologies:topologies.py:156 Joining supplier supplier4 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect f1c50328-4ae0-4cbc-ae7d-80ce98f98ba9 / got description=800b3d29-70ac-4c03-b195-b63833d3d3ba) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 7f5376b9-1d9a-46c2-9c06-5c135562517d / got description=f1c50328-4ae0-4cbc-ae7d-80ce98f98ba9) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier4 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier4 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier4 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier4 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier4 to supplier2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier4 to supplier3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created
-------------------------------Captured log call--------------------------------
INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 22905aad-cb10-4c8d-9365-0778df4c6cf1 / got description=7f5376b9-1d9a-46c2-9c06-5c135562517d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect ca5c9ce8-f4d2-45fc-9217-1f8ffd6ab18e / got description=22905aad-cb10-4c8d-9365-0778df4c6cf1) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect cf781a5c-782a-4228-bf64-f4be1ab13ef3 / got description=ca5c9ce8-f4d2-45fc-9217-1f8ffd6ab18e) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 8cd51ece-2356-405e-9c88-3af35fd1f42d / got description=cf781a5c-782a-4228-bf64-f4be1ab13ef3) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect 57abb09a-0530-4921-b358-ceff4a4df4f5 / got description=cf781a5c-782a-4228-bf64-f4be1ab13ef3) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect 57abb09a-0530-4921-b358-ceff4a4df4f5 / got description=8cd51ece-2356-405e-9c88-3af35fd1f42d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect e72276ff-1bc3-4a15-ac6a-c28bee4d37e5 / got description=57abb09a-0530-4921-b358-ceff4a4df4f5) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 9a612eba-d0a8-49cb-9ae8-b335df0dc2c8 / got description=e72276ff-1bc3-4a15-ac6a-c28bee4d37e5) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 9a612eba-d0a8-49cb-9ae8-b335df0dc2c8 / got description=e72276ff-1bc3-4a15-ac6a-c28bee4d37e5) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 0feb758d-6a7b-43e9-9b5a-fdbc8b559b37 / got description=9a612eba-d0a8-49cb-9ae8-b335df0dc2c8) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 0feb758d-6a7b-43e9-9b5a-fdbc8b559b37 / got description=9a612eba-d0a8-49cb-9ae8-b335df0dc2c8) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 0feb758d-6a7b-43e9-9b5a-fdbc8b559b37 / got description=9a612eba-d0a8-49cb-9ae8-b335df0dc2c8) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 0feb758d-6a7b-43e9-9b5a-fdbc8b559b37 / got description=9a612eba-d0a8-49cb-9ae8-b335df0dc2c8) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect a9b36357-e5f8-45b4-b5b2-832a04672bc7 / got description=0feb758d-6a7b-43e9-9b5a-fdbc8b559b37) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 771b35ce-7bb0-4bed-9861-084ef8e2a768 / got description=a9b36357-e5f8-45b4-b5b2-832a04672bc7) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 099726ad-3561-4828-8dfc-d5e3b863637a / got description=771b35ce-7bb0-4bed-9861-084ef8e2a768) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect a09b94eb-2224-46c9-a531-8a7d8adf6401 / got description=099726ad-3561-4828-8dfc-d5e3b863637a) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect a09b94eb-2224-46c9-a531-8a7d8adf6401 / got description=099726ad-3561-4828-8dfc-d5e3b863637a) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect a09b94eb-2224-46c9-a531-8a7d8adf6401 / got description=099726ad-3561-4828-8dfc-d5e3b863637a) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:agreement.py:1094 Agreement (cn=003,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:tasks.py:1463 cleanAllRUV task (task-04262021_012415) completed successfully INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 9fc56b1e-c375-43fb-88ce-37cebae0c64a / got description=a09b94eb-2224-46c9-a531-8a7d8adf6401) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect 0a7317d7-2641-48cb-9bc2-e882eae9ac70 / got description=9fc56b1e-c375-43fb-88ce-37cebae0c64a) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 2e6a76d3-6cfd-4e93-9b98-64a2f2157cf9 / got description=0a7317d7-2641-48cb-9bc2-e882eae9ac70) INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 2e6a76d3-6cfd-4e93-9b98-64a2f2157cf9 / got description=0a7317d7-2641-48cb-9bc2-e882eae9ac70) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is NOT working (expect 98bf72af-63cf-46e2-adb7-fbca031ee9bd / got description=2e6a76d3-6cfd-4e93-9b98-64a2f2157cf9) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect f14f7671-ee76-48d7-aa4f-9e73c257045c / got description=98bf72af-63cf-46e2-adb7-fbca031ee9bd) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect 0e4144c8-e239-4289-8304-f39ff918c2a8 / got description=f14f7671-ee76-48d7-aa4f-9e73c257045c) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39004 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389:agreement.py:1094 Agreement (cn=004,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:agreement.py:1094 Agreement (cn=004,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config) was successfully removed INFO lib389:tasks.py:1463 cleanAllRUV task (task-04262021_012458) completed successfully INFO lib389.utils:ticket49463_test.py:186 M1: nsds5ReplicaCleanRUV=4:no:1:dc=example,dc=com
Failed tickets/ticket50232_test.py::test_ticket50232_normal 8.57
topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbd4a430>

def test_ticket50232_normal(topology_st):
"""
The fix for ticket 50232


The test sequence is:
- create suffix
- add suffix entry and some child entries
- "normally" done after populating suffix: enable replication
- get RUV and database generation
- export -r
- import
- get RUV and database generation
- assert database generation has not changed
"""

log.info('Testing Ticket 50232 - export creates not imprtable ldif file, normal creation order')

topology_st.standalone.backend.create(NORMAL_SUFFIX, {BACKEND_NAME: NORMAL_BACKEND_NAME})
topology_st.standalone.mappingtree.create(NORMAL_SUFFIX, bename=NORMAL_BACKEND_NAME, parent=None)

_populate_suffix(topology_st.standalone, NORMAL_BACKEND_NAME)

repl = ReplicationManager(DEFAULT_SUFFIX)
> repl._ensure_changelog(topology_st.standalone)

/export/tests/tickets/ticket50232_test.py:113:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbd4a3d0>
func = <built-in method result4 of LDAP object at 0x7f10dbd28e40>
args = (13, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 13, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO lib389:backend.py:80 List backend with suffix=o=normal INFO lib389:backend.py:290 Creating a local backend INFO lib389:backend.py:76 List backend cn=normal,cn=ldbm database,cn=plugins,cn=config INFO lib389:__init__.py:1710 Found entry dn: cn=normal,cn=ldbm database,cn=plugins,cn=config cn: normal nsslapd-cachememsize: 512000 nsslapd-cachesize: -1 nsslapd-directory: /var/lib/dirsrv/slapd-standalone1/db/normal nsslapd-dncachememsize: 16777216 nsslapd-readonly: off nsslapd-require-index: off nsslapd-require-internalop-index: off nsslapd-suffix: o=normal objectClass: top objectClass: extensibleObject objectClass: nsBackendInstance INFO lib389:mappingTree.py:153 Entry dn: cn="o=normal",cn=mapping tree,cn=config cn: o=normal nsslapd-backend: normal nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree INFO lib389:__init__.py:1710 Found entry dn: cn=o\3Dnormal,cn=mapping tree,cn=config cn: o=normal nsslapd-backend: normal nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree
Failed tickets/ticket50232_test.py::test_ticket50232_reverse 1.65
topology_st = <lib389.topologies.TopologyMain object at 0x7f10dbd4a430>

def test_ticket50232_reverse(topology_st):
"""
The fix for ticket 50232


The test sequence is:
- create suffix
- enable replication before suffix enztry is added
- add suffix entry and some child entries
- get RUV and database generation
- export -r
- import
- get RUV and database generation
- assert database generation has not changed
"""

log.info('Testing Ticket 50232 - export creates not imprtable ldif file, normal creation order')

#
# Setup Replication
#
log.info('Setting up replication...')
repl = ReplicationManager(DEFAULT_SUFFIX)
# repl.create_first_supplier(topology_st.standalone)
#
# enable dynamic plugins, memberof and retro cl plugin
#
topology_st.standalone.backend.create(REVERSE_SUFFIX, {BACKEND_NAME: REVERSE_BACKEND_NAME})
topology_st.standalone.mappingtree.create(REVERSE_SUFFIX, bename=REVERSE_BACKEND_NAME, parent=None)

> _enable_replica(topology_st.standalone, REVERSE_SUFFIX)

/export/tests/tickets/ticket50232_test.py:155:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/export/tests/tickets/ticket50232_test.py:35: in _enable_replica
repl._ensure_changelog(instance)
/usr/local/lib/python3.9/site-packages/lib389/replica.py:1928: in _ensure_changelog
cl.create(properties={
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:972: in create
return self._create(rdn, properties, basedn, ensure=False)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:947: in _create
self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls, escapehatch='i am sure')
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:169: in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:425: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10dbd4a3d0>
func = <built-in method result4 of LDAP object at 0x7f10dbd28e40>
args = (22, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.UNWILLING_TO_PERFORM: {'msgtype': 105, 'msgid': 22, 'result': 53, 'desc': 'Server is unwilling to perform', 'ctrls': [], 'info': 'Changelog configuration is part of the backend configuration'}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: UNWILLING_TO_PERFORM
-------------------------------Captured log call--------------------------------
INFO lib389:backend.py:80 List backend with suffix=o=reverse INFO lib389:backend.py:290 Creating a local backend INFO lib389:backend.py:76 List backend cn=reverse,cn=ldbm database,cn=plugins,cn=config INFO lib389:__init__.py:1710 Found entry dn: cn=reverse,cn=ldbm database,cn=plugins,cn=config cn: reverse nsslapd-cachememsize: 512000 nsslapd-cachesize: -1 nsslapd-directory: /var/lib/dirsrv/slapd-standalone1/db/reverse nsslapd-dncachememsize: 16777216 nsslapd-readonly: off nsslapd-require-index: off nsslapd-require-internalop-index: off nsslapd-suffix: o=reverse objectClass: top objectClass: extensibleObject objectClass: nsBackendInstance INFO lib389:mappingTree.py:153 Entry dn: cn="o=reverse",cn=mapping tree,cn=config cn: o=reverse nsslapd-backend: reverse nsslapd-state: backend objectclass: top objectclass: extensibleObject objectclass: nsMappingTree INFO lib389:__init__.py:1710 Found entry dn: cn=o\3Dreverse,cn=mapping tree,cn=config cn: o=reverse nsslapd-backend: reverse nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree
Failed tickets/ticket548_test.py::test_ticket548_test_with_no_policy 8.90
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9bacc10>

def test_ticket548_test_with_no_policy(topology_st):
"""
Check shadowAccount under no password policy
"""
log.info("Case 1. No password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

log.info('Add an entry' + USER1_DN)
try:
topology_st.standalone.add_s(
Entry((USER1_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '1',
'cn': 'user 1',
'uid': 'user1',
'givenname': 'user',
'mail': 'user1@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER1_DN + ': error ' + e.message['desc'])
assert False

edate = int(time.time() / (60 * 60 * 24))
log.info('Search entry %s' % USER1_DN)

log.info("Bind as %s" % USER1_DN)
topology_st.standalone.simple_bind_s(USER1_DN, USER_PW)
> entry = topology_st.standalone.getEntry(USER1_DN, ldap.SCOPE_BASE, "(objectclass=*)", ['shadowLastChange'])

/export/tests/tickets/ticket548_test.py:211:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
args = ('uid=user1,dc=example,dc=com', 0, '(objectclass=*)', ['shadowLastChange'])
kwargs = {}, res = 6, restype = 101, obj = []

def getEntry(self, *args, **kwargs):
"""Wrapper around SimpleLDAPObject.search. It is common to just get
one entry.
@param - entry dn
@param - search scope, in ldap.SCOPE_BASE (default),
ldap.SCOPE_SUB, ldap.SCOPE_ONE
@param filterstr - filterstr, default '(objectClass=*)' from
SimpleLDAPObject
@param attrlist - list of attributes to retrieve. eg ['cn', 'uid']
@oaram attrsonly - default None from SimpleLDAPObject
eg. getEntry(dn, scope, filter, attributes)

XXX This cannot return None
"""
self.log.debug("Retrieving entry with %r", [args])
if len(args) == 1 and 'scope' not in kwargs:
args += (ldap.SCOPE_BASE, )

res = self.search(*args, **kwargs)
restype, obj = self.result(res)
# TODO: why not test restype?
if not obj:
> raise NoSuchEntryError("no such entry for %r", [args])
E lib389.exceptions.NoSuchEntryError: ('no such entry for %r', [('uid=user1,dc=example,dc=com', 0, '(objectclass=*)', ['shadowLastChange'])])

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1697: NoSuchEntryError
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Failed tickets/ticket548_test.py::test_ticket548_test_global_policy 0.67
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9bacc10>

def test_ticket548_test_global_policy(topology_st):
"""
Check shadowAccount with global password policy
"""

log.info("Case 2. Check shadowAccount with global password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

set_global_pwpolicy(topology_st)

log.info('Add an entry' + USER2_DN)
try:
topology_st.standalone.add_s(
Entry((USER2_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '2',
'cn': 'user 2',
'uid': 'user2',
'givenname': 'user',
'mail': 'user2@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER2_DN + ': error ' + e.message['desc'])
assert False

edate = int(time.time() / (60 * 60 * 24))

log.info("Bind as %s" % USER1_DN)
topology_st.standalone.simple_bind_s(USER1_DN, USER_PW)

log.info('Search entry %s' % USER1_DN)
> entry = topology_st.standalone.getEntry(USER1_DN, ldap.SCOPE_BASE, "(objectclass=*)")

/export/tests/tickets/ticket548_test.py:249:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
args = ('uid=user1,dc=example,dc=com', 0, '(objectclass=*)'), kwargs = {}
res = 15, restype = 101, obj = []

def getEntry(self, *args, **kwargs):
"""Wrapper around SimpleLDAPObject.search. It is common to just get
one entry.
@param - entry dn
@param - search scope, in ldap.SCOPE_BASE (default),
ldap.SCOPE_SUB, ldap.SCOPE_ONE
@param filterstr - filterstr, default '(objectClass=*)' from
SimpleLDAPObject
@param attrlist - list of attributes to retrieve. eg ['cn', 'uid']
@oaram attrsonly - default None from SimpleLDAPObject
eg. getEntry(dn, scope, filter, attributes)

XXX This cannot return None
"""
self.log.debug("Retrieving entry with %r", [args])
if len(args) == 1 and 'scope' not in kwargs:
args += (ldap.SCOPE_BASE, )

res = self.search(*args, **kwargs)
restype, obj = self.result(res)
# TODO: why not test restype?
if not obj:
> raise NoSuchEntryError("no such entry for %r", [args])
E lib389.exceptions.NoSuchEntryError: ('no such entry for %r', [('uid=user1,dc=example,dc=com', 0, '(objectclass=*)')])

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:1697: NoSuchEntryError
Failed tickets/ticket548_test.py::test_ticket548_test_subtree_policy 3.43
topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9bacc10>
user = 'uid=user3,dc=example,dc=com', passwd = 'password'
newpasswd = 'password0'

def update_passwd(topology_st, user, passwd, newpasswd):
log.info(" Bind as {%s,%s}" % (user, passwd))
topology_st.standalone.simple_bind_s(user, passwd)
try:
> topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])

/export/tests/tickets/ticket548_test.py:160:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user3,dc=example,dc=com', [(2, 'userpassword', b'password0')])
kwargs = {}
c_stack = [FrameInfo(frame=<frame at 0x7f10e80e4640, file '/usr/local/lib/python3.9/site-packages/lib389/__init__.py', line 173,...mbda>', code_context=[' self._inner_hookexec = lambda hook, methods, kwargs: hook.multicall(\n'], index=0), ...]
frame = FrameInfo(frame=<frame at 0x55e0b8ae25e0, file '/export/tests/tickets/ticket548_test.py', line 164, code update_passwd...[" topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])\n"], index=0)

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
dn = 'uid=user3,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')]

def modify_s(self,dn,modlist):
> return self.modify_ext_s(dn,modlist,None,None)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:640:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = ('uid=user3,dc=example,dc=com', [(2, 'userpassword', b'password0')], None, None)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
dn = 'uid=user3,dc=example,dc=com'
modlist = [(2, 'userpassword', b'password0')], serverctrls = None
clientctrls = None

def modify_ext_s(self,dn,modlist,serverctrls=None,clientctrls=None):
msgid = self.modify_ext(dn,modlist,serverctrls,clientctrls)
> resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (34,), kwargs = {'all': 1, 'timeout': -1}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>, msgid = 34, all = 1
timeout = -1, resp_ctrl_classes = None

def result3(self,msgid=ldap.RES_ANY,all=1,timeout=None,resp_ctrl_classes=None):
> resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
msgid,all,timeout,
add_ctrls=0,add_intermediates=0,add_extop=0,
resp_ctrl_classes=resp_ctrl_classes
)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (34, 1, -1)
kwargs = {'add_ctrls': 0, 'add_extop': 0, 'add_intermediates': 0, 'resp_ctrl_classes': None}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>, msgid = 34, all = 1
timeout = -1, add_ctrls = 0, add_intermediates = 0, add_extop = 0
resp_ctrl_classes = None

def result4(self,msgid=ldap.RES_ANY,all=1,timeout=None,add_ctrls=0,add_intermediates=0,add_extop=0,resp_ctrl_classes=None):
if timeout is None:
timeout = self.timeout
> ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

args = (<built-in method result4 of LDAP object at 0x7f10e9d85960>, 34, 1, -1, 0, 0, ...)
kwargs = {}

def inner(*args, **kwargs):
if name in [
'add_s',
'bind_s',
'delete_s',
'modify_s',
'modrdn_s',
'rename_s',
'sasl_interactive_bind_s',
'search_s',
'search_ext_s',
'simple_bind_s',
'unbind_s',
'getEntry',
] and not ('escapehatch' in kwargs and kwargs['escapehatch'] == 'i am sure'):
c_stack = inspect.stack()
frame = c_stack[1]

warnings.warn(DeprecationWarning("Use of raw ldap function %s. This will be removed in a future release. "
"Found in: %s:%s" % (name, frame.filename, frame.lineno)))
# Later, we will add a sleep here to make it even more painful.
# Finally, it will raise an exception.
elif 'escapehatch' in kwargs:
kwargs.pop('escapehatch')

if name == 'result':
objtype, data = f(*args, **kwargs)
# data is either a 2-tuple or a list of 2-tuples
# print data
if data:
if isinstance(data, tuple):
return objtype, Entry(data)
elif isinstance(data, list):
# AD sends back these search references
# if objtype == ldap.RES_SEARCH_RESULT and \
# isinstance(data[-1],tuple) and \
# not data[-1][0]:
# print "Received search reference: "
# pprint.pprint(data[-1][1])
# data.pop() # remove the last non-entry element

return objtype, [Entry(x) for x in data]
else:
raise TypeError("unknown data type %s returned by result" %
type(data))
else:
return objtype, data
elif name.startswith('add'):
# the first arg is self
# the second and third arg are the dn and the data to send
# We need to convert the Entry into the format used by
# python-ldap
ent = args[0]
if isinstance(ent, Entry):
return f(ent.dn, ent.toTupleList(), *args[2:])
else:
return f(*args, **kwargs)
else:
> return f(*args, **kwargs)

/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
func = <built-in method result4 of LDAP object at 0x7f10e9d85960>
args = (34, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
if __debug__ and self._trace_level>=2:
if func.__name__!="unbind_ext":
diagnostic_message_success = self._l.get_option(ldap.OPT_DIAGNOSTIC_MESSAGE)
finally:
self._ldap_object_lock.release()
except LDAPError as e:
exc_type,exc_value,exc_traceback = sys.exc_info()
try:
if 'info' not in e.args[0] and 'errno' in e.args[0]:
e.args[0]['info'] = strerror(e.args[0]['errno'])
except IndexError:
pass
if __debug__ and self._trace_level>=2:
self._trace_file.write('=> LDAPError - %s: %s\n' % (e.__class__.__name__,str(e)))
try:
> reraise(exc_type, exc_value, exc_traceback)

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

exc_type = <class 'ldap.INSUFFICIENT_ACCESS'>
exc_value = INSUFFICIENT_ACCESS({'msgtype': 103, 'msgid': 34, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user3,dc=example,dc=com'.\n"})
exc_traceback = <traceback object at 0x7f10e8232d80>

def reraise(exc_type, exc_value, exc_traceback):
"""Re-raise an exception given information from sys.exc_info()

Note that unlike six.reraise, this does not support replacing the
traceback. All arguments must come from a single sys.exc_info() call.
"""
# In Python 3, all exception info is contained in one object.
> raise exc_value

/usr/lib64/python3.9/site-packages/ldap/compat.py:46:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10db9b9b50>
func = <built-in method result4 of LDAP object at 0x7f10e9d85960>
args = (34, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 34, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'userPassword' attribute of entry 'uid=user3,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS

During handling of the above exception, another exception occurred:

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9bacc10>

def test_ticket548_test_subtree_policy(topology_st):
"""
Check shadowAccount with subtree level password policy
"""

log.info("Case 3. Check shadowAccount with subtree level password policy")

log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
# Check the global policy values

set_subtree_pwpolicy(topology_st, 2, 20, 6)

log.info('Add an entry' + USER3_DN)
try:
topology_st.standalone.add_s(
Entry((USER3_DN, {'objectclass': "top person organizationalPerson inetOrgPerson shadowAccount".split(),
'sn': '3',
'cn': 'user 3',
'uid': 'user3',
'givenname': 'user',
'mail': 'user3@' + DEFAULT_SUFFIX,
'userpassword': USER_PW})))
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to add user' + USER3_DN + ': error ' + e.message['desc'])
assert False

log.info('Search entry %s' % USER3_DN)
entry0 = topology_st.standalone.getEntry(USER3_DN, ldap.SCOPE_BASE, "(objectclass=*)")

log.info('Expecting shadowLastChange 0 since passwordMustChange is on')
check_shadow_attr_value(entry0, 'shadowLastChange', 0, USER3_DN)

# passwordMinAge -- 2 day
check_shadow_attr_value(entry0, 'shadowMin', 2, USER3_DN)

# passwordMaxAge -- 20 days
check_shadow_attr_value(entry0, 'shadowMax', 20, USER3_DN)

# passwordWarning -- 6 days
check_shadow_attr_value(entry0, 'shadowWarning', 6, USER3_DN)

log.info("Bind as %s" % USER3_DN)
topology_st.standalone.simple_bind_s(USER3_DN, USER_PW)

log.info('Search entry %s' % USER3_DN)
try:
entry1 = topology_st.standalone.getEntry(USER3_DN, ldap.SCOPE_BASE, "(objectclass=*)")
except ldap.UNWILLING_TO_PERFORM:
log.info('test_ticket548: Search by' + USER3_DN + ' failed by UNWILLING_TO_PERFORM as expected')
except ldap.LDAPError as e:
log.fatal('test_ticket548: Failed to serch user' + USER3_DN + ' by self: error ' + e.message['desc'])
assert False

log.info("Bind as %s and updating the password with a new one" % USER3_DN)
topology_st.standalone.simple_bind_s(USER3_DN, USER_PW)

# Bind as DM again, change policy
log.info("Bind as %s" % DN_DM)
topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)

set_subtree_pwpolicy(topology_st, 4, 40, 12)

newpasswd = USER_PW + '0'
> update_passwd(topology_st, USER3_DN, USER_PW, newpasswd)

/export/tests/tickets/ticket548_test.py:372:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology_st = <lib389.topologies.TopologyMain object at 0x7f10e9bacc10>
user = 'uid=user3,dc=example,dc=com', passwd = 'password'
newpasswd = 'password0'

def update_passwd(topology_st, user, passwd, newpasswd):
log.info(" Bind as {%s,%s}" % (user, passwd))
topology_st.standalone.simple_bind_s(user, passwd)
try:
topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, 'userpassword', newpasswd.encode())])
except ldap.LDAPError as e:
> log.fatal('test_ticket548: Failed to update the password ' + cpw + ' of user ' + user + ': error ' + e.message[
'desc'])
E NameError: name 'cpw' is not defined

/export/tests/tickets/ticket548_test.py:162: NameError
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_targattrfilters_18] 8.51
topo = <lib389.topologies.TopologyMain object at 0x7f10ec740250>
real_value = '(target = ldap:///cn=Jeff Vedder,ou=Product Development,dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of ...3123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123123";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_targattrfilters_20] 0.24
topo = <lib389.topologies.TopologyMain object at 0x7f10ec740250>
real_value = '(target = ldap:///cn=Jeff Vedder,ou=Product Development,dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of the ACI"; deny(write)userdns="ldap:///anyone";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
XFailed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_bind_rule_set_with_more_than_three] 0.24
topo = <lib389.topologies.TopologyMain object at 0x7f10ec740250>
real_value = '(target = ldap:///dc=example,dc=com)(targetattr="*")(version 3.0; acl "Name of the ACI"; deny absolute (all)userdn="ldap:////////anyone";)'

@pytest.mark.xfail(reason='https://bugzilla.redhat.com/show_bug.cgi?id=1691473')
@pytest.mark.parametrize("real_value", [a[1] for a in FAILED],
ids=[a[0] for a in FAILED])
def test_aci_invalid_syntax_fail(topo, real_value):
"""

Try to set wrong ACI syntax.

:id: 83c40784-fff5-49c8-9535-7064c9c19e7e
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Create ACI
2. Try to setup the ACI with Instance
:expectedresults:
1. It should pass
2. It should not pass
"""
domain = Domain(topo.standalone, DEFAULT_SUFFIX)
with pytest.raises(ldap.INVALID_SYNTAX):
> domain.add("aci", real_value)
E Failed: DID NOT RAISE <class 'ldap.INVALID_SYNTAX'>

suites/acl/syntax_test.py:213: Failed
XFailed suites/acl/userattr_test.py::test_mod_see_also_positive[(LEVEL_3, CHILDREN)] 0.13
topo = <lib389.topologies.TopologyMain object at 0x7f10ec8603d0>
_add_user = None, user = 'uid=Grandparent,ou=Inheritance,dc=example,dc=com'
entry = 'ou=CHILDREN,ou=PARENTS,ou=GRANDPARENTS,ou=ANCESTORS,ou=Inheritance,dc=example,dc=com'

@pytest.mark.parametrize("user,entry", [
(CAN, ROLEDNACCESS),
(CAN, USERDNACCESS),
(CAN, GROUPDNACCESS),
(CAN, LDAPURLACCESS),
(CAN, ATTRNAMEACCESS),
(LEVEL_0, OU_2),
(LEVEL_1, ANCESTORS),
(LEVEL_2, GRANDPARENTS),
(LEVEL_4, OU_2),
(LEVEL_4, ANCESTORS),
(LEVEL_4, GRANDPARENTS),
(LEVEL_4, PARENTS),
(LEVEL_4, CHILDREN),
pytest.param(LEVEL_3, CHILDREN, marks=pytest.mark.xfail(reason="May be some bug")),
], ids=[
"(CAN,ROLEDNACCESS)",
"(CAN,USERDNACCESS)",
"(CAN,GROUPDNACCESS)",
"(CAN,LDAPURLACCESS)",
"(CAN,ATTRNAMEACCESS)",
"(LEVEL_0, OU_2)",
"(LEVEL_1,ANCESTORS)",
"(LEVEL_2,GRANDPARENTS)",
"(LEVEL_4,OU_2)",
"(LEVEL_4, ANCESTORS)",
"(LEVEL_4,GRANDPARENTS)",
"(LEVEL_4,PARENTS)",
"(LEVEL_4,CHILDREN)",
"(LEVEL_3, CHILDREN)"
])
def test_mod_see_also_positive(topo, _add_user, user, entry):
"""
Try to set seeAlso on entry with binding specific user, it will success
as per the ACI.

:id: 65745426-7a01-11e8-8ac2-8c16451d917b
:parametrized: yes
:setup: Standalone Instance
:steps:
1. Add test entry
2. Add ACI
3. User should follow ACI role
:expectedresults:
1. Entry should be added
2. Operation should succeed
3. Operation should succeed
"""
conn = UserAccount(topo.standalone, user).bind(PW_DM)
> UserAccount(conn, entry).replace('seeAlso', 'cn=1')

suites/acl/userattr_test.py:216:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:281: in replace
self.set(key, value, action=ldap.MOD_REPLACE)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:447: in set
return self._instance.modify_ext_s(self._dn, [(action, key, value)],
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:613: in modify_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:764: in result3
resp_type, resp_data, resp_msgid, decoded_resp_ctrls, retoid, retval = self.result4(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:774: in result4
ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:340: in _ldap_call
reraise(exc_type, exc_value, exc_traceback)
/usr/lib64/python3.9/site-packages/ldap/compat.py:46: in reraise
raise exc_value
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10ec5c36a0>
func = <built-in method result4 of LDAP object at 0x7f10ec5b6ab0>
args = (5, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
exc_type = None, exc_value = None, exc_traceback = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E ldap.INSUFFICIENT_ACCESS: {'msgtype': 103, 'msgid': 5, 'result': 50, 'desc': 'Insufficient access', 'ctrls': [], 'info': "Insufficient 'write' privilege to the 'seeAlso' attribute of entry 'ou=children,ou=parents,ou=grandparents,ou=ancestors,ou=inheritance,dc=example,dc=com'.\n"}

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: INSUFFICIENT_ACCESS
XFailed suites/clu/dsidm_user_test.py::test_dsidm_user_get_dn 0.11
topology_st = <lib389.topologies.TopologyMain object at 0x7f10eab433a0>
create_test_user = None

@pytest.mark.bz1893667
@pytest.mark.xfail(reason="Will fail because of bz1893667")
@pytest.mark.skipif(ds_is_older("1.4.2"), reason="Not implemented")
def test_dsidm_user_get_dn(topology_st, create_test_user):
""" Test dsidm user get_dn option

:id: 787bf278-87c3-402e-936e-6161799d098d
:setup: Standalone instance
:steps:
1. Run dsidm user get_dn for created user
2. Check the output content is correct
:expectedresults:
1. Success
2. Success
"""

standalone = topology_st.standalone
users = nsUserAccounts(standalone, DEFAULT_SUFFIX)
test_user = users.get('test_user_1000')
args = FakeArgs()
args.dn = test_user.dn

log.info('Empty the log file to prevent false data to check about user')
topology_st.logcap.flush()

log.info('Test dsidm user get_dn without json')
> get_dn(standalone, DEFAULT_SUFFIX, topology_st.logcap.log, args)

suites/clu/dsidm_user_test.py:214:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/usr/local/lib/python3.9/site-packages/lib389/cli_idm/user.py:38: in get_dn
_generic_get_dn(inst, basedn, log.getChild('_generic_get_dn'), MANY, dn, args)
/usr/local/lib/python3.9/site-packages/lib389/cli_idm/__init__.py:101: in _generic_get_dn
o = mc.get(dn=dn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1144: in get
results = self._get_dn(dn)
/usr/local/lib/python3.9/site-packages/lib389/_mapped_object.py:1162: in _get_dn
return self._instance.search_ext_s(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:863: in search_ext_s
msgid = self.search_ext(base,scope,filterstr,attrlist,attrsonly,serverctrls,clientctrls,timeout,sizelimit)
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:853: in search_ext
return self._ldap_call(
/usr/local/lib/python3.9/site-packages/lib389/__init__.py:173: in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

self = <lib389.DirSrv object at 0x7f10eab434c0>
func = <built-in method search_ext of LDAP object at 0x7f10ec79c1b0>
args = (<function get_dn.<locals>.<lambda> at 0x7f10ec710ee0>, 0, '(&(objectclass=nsPerson)(objectclass=nsAccount)(objectclass=nsOrgPerson)(objectclass=posixAccount))', ['dn'], 0, None, ...)
kwargs = {}, diagnostic_message_success = None

def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('*** %s %s - %s\n%s\n' % (
repr(self),
self._uri,
'.'.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
> result = func(*args,**kwargs)
E TypeError: search_ext() argument 1 must be str, not function

/usr/lib64/python3.9/site-packages/ldap/ldapobject.py:324: TypeError
-------------------------------Captured log setup-------------------------------
INFO tests.suites.clu.dsidm_user_test:dsidm_user_test.py:34 Create test user
-------------------------------Captured log call--------------------------------
INFO tests.suites.clu.dsidm_user_test:dsidm_user_test.py:210 Empty the log file to prevent false data to check about user INFO tests.suites.clu.dsidm_user_test:dsidm_user_test.py:213 Test dsidm user get_dn without json
-----------------------------Captured log teardown------------------------------
INFO tests.suites.clu.dsidm_user_test:dsidm_user_test.py:42 Delete test user
XFailed suites/config/config_test.py::test_defaultnamingcontext_1 0.26
topo = <lib389.topologies.TopologyMain object at 0x7f10ecf61130>

@pytest.mark.xfail(reason="This may fail due to bug 1610234")
def test_defaultnamingcontext_1(topo):
"""This test case should be part of function test_defaultnamingcontext
Please move it back after we have a fix for bug 1610234
"""
log.info("Remove the original suffix which is currently nsslapd-defaultnamingcontext"
"and check nsslapd-defaultnamingcontext become empty.")

""" Please remove these declarations after moving the test
to function test_defaultnamingcontext
"""
backends = Backends(topo.standalone)
test_db2 = 'test2_db'
test_suffix2 = 'dc=test2,dc=com'
b2 = backends.create(properties={'cn': test_db2,
'nsslapd-suffix': test_suffix2})
b2.delete()
> assert topo.standalone.config.get_attr_val_utf8('nsslapd-defaultnamingcontext') == ' '
E AssertionError: assert 'dc=example,dc=com' == ' '
E Strings contain only whitespace, escaping them using repr()
E - ' '
E + 'dc=example,dc=com'

suites/config/config_test.py:300: AssertionError
-------------------------------Captured log call--------------------------------
INFO tests.suites.config.config_test:config_test.py:288 Remove the original suffix which is currently nsslapd-defaultnamingcontextand check nsslapd-defaultnamingcontext become empty.
XFailed suites/export/export_test.py::test_dbtasks_db2ldif_with_non_accessible_ldif_file_path_output 3.67
topo = <lib389.topologies.TopologyMain object at 0x7f10eccba250>

@pytest.mark.bz1860291
@pytest.mark.xfail(reason="bug 1860291")
@pytest.mark.skipif(ds_is_older("1.3.10", "1.4.2"), reason="Not implemented")
def test_dbtasks_db2ldif_with_non_accessible_ldif_file_path_output(topo):
"""Export with db2ldif, giving a ldif file path which can't be accessed by the user (dirsrv by default)

:id: fcc63387-e650-40a7-b643-baa68c190037
:setup: Standalone Instance - entries imported in the db
:steps:
1. Stop the server
2. Launch db2ldif with a non accessible ldif file path
3. check the error reported in the command output
:expected results:
1. Operation successful
2. Operation properly fails
3. An clear error message is reported as output of the cli
"""
export_ldif = '/tmp/nonexistent/export.ldif'

log.info("Stopping the instance...")
topo.standalone.stop()

log.info("Performing an offline export to a non accessible ldif file path - should fail and output a clear error message")
expected_output="No such file or directory"
> run_db2ldif_and_clear_logs(topo, topo.standalone, DEFAULT_BENAME, export_ldif, expected_output)

suites/export/export_test.py:150:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7f10eccba250>
instance = <lib389.DirSrv object at 0x7f10ec61b6d0>, backend = 'userRoot'
ldif = '/tmp/nonexistent/export.ldif', output_msg = 'No such file or directory'
encrypt = False, repl = False

def run_db2ldif_and_clear_logs(topology, instance, backend, ldif, output_msg, encrypt=False, repl=False):
args = FakeArgs()
args.instance = instance.serverid
args.backend = backend
args.encrypted = encrypt
args.replication = repl
args.ldif = ldif

dbtasks_db2ldif(instance, topology.logcap.log, args)

log.info('checking output msg')
if not topology.logcap.contains(output_msg):
log.error('The output message is not the expected one')
> assert False
E assert False

suites/export/export_test.py:36: AssertionError
------------------------------Captured stderr call------------------------------
ldiffile: /tmp/nonexistent/export.ldif
-------------------------------Captured log call--------------------------------
INFO lib389.utils:export_test.py:145 Stopping the instance... INFO lib389.utils:export_test.py:148 Performing an offline export to a non accessible ldif file path - should fail and output a clear error message CRITICAL LogCapture:dbtasks.py:41 db2ldif failed INFO lib389.utils:export_test.py:33 checking output msg ERROR lib389.utils:export_test.py:35 The output message is not the expected one
XFailed suites/healthcheck/healthcheck_test.py::test_healthcheck_unable_to_query_backend 0.98
topology_st = <lib389.topologies.TopologyMain object at 0x7f10ec463820>

@pytest.mark.ds50873
@pytest.mark.bz1796343
@pytest.mark.skipif(ds_is_older("1.4.1"), reason="Not implemented")
@pytest.mark.xfail(reason="Will fail because of bz1837315. Set proper version after bug is fixed")
def test_healthcheck_unable_to_query_backend(topology_st):
"""Check if HealthCheck returns DSBLE0002 code

:id: 716b1ff1-94bd-4780-98b8-96ff8ef21e30
:setup: Standalone instance
:steps:
1. Create DS instance
2. Create a new root suffix and database
3. Disable new suffix
4. Use HealthCheck without --json option
5. Use HealthCheck with --json option
:expectedresults:
1. Success
2. Success
3. Success
4. HealthCheck should return code DSBLE0002
5. HealthCheck should return code DSBLE0002
"""

RET_CODE = 'DSBLE0002'
NEW_SUFFIX = 'dc=test,dc=com'
NEW_BACKEND = 'userData'

standalone = topology_st.standalone

log.info('Create new suffix')
backends = Backends(standalone)
backends.create(properties={
'cn': NEW_BACKEND,
'nsslapd-suffix': NEW_SUFFIX,
})

log.info('Disable the newly created suffix')
mts = MappingTrees(standalone)
mt_new = mts.get(NEW_SUFFIX)
mt_new.replace('nsslapd-state', 'disabled')

run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)
run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=True)

log.info('Enable the suffix again and check if nothing is broken')
mt_new.replace('nsslapd-state', 'backend')
> run_healthcheck_and_flush_log(topology_st, standalone, RET_CODE, json=False)

suites/healthcheck/healthcheck_test.py:453:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topology = <lib389.topologies.TopologyMain object at 0x7f10ec463820>
instance = <lib389.DirSrv object at 0x7f10edc4cbb0>, searched_code = 'DSBLE0002'
json = False, searched_code2 = None, list_checks = False, list_errors = False
check = None, searched_list = None

def run_healthcheck_and_flush_log(topology, instance, searched_code=None, json=False, searched_code2=None,
list_checks=False, list_errors=False, check=None, searched_list=None):
args = FakeArgs()
args.instance = instance.serverid
args.verbose = instance.verbose
args.list_errors = list_errors
args.list_checks = list_checks
args.check = check
args.dry_run = False
args.json = json

log.info('Use healthcheck with --json == {} option'.format(json))
health_check_run(instance, topology.logcap.log, args)

if searched_list is not None:
for item in searched_list:
assert topology.logcap.contains(item)
log.info('Healthcheck returned searched item: %s' % item)
else:
> assert topology.logcap.contains(searched_code)
E AssertionError: assert False
E + where False = <bound method LogCapture.contains of <LogCapture (NOTSET)>>('DSBLE0002')
E + where <bound method LogCapture.contains of <LogCapture (NOTSET)>> = <LogCapture (NOTSET)>.contains
E + where <LogCapture (NOTSET)> = <lib389.topologies.TopologyMain object at 0x7f10ec463820>.logcap

suites/healthcheck/healthcheck_test.py:49: AssertionError
-------------------------------Captured log call--------------------------------
INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking backends:userdata:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userdata:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userdata:search ... INFO LogCapture:health.py:99 Checking backends:userdata:virt_attrs ... INFO LogCapture:health.py:99 Checking backends:userroot:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userroot:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userroot:search ... INFO LogCapture:health.py:99 Checking backends:userroot:virt_attrs ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:99 Checking refint:attr_indexes ... INFO LogCapture:health.py:99 Checking refint:update_delay ... INFO LogCapture:health.py:99 Checking monitor-disk-space:disk_space ... INFO LogCapture:health.py:99 Checking replication:agmts_status ... INFO LogCapture:health.py:99 Checking replication:conflicts ... INFO LogCapture:health.py:99 Checking dseldif:nsstate ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking logs:notes ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 4 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSBLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: backends:userdata:mappingtree INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- userdata INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 This backend may be missing the correct mapping tree references. Mapping Trees allow the directory server to determine which backend an operation is routed to in the abscence of other information. This is extremely important for correct functioning of LDAP ADD for example. A correct Mapping tree for this backend must contain the suffix name, the database name and be a backend type. IE: cn=o3Dexample,cn=mapping tree,cn=config cn: o=example nsslapd-backend: userRoot nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Either you need to create the mapping tree, or you need to repair the related mapping tree. You will need to do this by hand by editing cn=config, or stopping the instance and editing dse.ldif. INFO LogCapture:health.py:45 [2] DS Lint Error: DSBLE0002 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: HIGH INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 27, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\n'}) INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Check the server's error and access logs for more information. INFO LogCapture:health.py:45 [3] DS Lint Error: DSBLE0001 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: MEDIUM INFO LogCapture:health.py:49 Check: backends:userdata:mappingtree INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- userdata INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 This backend may be missing the correct mapping tree references. Mapping Trees allow the directory server to determine which backend an operation is routed to in the abscence of other information. This is extremely important for correct functioning of LDAP ADD for example. A correct Mapping tree for this backend must contain the suffix name, the database name and be a backend type. IE: cn=o3Dexample,cn=mapping tree,cn=config cn: o=example nsslapd-backend: userRoot nsslapd-state: backend objectClass: top objectClass: extensibleObject objectClass: nsMappingTree INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Either you need to create the mapping tree, or you need to repair the related mapping tree. You will need to do this by hand by editing cn=config, or stopping the instance and editing dse.ldif. INFO LogCapture:health.py:45 [4] DS Lint Error: DSBLE0002 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: HIGH INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 27, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\n'}) INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 Check the server's error and access logs for more information. INFO LogCapture:health.py:124 ===== End Of Report (4 Issues found) ===== INFO LogCapture:health.py:126 [ { "dsle": "DSBLE0001", "severity": "MEDIUM", "description": "Possibly incorrect mapping tree.", "items": [ "userdata" ], "detail": "This backend may be missing the correct mapping tree references. Mapping Trees allow\nthe directory server to determine which backend an operation is routed to in the\nabscence of other information. This is extremely important for correct functioning\nof LDAP ADD for example.\n\nA correct Mapping tree for this backend must contain the suffix name, the database name\nand be a backend type. IE:\n\ncn=o3Dexample,cn=mapping tree,cn=config\ncn: o=example\nnsslapd-backend: userRoot\nnsslapd-state: backend\nobjectClass: top\nobjectClass: extensibleObject\nobjectClass: nsMappingTree\n\n", "fix": "Either you need to create the mapping tree, or you need to repair the related\nmapping tree. You will need to do this by hand by editing cn=config, or stopping\nthe instance and editing dse.ldif.\n", "check": "backends:userdata:mappingtree" }, { "dsle": "DSBLE0002", "severity": "HIGH", "description": "Unable to query backend.", "items": [ "dc=test,dc=com" ], "detail": "Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 27, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\\n'})", "fix": "Check the server's error and access logs for more information.", "check": "backends:userdata:search" }, { "dsle": "DSBLE0001", "severity": "MEDIUM", "description": "Possibly incorrect mapping tree.", "items": [ "userdata" ], "detail": "This backend may be missing the correct mapping tree references. Mapping Trees allow\nthe directory server to determine which backend an operation is routed to in the\nabscence of other information. This is extremely important for correct functioning\nof LDAP ADD for example.\n\nA correct Mapping tree for this backend must contain the suffix name, the database name\nand be a backend type. IE:\n\ncn=o3Dexample,cn=mapping tree,cn=config\ncn: o=example\nnsslapd-backend: userRoot\nnsslapd-state: backend\nobjectClass: top\nobjectClass: extensibleObject\nobjectClass: nsMappingTree\n\n", "fix": "Either you need to create the mapping tree, or you need to repair the related\nmapping tree. You will need to do this by hand by editing cn=config, or stopping\nthe instance and editing dse.ldif.\n", "check": "backends:userdata:mappingtree" }, { "dsle": "DSBLE0002", "severity": "HIGH", "description": "Unable to query backend.", "items": [ "dc=test,dc=com" ], "detail": "Unable to query the backend. LDAP error ({'msgtype': 101, 'msgid': 27, 'result': 1, 'desc': 'Operations error', 'ctrls': [], 'info': 'Warning: Operation attempted on a disabled node : dc=example,dc=com\\n'})", "fix": "Check the server's error and access logs for more information.", "check": "backends:userdata:search" } ] INFO LogCapture:health.py:94 Beginning lint report, this could take a while ... INFO LogCapture:health.py:99 Checking config:hr_timestamp ... INFO LogCapture:health.py:99 Checking config:passwordscheme ... INFO LogCapture:health.py:99 Checking backends:userdata:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userdata:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userdata:search ... INFO LogCapture:health.py:99 Checking backends:userdata:virt_attrs ... INFO LogCapture:health.py:99 Checking backends:userroot:cl_trimming ... INFO LogCapture:health.py:99 Checking backends:userroot:mappingtree ... INFO LogCapture:health.py:99 Checking backends:userroot:search ... INFO LogCapture:health.py:99 Checking backends:userroot:virt_attrs ... INFO LogCapture:health.py:99 Checking encryption:check_tls_version ... INFO LogCapture:health.py:99 Checking fschecks:file_perms ... INFO LogCapture:health.py:99 Checking refint:attr_indexes ... INFO LogCapture:health.py:99 Checking refint:update_delay ... INFO LogCapture:health.py:99 Checking monitor-disk-space:disk_space ... INFO LogCapture:health.py:99 Checking replication:agmts_status ... INFO LogCapture:health.py:99 Checking replication:conflicts ... INFO LogCapture:health.py:99 Checking dseldif:nsstate ... INFO LogCapture:health.py:99 Checking tls:certificate_expiration ... INFO LogCapture:health.py:99 Checking logs:notes ... INFO LogCapture:health.py:106 Healthcheck complete. INFO LogCapture:health.py:119 2 Issues found! Generating report ... INFO LogCapture:health.py:45 [1] DS Lint Error: DSBLE0003 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: LOW INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The backend database has not been initialized yet INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 You need to import an LDIF file, or create the suffix entry, in order to initialize the database. INFO LogCapture:health.py:45 [2] DS Lint Error: DSBLE0003 INFO LogCapture:health.py:46 -------------------------------------------------------------------------------- INFO LogCapture:health.py:47 Severity: LOW INFO LogCapture:health.py:49 Check: backends:userdata:search INFO LogCapture:health.py:50 Affects: INFO LogCapture:health.py:52 -- dc=test,dc=com INFO LogCapture:health.py:53 Details: INFO LogCapture:health.py:54 ----------- INFO LogCapture:health.py:55 The backend database has not been initialized yet INFO LogCapture:health.py:56 Resolution: INFO LogCapture:health.py:57 ----------- INFO LogCapture:health.py:58 You need to import an LDIF file, or create the suffix entry, in order to initialize the database. INFO LogCapture:health.py:124 ===== End Of Report (2 Issues found) =====
XFailed suites/replication/conflict_resolve_test.py::TestTwoSuppliers::test_memberof_groups 8.63
self = <tests.suites.replication.conflict_resolve_test.TestTwoSuppliers object at 0x7f10eb37c160>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10e9c7ee20>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7f10eaa5c2b0>

def test_memberof_groups(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with memberOf and groups

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb3
:setup: Two supplier replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Enable memberOf plugin
2. Add 30 users to m1 and wait for replication to happen
3. Pause replication
4. Create a group on m1 and m2
5. Create a group on m1 and m2, delete from m1
6. Create a group on m1, delete from m1, and create on m2,
7. Create a group on m2 and m1, delete from m1
8. Create two different groups on m2
9. Resume replication
10. Check that the entries on both suppliers are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:403: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoSuppliers::test_managed_entries 0.08
self = <tests.suites.replication.conflict_resolve_test.TestTwoSuppliers object at 0x7f10ea00c640>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10e9c7ee20>

def test_managed_entries(self, topology_m2):
"""Check that conflict properly resolved for operations
with managed entries

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb4
:setup: Two supplier replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Create ou=managed_users and ou=managed_groups under test container
2. Configure managed entries plugin and add a template to test container
3. Add a user to m1 and wait for replication to happen
4. Pause replication
5. Create a user on m1 and m2 with a same group ID on both supplier
6. Create a user on m1 and m2 with a different group ID on both supplier
7. Resume replication
8. Check that the entries on both suppliers are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:494: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestTwoSuppliers::test_nested_entries_with_children 7.22
self = <tests.suites.replication.conflict_resolve_test.TestTwoSuppliers object at 0x7f10e9c23dc0>
topology_m2 = <lib389.topologies.TopologyMain object at 0x7f10e9c7ee20>
base_m2 = <lib389.idm.nscontainer.nsContainer object at 0x7f10ea993430>

def test_nested_entries_with_children(self, topology_m2, base_m2):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb5
:setup: Two supplier replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create parent-child on supplier2 and supplier1
4. Create parent-child on supplier1 and supplier2
5. Create parent-child on supplier1 and supplier2 different child rdn
6. Create parent-child on supplier1 and delete parent on supplier2
7. Create parent on supplier1, delete it and parent-child on supplier2, delete them
8. Create parent on supplier1, delete it and parent-two children on supplier2
9. Create parent-two children on supplier1 and parent-child on supplier2, delete them
10. Create three subsets inside existing container entry, applying only part of changes on m2
11. Create more combinations of the subset with parent-child on m1 and parent on m2
12. Delete container on m1, modify user1 on m1, create parent on m2 and modify user2 on m2
13. Resume replication
14. Check that the entries on both suppliers are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
9. It should pass
10. It should pass
11. It should pass
12. It should pass
13. It should pass
14. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:585: XFailed
XFailed suites/replication/conflict_resolve_test.py::TestThreeSuppliers::test_nested_entries 62.16
self = <tests.suites.replication.conflict_resolve_test.TestThreeSuppliers object at 0x7f10ea00c880>
topology_m3 = <lib389.topologies.TopologyMain object at 0x7f10eac2d550>
base_m3 = <lib389.idm.nscontainer.nsContainer object at 0x7f10eafc1040>

def test_nested_entries(self, topology_m3, base_m3):
"""Check that conflict properly resolved for operations
with nested entries with children

:id: 77f09b18-03d1-45da-940b-1ad2c2908eb6
:setup: Three supplier replication, test container for entries, enable plugin logging,
audit log, error log for replica and access log for internal
:steps:
1. Add 15 containers to m1 and wait for replication to happen
2. Pause replication
3. Create two child entries under each of two entries
4. Create three child entries under each of three entries
5. Create two parents on m1 and m2, then on m1 - create a child and delete one parent,
on m2 - delete one parent and create a child
6. Test a few more parent-child combinations with three instances
7. Resume replication
8. Check that the entries on both suppliers are the same and replication is working
:expectedresults:
1. It should pass
2. It should pass
3. It should pass
4. It should pass
5. It should pass
6. It should pass
7. It should pass
8. It should pass
"""

> pytest.xfail("Issue 49591 - work in progress")
E _pytest.outcomes.XFailed: Issue 49591 - work in progress

suites/replication/conflict_resolve_test.py:969: XFailed
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier3 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39003, 'ldap-secureport': 63703, 'server-id': 'supplier3', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect ffc1e773-83a9-4415-8395-704cae387458 / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 8eba9e70-2d43-4122-8cbe-3d060290a0cd / got description=ffc1e773-83a9-4415-8395-704cae387458) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:156 Joining supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is NOT working (expect 1d833c1b-a17c-487a-bf07-45e82d863db0 / got description=8eba9e70-2d43-4122-8cbe-3d060290a0cd) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 4c9b1f6d-ee55-48b5-9f6c-24b4effe4531 / got description=1d833c1b-a17c-487a-bf07-45e82d863db0) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier3 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier3 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 is was created INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier3 to supplier2 ... INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39003 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created
XFailed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.15
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_add(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf94
:parametrized: yes
:setup: standalone instance
:steps:
1. Use a value that is too small
2. Use a value that is too big
3. Use a value that overflows the int
4. Use a value with character value (not a number)
5. Use a valid value
:expectedresults:
1. Add is rejected
2. Add is rejected
3. Add is rejected
4. Add is rejected
5. Add is allowed
"""

agmt_reset(topo)
replica = replica_setup(topo)

agmts = Agreements(topo.standalone, basedn=replica.dn)

# Test too small
perform_invalid_create(agmts, agmt_dict, attr, too_small)
# Test too big
> perform_invalid_create(agmts, agmt_dict, attr, too_big)

suites/replication/replica_config_test.py:217:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

many = <lib389.agreement.Agreements object at 0x7f10ec7f8be0>
properties = {'cn': 'test_agreement', 'nsDS5ReplicaBindDN': 'uid=tester', 'nsDS5ReplicaBindMethod': 'SIMPLE', 'nsDS5ReplicaHost': 'localhost.localdomain', ...}
attr = 'nsds5ReplicaPort', value = '65535'

def perform_invalid_create(many, properties, attr, value):
my_properties = copy.deepcopy(properties)
my_properties[attr] = value
with pytest.raises(ldap.LDAPError) as ei:
> many.create(properties=my_properties)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:108: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaPort-0-65535-9999999999999999999999999999999999999999999999999999999999999999999-invalid-389] 0.22
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaPort', too_small = '0', too_big = '65535'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '389'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
> perform_invalid_modify(agmt, attr, too_small)

suites/replication/replica_config_test.py:253:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10e9d2f400>
attr = 'nsds5ReplicaPort', value = '0'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.23
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaTimeout', too_small = '-1', too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10eada03a0>
attr = 'nsds5ReplicaTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.50
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaBusyWaitTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10eb385310>
attr = 'nsds5ReplicaBusyWaitTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaSessionPauseTime', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10e9f88400>
attr = 'nsds5ReplicaSessionPauseTime', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaFlowControlWindow', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10eae257c0>
attr = 'nsds5ReplicaFlowControlWindow', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.30
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaFlowControlPause', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10eadbc970>
attr = 'nsds5ReplicaFlowControlPause', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/replica_config_test.py::test_agmt_num_modify[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.27
topo = <lib389.topologies.TopologyMain object at 0x7f10ec7cefd0>
attr = 'nsds5ReplicaProtocolTimeout', too_small = '-1'
too_big = '9223372036854775807'
overflow = '9999999999999999999999999999999999999999999999999999999999999999999'
notnum = 'invalid', valid = '6'

@pytest.mark.xfail(reason="Agreement validation current does not work.")
@pytest.mark.parametrize("attr, too_small, too_big, overflow, notnum, valid", agmt_attrs)
def test_agmt_num_modify(topo, attr, too_small, too_big, overflow, notnum, valid):
"""Test all the number values you can set for a replica config entry

:id: a8b47d4a-a089-4d70-8070-e6181209bf95
:parametrized: yes
:setup: standalone instance
:steps:
1. Replace a value that is too small
2. Replace a value that is too big
3. Replace a value that overflows the int
4. Replace a value with character value (not a number)
5. Replace a vlue with a valid value
:expectedresults:
1. Value is rejected
2. Value is rejected
3. Value is rejected
4. Value is rejected
5. Value is allowed
"""

agmt = agmt_setup(topo)

# Value too small
perform_invalid_modify(agmt, attr, too_small)
# Value too big
> perform_invalid_modify(agmt, attr, too_big)

suites/replication/replica_config_test.py:255:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

o = <lib389.agreement.Agreement object at 0x7f10eb4550a0>
attr = 'nsds5ReplicaProtocolTimeout', value = '9223372036854775807'

def perform_invalid_modify(o, attr, value):
with pytest.raises(ldap.LDAPError) as ei:
> o.replace(attr, value)
E Failed: DID NOT RAISE <class 'ldap.LDAPError'>

suites/replication/replica_config_test.py:113: Failed
XFailed suites/replication/ruvstore_test.py::test_memoryruv_sync_with_databaseruv 3.73
topo = <lib389.topologies.TopologyMain object at 0x7f10ea000fd0>

@pytest.mark.xfail(reason="No method to safety access DB ruv currently exists online.")
def test_memoryruv_sync_with_databaseruv(topo):
"""Check if memory ruv and database ruv are synced

:id: 5f38ac5f-6353-460d-bf60-49cafffda5b3
:setup: Replication with two suppliers.
:steps: 1. Add user to server and compare memory ruv and database ruv.
2. Modify description of user and compare memory ruv and database ruv.
3. Modrdn of user and compare memory ruv and database ruv.
4. Delete user and compare memory ruv and database ruv.
:expectedresults:
1. For add user, the memory ruv and database ruv should be the same.
2. For modify operation, the memory ruv and database ruv should be the same.
3. For modrdn operation, the memory ruv and database ruv should be the same.
4. For delete operation, the memory ruv and database ruv should be the same.
"""

log.info('Adding user: {} to supplier1'.format(TEST_ENTRY_NAME))
users = UserAccounts(topo.ms['supplier1'], DEFAULT_SUFFIX)
tuser = users.create(properties=USER_PROPERTIES)
> _compare_memoryruv_and_databaseruv(topo, 'add')

suites/replication/ruvstore_test.py:139:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _

topo = <lib389.topologies.TopologyMain object at 0x7f10ea000fd0>
operation_type = 'add'

def _compare_memoryruv_and_databaseruv(topo, operation_type):
"""Compare the memoryruv and databaseruv for ldap operations"""

log.info('Checking memory ruv for ldap: {} operation'.format(operation_type))
replicas = Replicas(topo.ms['supplier1'])
replica = replicas.list()[0]
memory_ruv = replica.get_attr_val_utf8('nsds50ruv')

log.info('Checking database ruv for ldap: {} operation'.format(operation_type))
> entry = replicas.get_ruv_entry(DEFAULT_SUFFIX)
E AttributeError: 'Replicas' object has no attribute 'get_ruv_entry'

suites/replication/ruvstore_test.py:81: AttributeError
-------------------------------Captured log call--------------------------------
INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:136 Adding user: rep2lusr to supplier1 INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:75 Checking memory ruv for ldap: add operation INFO tests.suites.replication.ruvstore_test:ruvstore_test.py:80 Checking database ruv for ldap: add operation
XPassed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_Use_double_equal_instead_of_equal_in_the_targetattr] 0.27
No log output captured.
XPassed suites/acl/syntax_test.py::test_aci_invalid_syntax_fail[test_Use_double_equal_instead_of_equal_in_the_targetfilter] 0.09
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaBusyWaitTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.26
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaSessionPauseTime--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlWindow--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.26
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaFlowControlPause--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.25
No log output captured.
XPassed suites/replication/replica_config_test.py::test_agmt_num_add[nsds5ReplicaProtocolTimeout--1-9223372036854775807-9999999999999999999999999999999999999999999999999999999999999999999-invalid-6] 0.24
No log output captured.
Skipped suites/config/regression_test.py::test_set_cachememsize_to_custom_value 0.00
('suites/config/regression_test.py', 34, 'Skipped: available memory is too low')
Skipped suites/ds_logs/ds_logs_test.py::test_etime_at_border_of_second 0.00
('suites/ds_logs/ds_logs_test.py', 736, 'Skipped: rsearch was removed')
Skipped suites/memory_leaks/MMR_double_free_test.py::test_MMR_double_free 0.00
('suites/memory_leaks/MMR_double_free_test.py', 67, "Skipped: Don't run if ASAN is not enabled")
Skipped suites/memory_leaks/range_search_test.py::test_range_search 0.00
('suites/memory_leaks/range_search_test.py', 24, "Skipped: Don't run if ASAN is not enabled")
Skipped suites/migration/export_data_test.py::test_export_data_from_source_host 0.00
('suites/migration/export_data_test.py', 24, 'Skipped: This test is meant to execute in specific test environment')
Skipped suites/migration/import_data_test.py::test_import_data_to_target_host 0.00
('suites/migration/import_data_test.py', 24, 'Skipped: This test is meant to execute in specific test environment')
Skipped suites/replication/changelog_test.py::test_cldump_files_removed 0.00
('suites/replication/changelog_test.py', 236, 'Skipped: does not work for prefix builds')
Skipped suites/replication/changelog_test.py::test_changelog_compactdbinterval 0.00
('suites/replication/changelog_test.py', 631, 'Skipped: changelog compaction is done by the backend itself, with id2entry as well, nsslapd-changelogcompactdb-interval is no longer supported')
Skipped suites/rewriters/adfilter_test.py::test_adfilter_objectSid 0.91
('suites/rewriters/adfilter_test.py', 90, 'Skipped: It is missing samba python bindings')
Skipped tickets/ticket47815_test.py::test_ticket47815 0.00
('tickets/ticket47815_test.py', 26, 'Skipped: Not implemented, or invalid by nsMemberOf')
Skipped tickets/ticket49121_test.py::test_ticket49121 0.00
('tickets/ticket49121_test.py', 32, "Skipped: Don't run if ASAN is not enabled")
Passed suites/acl/aci_excl_filter_test.py::test_aci_with_exclude_filter 9.81
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:96 Create an OU for them INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:98 Create an top org users INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:100 Add aci which contains extensible filter. INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:105 Add aci which contains extensible filter. INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:114 Adding OU entries ... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:117 Adding "ou" : OU0 under "dn" : dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:47 Organisation OU0 created for ou :ou=OU0,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:120 Adding outest under ou=OU0,dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:47 Organisation outest created for ou :ou=outest,ou=OU0,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:117 Adding "ou" : OU1 under "dn" : dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:47 Organisation OU1 created for ou :ou=OU1,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:120 Adding outest under ou=OU1,dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:47 Organisation outest created for ou :ou=outest,ou=OU1,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:128 Adding User: admin0 under ou=outest,ou=OU0,dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:65 User created for dn :ou=admin0,ou=outest,ou=OU0,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:128 Adding User: admin01 under ou=outest,ou=OU1,dc=example,dc=com... INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:65 User created for dn :ou=admin01,ou=outest,ou=OU1,dc=example,dc=com . INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:131 Bind as user admin01 INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:141 Verify 2 Entries returned for cn (cn=admin01) INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:145 Verified the entries do not contain 'telephonenumber' INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:145 Verified the entries do not contain 'telephonenumber' INFO tests.suites.acl.aci_excl_filter_test:aci_excl_filter_test.py:146 Test complete
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_EQ_ACI)] 9.35
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_PRES_ACI)] 0.41
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, REAL_SUB_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_PRES_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, ROLE_SUB_ACI)] 0.67
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_EQ_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_PRES_ACI)] 0.37
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, COS_SUB_ACI)] 0.35
No log output captured.
Passed suites/acl/acivattr_test.py::test_positive[(ENG_USER, ENG_MANAGER, LDAPURL_ACI)] 0.64
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_EQ_ACI)] 0.75
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_OU, REAL_PRES_ACI)] 0.45
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, REAL_SUB_ACI)] 0.41
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_EQ_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_PRES_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, ROLE_SUB_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_EQ_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_PRES_ACI)] 0.37
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, SALES_MANAGER, COS_SUB_ACI)] 0.36
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(SALES_UESER, SALES_MANAGER, LDAPURL_ACI)] 0.39
No log output captured.
Passed suites/acl/acivattr_test.py::test_negative[(ENG_USER, ENG_MANAGER, ROLE_EQ_ACI)] 1.00
No log output captured.
Passed suites/acl/acl_deny_test.py::test_multi_deny_aci 22.70
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389:acl_deny_test.py:47 Add uid=tuser1,ou=People,dc=example,dc=com INFO lib389:acl_deny_test.py:58 Add uid=tuser,ou=People,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:acl_deny_test.py:90 Pass 1 INFO lib389:acl_deny_test.py:93 Testing two searches behave the same... INFO lib389:acl_deny_test.py:136 Testing search does not return any entries... INFO lib389:acl_deny_test.py:90 Pass 2 INFO lib389:acl_deny_test.py:93 Testing two searches behave the same... INFO lib389:acl_deny_test.py:136 Testing search does not return any entries... INFO lib389:acl_deny_test.py:200 Test PASSED
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[lang-ja] 26.14
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39001, 'ldap-secureport': 63701, 'server-id': 'supplier1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for supplier2 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 39002, 'ldap-secureport': 63702, 'server-id': 'supplier2', 'suffix': 'dc=example,dc=com'} was created. INFO lib389.topologies:topologies.py:142 Creating replication topology. INFO lib389.topologies:topologies.py:156 Joining supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2084 SUCCESS: bootstrap to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 completed INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is was created INFO lib389.replica:replica.py:2365 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is was created INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is NOT working (expect f9fc4daf-0e79-4383-bf03-2ad71fbaf97d / got description=None) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 is working INFO lib389.replica:replica.py:2498 Retry: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is NOT working (expect 3b663d6c-f89d-468e-85f1-8deb0b3c14ac / got description=f9fc4daf-0e79-4383-bf03-2ad71fbaf97d) INFO lib389.replica:replica.py:2496 SUCCESS: Replication from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 is working INFO lib389.replica:replica.py:2153 SUCCESS: joined supplier from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier1 to supplier2 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 already exists INFO lib389.topologies:topologies.py:164 Ensuring supplier supplier2 to supplier1 ... INFO lib389.replica:replica.py:2338 SUCCESS: Agreement from ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39002 to ldap://ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:39001 already exists INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'lang-ja' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'lang-ja' subtype
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[binary] 0.22
-------------------------------Captured log setup-------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'binary' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'binary' subtype
Passed suites/acl/acl_test.py::test_aci_attr_subtype_targetattr[phonetic] 0.46
-------------------------------Captured log setup-------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:76 ========Executing test with 'phonetic' subtype======== INFO tests.suites.acl.acl_test:acl_test.py:77 Add a target attribute INFO tests.suites.acl.acl_test:acl_test.py:80 Add a user attribute INFO tests.suites.acl.acl_test:acl_test.py:88 Add an ACI with attribute subtype
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:118 Search for the added attribute INFO tests.suites.acl.acl_test:acl_test.py:125 The added attribute was found
-----------------------------Captured log teardown------------------------------
INFO tests.suites.acl.acl_test:acl_test.py:92 Finally, delete an ACI with the 'phonetic' subtype
Passed suites/acl/acl_test.py::test_mode_default_add_deny 0.36
-------------------------------Captured log setup-------------------------------
INFO lib389:acl_test.py:233 ######## INITIALIZATION ######## INFO lib389:acl_test.py:236 Add uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:254 Add cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:258 Add cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:262 Add cn=excepts,cn=accounts,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:294 ######## mode moddn_aci : ADD (should fail) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:302 Try to add cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:311 Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_mode_default_delete_deny 0.08
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:329 ######## DELETE (should fail) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:336 Try to delete cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:341 Exception (expected): INSUFFICIENT_ACCESS
Passed suites/acl/acl_test.py::test_moddn_staging_prod[0-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.49
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (0) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account0,cn=staged user,dc=example,dc=com -> uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[1-cn=staged user,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.24
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (1) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account1,cn=staged user,dc=example,dc=com -> uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[2-cn=staged user,dc=example,dc=com-cn=bad*,dc=example,dc=com-True] 0.26
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (2) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account2,cn=staged user,dc=example,dc=com -> uid=new_account2,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:409 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[3-cn=st*,dc=example,dc=com-cn=accounts,dc=example,dc=com-False] 0.27
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (3) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account3,cn=staged user,dc=example,dc=com -> uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[4-cn=bad*,dc=example,dc=com-cn=accounts,dc=example,dc=com-True] 0.24
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (4) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account4,cn=staged user,dc=example,dc=com -> uid=new_account4,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:409 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[5-cn=st*,dc=example,dc=com-cn=ac*,dc=example,dc=com-False] 0.22
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (5) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account5,cn=staged user,dc=example,dc=com -> uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[6-None-cn=ac*,dc=example,dc=com-False] 0.23
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (6) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account6,cn=staged user,dc=example,dc=com -> uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[7-cn=st*,dc=example,dc=com-None-False] 0.23
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (7) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account7,cn=staged user,dc=example,dc=com -> uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod[8-None-None-False] 0.23
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:376 ######## MOVE staging -> Prod (8) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:388 Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:395 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:399 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:406 Try to MODDN uid=new_account8,cn=staged user,dc=example,dc=com -> uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_staging_prod_9 0.83
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:453 ######## MOVE staging -> Prod (9) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:466 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:473 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:479 Disable the moddn right INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:484 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:492 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:499 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:521 Try to MODDN uid=new_account9,cn=staged user,dc=example,dc=com -> uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:532 Enable the moddn right INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:536 ######## MOVE staging -> Prod (10) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:548 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:555 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:572 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:579 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:588 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:594 Try to MODDN uid=new_account10,cn=staged user,dc=example,dc=com -> uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_moddn_prod_staging 0.38
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:623 ######## MOVE staging -> Prod (11) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:636 Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:643 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:647 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:653 Try to MODDN uid=new_account11,cn=staged user,dc=example,dc=com -> uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:668 Try to move back MODDN uid=new_account11,cn=accounts,dc=example,dc=com -> uid=new_account11,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:675 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_check_repl_M2_to_M1 1.12
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:705 Bind as cn=Directory Manager (M2) INFO lib389:acl_test.py:725 Update (M2) uid=new_account12,cn=staged user,dc=example,dc=com (description) INFO lib389:acl_test.py:738 Update uid=new_account12,cn=staged user,dc=example,dc=com (description) replicated on M1
Passed suites/acl/acl_test.py::test_moddn_staging_prod_except 0.26
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:763 ######## MOVE staging -> Prod (13) ######## INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:775 Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:782 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:786 ######## MOVE to and from equality filter ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:160 Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:793 Try to MODDN uid=new_account13,cn=staged user,dc=example,dc=com -> uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:799 ######## MOVE staging -> Prod/Except (14) ######## INFO lib389:acl_test.py:805 Try to MODDN uid=new_account14,cn=staged user,dc=example,dc=com -> uid=new_account14,cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:812 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:160 Add a DENY aci under cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_default_ger_no_moddn 0.07
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:839 ######## mode moddn_aci : GER no moddn ######## INFO lib389:acl_test.py:850 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:850 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:853 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_default_ger_with_moddn 0.19
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:877 ######## mode moddn_aci: GER with moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:895 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:895 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:898 ######## entryLevelRights: b'vn' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn1 0.11
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:928 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:932 ######## mode legacy 1: GER no moddn ######## INFO lib389:acl_test.py:942 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:942 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:945 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_mode_legacy_ger_no_moddn2 0.18
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:971 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:975 ######## mode legacy 2: GER no moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:992 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:992 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:995 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com
Passed suites/acl/acl_test.py::test_mode_legacy_ger_with_moddn 0.16
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1031 ######## Disable the moddn aci mod ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:1035 ######## mode legacy : GER with moddn ######## INFO lib389:acl_test.py:133 Bind as cn=Directory Manager INFO lib389:acl_test.py:139 Bind as uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1057 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1060 ######## entryLevelRights: b'vn' INFO lib389:acl_test.py:133 Bind as cn=Directory Manager
Passed suites/acl/acl_test.py::test_rdn_write_get_ger 0.11
-------------------------------Captured log setup-------------------------------
INFO lib389:acl_test.py:1071 ######## Add entry tuser ########
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1097 ######## GER rights for anonymous ######## INFO lib389:acl_test.py:1107 dn: dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=groups,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=people,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=demo_user,ou=people,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=demo_group,ou=groups,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=group_admin,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=group_modify,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_admin,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_modify,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_passwd_reset,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=user_private_read,ou=permissions,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=replication_managers,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63701,ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=ci-vm-10-0-139-154.hosted.upshift.rdu2.redhat.com:63702,ou=services,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=bind_entry,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=excepts,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account0,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account1,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account2,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account3,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account4,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account5,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account6,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account7,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account8,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account9,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account10,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account11,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account12,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account13,cn=accounts,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account14,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account15,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account16,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account17,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account18,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: uid=new_account19,cn=staged user,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v' INFO lib389:acl_test.py:1107 dn: cn=tuser,dc=example,dc=com INFO lib389:acl_test.py:1109 ######## entryLevelRights: b'v'
Passed suites/acl/acl_test.py::test_rdn_write_modrdn_anonymous 3.16
-------------------------------Captured log call--------------------------------
INFO lib389:acl_test.py:1136 dn: INFO lib389:acl_test.py:1138 ######## 'objectClass': [b'top'] INFO lib389:acl_test.py:1138 ######## 'defaultnamingcontext': [b'dc=example,dc=com'] INFO lib389:acl_test.py:1138 ######## 'dataversion': [b'020210426012003'] INFO lib389:acl_test.py:1138 ######## 'netscapemdsuffix': [b'cn=ldap://dc=localhost,dc=localdomain:39001'] INFO lib389:acl_test.py:1143 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:acl_test.py:1150 The entry was not renamed (expected) INFO lib389:acl_test.py:133 Bind as cn=Directory Manager
Passed suites/acl/default_aci_allows_self_write_test.py::test_acl_default_allow_self_write_nsuser 19.77
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/default_aci_allows_self_write_test.py::test_acl_default_allow_self_write_user 10.53
------------------------------Captured stdout call------------------------------
uid cn sn uidNumber gidNumber homeDirectory
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_groupdn 8.98
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/deladd_test.py::test_allow_add_access_to_anyone 0.28
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_anyone 0.23
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_userdn 0.88
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_group 0.56
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_add_access_to_parent 0.26
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_parent 0.24
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_dynamic_group 0.24
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_to_dynamic_group_uid 0.49
No log output captured.
Passed suites/acl/deladd_test.py::test_allow_delete_access_not_to_dynamic_group 1.19
No log output captured.
Passed suites/acl/enhanced_aci_modrnd_test.py::test_enhanced_aci_modrnd 10.76
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:32 Add a container: ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:38 Add a container: ou=test_ou_2,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:44 Add a user: cn=test_user,ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:58 Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:62 Add an ACI 'allow (all)' by cn=test_user,ou=test_ou_1,dc=example,dc=com to the ou=test_ou_2,dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:93 Bind as cn=test_user,ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:97 User MODRDN operation from ou=test_ou_1,dc=example,dc=com to ou=test_ou_2,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:103 Check there is no user in ou=test_ou_1,dc=example,dc=com INFO tests.suites.acl.enhanced_aci_modrnd_test:enhanced_aci_modrnd_test.py:109 Check there is our user in ou=test_ou_2,dc=example,dc=com
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_five 9.40
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_six 0.12
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seven 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eight 0.11
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_nine 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_ten 0.11
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eleven 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_twelve 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fourteen 0.13
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_fifteen 0.12
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_sixteen 0.10
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_seventeen 0.09
No log output captured.
Passed suites/acl/globalgroup_part2_test.py::test_undefined_in_group_eval_eighteen 2.73
No log output captured.
Passed suites/acl/globalgroup_test.py::test_caching_changes 9.73
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_user 0.15
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deny_group_member_all_rights_to_group_members 0.10
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial 0.16
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_denial_two 0.10
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow 0.09
No log output captured.
Passed suites/acl/globalgroup_test.py::test_deeply_nested_groups_aci_allow_two 0.10
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval 0.11
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_two 0.09
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_three 0.09
No log output captured.
Passed suites/acl/globalgroup_test.py::test_undefined_in_group_eval_four 2.61
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_access_from_certain_network_only_ip 13.81
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/keywords_part2_test.py::test_connectin_from_an_unauthorized_network 0.25
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_ip_keyword_test_noip_cannot 0.17
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_at_any_time 0.15
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_only_in_the_morning 0.18
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_can_access_the_data_only_in_the_afternoon 0.16
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_timeofday_keyword 1.20
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_dayofweek_keyword_test_everyday_can_access 0.16
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_dayofweek_keyword_today_can_access 0.16
No log output captured.
Passed suites/acl/keywords_part2_test.py::test_user_cannot_access_the_data_at_all 2.11
No log output captured.
Passed suites/acl/keywords_test.py::test_user_binds_with_a_password_and_can_access_the_data 10.04
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/keywords_test.py::test_user_binds_with_a_bad_password_and_cannot_access_the_data 0.07
No log output captured.
Passed suites/acl/keywords_test.py::test_anonymous_user_cannot_access_the_data 0.10
No log output captured.
Passed suites/acl/keywords_test.py::test_authenticated_but_has_no_rigth_on_the_data 0.13
No log output captured.
Passed suites/acl/keywords_test.py::test_the_bind_client_is_accessing_the_directory 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_users_binds_with_a_password_and_can_access_the_data 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_user_binds_without_any_password_and_cannot_access_the_data 0.09
No log output captured.
Passed suites/acl/keywords_test.py::test_user_cannot_access_the_data_if_not_from_a_certain_domain 0.12
No log output captured.
Passed suites/acl/keywords_test.py::test_dnsalias_keyword_test_nodns_cannot 0.37
No log output captured.
Passed suites/acl/keywords_test.py::test_user_can_access_from_ipv4_or_ipv6_address[127.0.0.1] 0.12
No log output captured.
Passed suites/acl/keywords_test.py::test_user_can_access_from_ipv4_or_ipv6_address[[::1]] 1.80
No log output captured.
Passed suites/acl/misc_test.py::test_accept_aci_in_addition_to_acl 9.96
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/misc_test.py::test_more_then_40_acl_will_crash_slapd 0.33
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_search_access_should_not_include_read_access 0.11
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_only_allow_some_targetattr 0.14
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_only_allow_some_targetattr_two 0.43
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_memberurl_needs_to_be_normalized 0.24
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_greater_than_200_acls_can_be_created 4.78
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_server_bahaves_properly_with_very_long_attribute_names 0.18
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_do_bind_as_201_distinct_users 24.11
-------------------------------Captured log setup-------------------------------
INFO lib389:misc_test.py:76 Exception (expected): ALREADY_EXISTS
Passed suites/acl/misc_test.py::test_info_disclosure 3.26
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_a_single_attribute 9.04
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modify_test.py::test_allow_write_access_to_targetattr_with_multiple_attibutes 0.33
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_all 0.36
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_wildcards_in_dn 0.23
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdn_with_multiple_dns 0.32
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_target_with_wildcards 0.32
No log output captured.
Passed suites/acl/modify_test.py::test_allow_write_access_to_userdnattr 0.27
No log output captured.
Passed suites/acl/modify_test.py::test_allow_selfwrite_access_to_anyone 0.24
No log output captured.
Passed suites/acl/modify_test.py::test_uniquemember_should_also_be_the_owner 0.29
No log output captured.
Passed suites/acl/modify_test.py::test_aci_with_both_allow_and_deny 0.56
No log output captured.
Passed suites/acl/modify_test.py::test_allow_owner_to_modify_entry 1.48
No log output captured.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_anyone 9.32
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/modrdn_test.py::test_allow_write_privilege_to_dynamic_group_with_scope_set_to_base_in_ldap_url 0.20
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes 0.23
No log output captured.
Passed suites/acl/modrdn_test.py::test_write_access_to_naming_atributes_two 0.28
No log output captured.
Passed suites/acl/modrdn_test.py::test_access_aci_list_contains_any_deny_rule 0.29
No log output captured.
Passed suites/acl/modrdn_test.py::test_renaming_target_entry 3.03
No log output captured.
Passed suites/acl/repeated_ldap_add_test.py::test_repeated_ldap_add 43.31
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
------------------------------Captured stdout call------------------------------
Entry uid=buser123,ou=BOU,dc=example,dc=com is locked
-------------------------------Captured log call--------------------------------
INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:184 Testing Bug 1347760 - Information disclosure via repeated use of LDAP ADD operation, etc. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:186 Disabling accesslog logbuffering INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:189 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:192 Adding ou=BOU a bind user belongs to. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:197 Adding a bind user. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:204 Adding a test user. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:211 Deleting aci in dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:214 While binding as DM, acquire an access log path and instance dir INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:220 Bind case 1. the bind user has no rights to read the entry itself, bind should be successful. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:221 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} who has no access rights. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:229 Access log path: /var/log/dirsrv/slapd-standalone1/access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:231 Bind case 2-1. the bind user does not exist, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:233 Bind as {uid=bogus,dc=example,dc=com,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:237 Exception (expected): INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:238 Desc Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:246 Cause found - [25/Apr/2021:21:23:49.329943813 -0400] conn=1 op=11 RESULT err=49 tag=97 nentries=0 wtime=0.000214401 optime=0.002908916 etime=0.003121337 - No such entry INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:249 Bind case 2-2. the bind user's suffix does not exist, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:251 Bind as {uid=bogus,ou=people,dc=bogus,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:260 Cause found - [25/Apr/2021:21:23:50.336789111 -0400] conn=1 op=12 RESULT err=49 tag=97 nentries=0 wtime=0.000193930 optime=0.002873820 etime=0.003061753 - No suffix for bind dn found INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:263 Bind case 2-3. the bind user's password is wrong, bind should fail with error INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:265 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} who does not exist. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:269 Exception (expected): INVALID_CREDENTIALS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:270 Desc Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:278 Cause found - [25/Apr/2021:21:23:51.369501389 -0400] conn=1 op=13 RESULT err=49 tag=97 nentries=0 wtime=0.000194899 optime=0.028994794 etime=0.029182697 - Invalid credentials INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:281 Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to ou=BOU,dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:283 aci: (targetattr="*")(version 3.0; acl "buser123"; allow(all) userdn = "ldap:///uid=buser123,ou=BOU,dc=example,dc=com";) INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:284 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:289 Bind case 3. the bind user has the right to read the entry itself, bind should be successful. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:290 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:293 The following operations are against the subtree the bind user uid=buser123,ou=BOU,dc=example,dc=com has no rights. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:297 Search case 1. the bind user has no rights to read the search entry, it should return no search results with <class 'ldap.SUCCESS'> INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching existing entry uid=tuser0,ou=people,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:303 Search case 2-1. the search entry does not exist, the search should return no search results with SUCCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:309 Search case 2-2. the search entry does not exist, the search should return no search results with SUCCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should be ok. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:141 Search should return none INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:316 Add case 1. the bind user has no rights AND the adding entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:322 Add case 2-1. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:328 Add case 2-2. the bind user has no rights AND the adding entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:335 Modify case 1. the bind user has no rights AND the modifying entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:341 Modify case 2-1. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:347 Modify case 2-2. the bind user has no rights AND the modifying entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:354 Modrdn case 1. the bind user has no rights AND the renaming entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:360 Modrdn case 2-1. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:366 Modrdn case 2-2. the bind user has no rights AND the renaming entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:372 Modrdn case 3. the bind user has no rights AND the node moving an entry to exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to existing superior ou=groups,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:378 Modrdn case 4-1. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:384 Modrdn case 4-2. the bind user has no rights AND the node moving an entry to does not, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:391 Delete case 1. the bind user has no rights AND the deleting entry exists, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:397 Delete case 2-1. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:403 Delete case 2-2. the bind user has no rights AND the deleting entry does not exist, it should fail with INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with INSUFFICIENT_ACCESS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): INSUFFICIENT_ACCESS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Insufficient access INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:407 EXTRA: Check no regressions INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:408 Adding aci for uid=buser123,ou=BOU,dc=example,dc=com to dc=example,dc=com. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:410 Bind as {cn=Directory Manager,password} INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:415 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123}. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:425 Search case. the search entry does not exist, the search should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Searching non-existing entry uid=bogus,ou=people,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:431 Add case. the adding entry already exists, it should fail with ALREADY_EXISTS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Adding existing entry uid=tuser0,ou=people,dc=example,dc=com, which should fail with ALREADY_EXISTS. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): ALREADY_EXISTS INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc Already exists INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:436 Modify case. the modifying entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Modifying non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:441 Modrdn case 1. the renaming entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Renaming non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:446 Modrdn case 2. the node moving an entry to does not, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Moving to non-existing superior ou=OU,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:451 Delete case. the deleting entry does not exist, it should fail with NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:108 Deleting non-existing entry uid=bogus,dc=example,dc=com, which should fail with NO_SUCH_OBJECT. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:131 Exception (expected): NO_SUCH_OBJECT INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:132 Desc No such object INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:148 PASSED INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:454 Inactivate uid=buser123,ou=BOU,dc=example,dc=com INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:461 ['/usr/sbin/dsidm', 'standalone1', '-b', 'dc=example,dc=com', 'account', 'lock', 'uid=buser123,ou=BOU,dc=example,dc=com'] INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:465 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,buser123} which should fail with UNWILLING_TO_PERFORM. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:469 Exception (expected): UNWILLING_TO_PERFORM INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:470 Desc Server is unwilling to perform INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:473 Bind as {uid=buser123,ou=BOU,dc=example,dc=com,bogus} which should fail with UNWILLING_TO_PERFORM. INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:477 Exception (expected): UNWILLING_TO_PERFORM INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:478 Desc Server is unwilling to perform INFO tests.suites.acl.repeated_ldap_add_test:repeated_ldap_add_test.py:481 SUCCESS
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, NESTED_ROLE_TESTER)] 10.25
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, NESTED_ROLE_TESTER)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(MARY_ROLE, NOT_RULE_ACCESS)] 0.10
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, OR_RULE_ACCESS)] 0.38
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, OR_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(STEVE_ROLE, ALL_ACCESS)] 0.11
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(HARRY_ROLE, ALL_ACCESS)] 0.14
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_positive[(MARY_ROLE, ALL_ACCESS)] 0.11
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(MARY_ROLE, NESTED_ROLE_TESTER)] 0.11
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(STEVE_ROLE, NOT_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(HARRY_ROLE, NOT_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_seealso_negative[(MARY_ROLE , OR_RULE_ACCESS)] 0.12
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_positive[NOT_RULE_ACCESS] 0.09
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_positive[ALL_ACCESS] 0.09
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_negaive[NESTED_ROLE_TESTER] 0.10
No log output captured.
Passed suites/acl/roledn_test.py::test_mod_anonseealso_negaive[OR_RULE_ACCESS] 1.78
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_non_leaf 10.16
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_non_leaf 0.58
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with__target_set_on_wildcard_leaf 0.57
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search 0.30
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_equality_search_two 0.48
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search 0.29
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_substring_search_two 1.24
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_boolean_or_of_two_equality_search 0.24
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_to__userdn_two 0.42
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_userdn 0.44
No log output captured.
Passed suites/acl/search_real_part2_test.py::test_deny_all_access_with_targetfilter_using_presence_search 1.47
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url 10.95
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_two 0.51
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_search_access_to_userdn_with_ldap_url_matching_all_users 0.75
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_a_dynamic_group 0.52
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_host_port_set_on_ldap_url 0.43
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_with_scope_set_to_one_in_ldap_url 0.49
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_read_access_to_dynamic_group_two 0.93
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_deny_access_to_group_should_deny_access_to_all_uniquemember 0.65
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_entry_with_lots_100_attributes 9.77
No log output captured.
Passed suites/acl/search_real_part3_test.py::test_groupdnattr_value_is_another_group 1.49
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_target_set 9.30
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_a_target_with_wild_card 0.46
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_without_a_target_set 1.38
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_search_and_compare_access_with_target_and_targetattr_set 0.96
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_read_access_to_multiple_groupdns 0.77
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_to_userdnattr 0.30
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__target_set 0.51
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with__targetattr_set 1.26
No log output captured.
Passed suites/acl/search_real_test.py::test_deny_all_access_with_targetattr_set 3.35
No log output captured.
Passed suites/acl/selfdn_permissions_test.py::test_selfdn_permission_add 10.14
-------------------------------Captured log setup-------------------------------
INFO lib389.SetupDs:setup.py:658 Starting installation... INFO lib389.SetupDs:setup.py:686 Completed installation for standalone1 INFO lib389.topologies:topologies.py:109 Instance with parameters {'ldap-port': 38901, 'ldap-secureport': 63601, 'server-id': 'standalone1', 'suffix': 'dc=example,dc=com'} was created. INFO lib389:selfdn_permissions_test.py:58 Add OCticket47653 that allows 'member' attribute INFO lib389:selfdn_permissions_test.py:63 Add cn=bind_entry, dc=example,dc=com
-------------------------------Captured log call--------------------------------
INFO lib389:selfdn_permissions_test.py:106 ######################### ADD ###################### INFO lib389:selfdn_permissions_test.py:109 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:139 Try to add Add cn=test_entry, dc=example,dc=com (aci is missing): dn: cn=test_entry, dc=example,dc=com cn: test_entry member: cn=bind_entry, dc=example,dc=com objectclass: top objectclass: person objectclass: OCticket47653 postalAddress: here postalCode: 1234 sn: test_entry INFO lib389:selfdn_permissions_test.py:143 Exception (expected): INSUFFICIENT_ACCESS INFO lib389:selfdn_permissions_test.py:147 Bind as cn=Directory Manager and add the ADD SELFDN aci INFO lib389:selfdn_permissions_test.py:159 Bind as cn=bind_entry, dc=example,dc=com INFO lib389:selfdn_permissions_test.py:164 Try to add Add cn=test_entry, dc=example,dc=com (member i