24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport os

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport stat

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport ent

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport grp

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport pwd

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainenimport config

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainenimport signal

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainenimport subprocess

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport time

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport pytest

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainenimport ds_openldap

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainenimport ldap_ent

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenimport sssd_id

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainenfrom util import unindent

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo SirainenLDAP_BASE_DN = "dc=example,dc=com"

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen@pytest.fixture(scope="module")

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef ds_inst(request):

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen """LDAP server instance fixture"""

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen ds_inst = ds_openldap.DSOpenLDAP(

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen config.PREFIX, 10389, LDAP_BASE_DN,

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen "cn=admin", "Secret123")

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen try:

6b265a8a9d1ce3b3a8033445e99c9035d62ffbc7Timo Sirainen ds_inst.setup()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen except:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ds_inst.teardown()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen raise

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen request.addfinalizer(lambda: ds_inst.teardown())

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen return ds_inst

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen@pytest.fixture(scope="module")

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainendef ldap_conn(request, ds_inst):

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen """LDAP server connection fixture"""

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen ldap_conn = ds_inst.bind()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ldap_conn.ds_inst = ds_inst

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen request.addfinalizer(lambda: ldap_conn.unbind_s())

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen return ldap_conn

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef create_ldap_fixture(request, ldap_conn, ent_list):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen """Add LDAP entries and add teardown for removing them"""

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen for entry in ent_list:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ldap_conn.add_s(entry[0], entry[1])

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen def teardown():

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen for entry in ent_list:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ldap_conn.delete_s(entry[0])

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen request.addfinalizer(teardown)

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainendef create_conf_fixture(request, contents):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen """Generate sssd.conf and add teardown for removing it"""

7e209b78ca757294dbbc15604c88673b3a6b0c39Timo Sirainen conf = open(config.CONF_PATH, "w")

7e209b78ca757294dbbc15604c88673b3a6b0c39Timo Sirainen conf.write(contents)

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen conf.close()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen os.chmod(config.CONF_PATH, stat.S_IRUSR | stat.S_IWUSR)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen request.addfinalizer(lambda: os.unlink(config.CONF_PATH))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef stop_sssd():

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen pid_file = open(config.PIDFILE_PATH, "r")

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen pid = int(pid_file.read())

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen os.kill(pid, signal.SIGTERM)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen while True:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen try:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen os.kill(pid, signal.SIGCONT)

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen except:

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen break

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen time.sleep(1)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainendef create_sssd_fixture(request):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen """Start sssd and add teardown for stopping it and removing state"""

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen if subprocess.call(["sssd", "-D", "-f"]) != 0:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen raise Exception("sssd start failed")

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen def teardown():

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen try:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen stop_sssd()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen except:

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen pass

2615df45a8027948a474abe5e817b34b0499c171Timo Sirainen subprocess.call(["sss_cache", "-E"])

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen for path in os.listdir(config.DB_PATH):

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen os.unlink(config.DB_PATH + "/" + path)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen for path in os.listdir(config.MCACHE_PATH):

67770c0874918e3b73bbd1ff75b5ec91790d51dcTimo Sirainen os.unlink(config.MCACHE_PATH + "/" + path)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen request.addfinalizer(teardown)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef load_data_to_ldap(request, ldap_conn):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list = ldap_ent.List(LDAP_BASE_DN)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list.add_user("user1", 1001, 2001)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list.add_user("user2", 1002, 2002)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list.add_user("user3", 1003, 2003)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user11", 1011, 2001)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user12", 1012, 2002)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user13", 1013, 2003)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user21", 1021, 2001)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user22", 1022, 2002)

bcdb6c0bd2e7dbb34b306d3d8c2383a7d7654612Timo Sirainen ent_list.add_user("user23", 1023, 2003)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent_list.add_group("group1", 2001, ["user1", "user11", "user21"])

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list.add_group("group2", 2002, ["user2", "user12", "user22"])

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen ent_list.add_group("group3", 2003, ["user3", "user13", "user23"])

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent_list.add_group("group0x", 2000, ["user1", "user2", "user3"])

fb5b342aab25d6dc96df14774eb5215dc5481546Timo Sirainen ent_list.add_group("group1x", 2010, ["user11", "user12", "user13"])

1330f999b8076b2f8eed2572c667f7482a555c1bTimo Sirainen ent_list.add_group("group2x", 2020, ["user21", "user22", "user23"])

1330f999b8076b2f8eed2572c667f7482a555c1bTimo Sirainen create_ldap_fixture(request, ldap_conn, ent_list)

1330f999b8076b2f8eed2572c667f7482a555c1bTimo Sirainen

899ebb8ba3fbebaafd3e431943283719ce2b106dTimo Sirainen

899ebb8ba3fbebaafd3e431943283719ce2b106dTimo Sirainen@pytest.fixture

899ebb8ba3fbebaafd3e431943283719ce2b106dTimo Sirainendef sanity_rfc2307(request, ldap_conn):

899ebb8ba3fbebaafd3e431943283719ce2b106dTimo Sirainen load_data_to_ldap(request, ldap_conn)

899ebb8ba3fbebaafd3e431943283719ce2b106dTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen conf = unindent("""\

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen """).format(**locals())

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen create_conf_fixture(request, conf)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen create_sssd_fixture(request)

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen return None

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen@pytest.fixture

b8835b8a21c617ceb82ddc5a176243faf36aa8f7Timo Sirainendef fqname_rfc2307(request, ldap_conn):

b8835b8a21c617ceb82ddc5a176243faf36aa8f7Timo Sirainen load_data_to_ldap(request, ldap_conn)

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen conf = unindent("""\

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen """).format(**locals())

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen create_conf_fixture(request, conf)

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen create_sssd_fixture(request)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen return None

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen@pytest.fixture

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainendef fqname_case_insensitive_rfc2307(request, ldap_conn):

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen load_data_to_ldap(request, ldap_conn)

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen conf = unindent("""\

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen """).format(**locals())

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen create_conf_fixture(request, conf)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen create_sssd_fixture(request)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen return None

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainendef test_getpwnam(ldap_conn, sanity_rfc2307):

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_name(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 'user1',

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user1', passwd='*', uid=1001, gid=2001,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1001', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_uid(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 1001,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user1', passwd='*', uid=1001, gid=2001,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1001', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_name(

7f3b826a89bcb7a72759912e99f574b28309fe1bTimo Sirainen 'user2',

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user2', passwd='*', uid=1002, gid=2002,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1002', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_uid(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 1002,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user2', passwd='*', uid=1002, gid=2002,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1002', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_name(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 'user3',

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user3', passwd='*', uid=1003, gid=2003,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1003', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_uid(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 1003,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user3', passwd='*', uid=1003, gid=2003,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1003', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_name(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 'user11',

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user11', passwd='*', uid=1011, gid=2001,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1011', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_uid(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 1011,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user11', passwd='*', uid=1011, gid=2001,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1011', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_name(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 'user12',

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user12', passwd='*', uid=1012, gid=2002,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1012', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_uid(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 1012,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user12', passwd='*', uid=1012, gid=2002,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1012', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

2615df45a8027948a474abe5e817b34b0499c171Timo Sirainen ent.assert_passwd_by_name(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 'user13',

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user13', passwd='*', uid=1013, gid=2003,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1013', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_uid(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 1013,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user13', passwd='*', uid=1013, gid=2003,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1013', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_name(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 'user21',

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user21', passwd='*', uid=1021, gid=2001,

5e203e846133e28d0e36ca70ef1c30e72a922c14Timo Sirainen gecos='1021', shell='/bin/bash'))

5e203e846133e28d0e36ca70ef1c30e72a922c14Timo Sirainen ent.assert_passwd_by_uid(

5e203e846133e28d0e36ca70ef1c30e72a922c14Timo Sirainen 1021,

5e203e846133e28d0e36ca70ef1c30e72a922c14Timo Sirainen dict(name='user21', passwd='*', uid=1021, gid=2001,

5e203e846133e28d0e36ca70ef1c30e72a922c14Timo Sirainen gecos='1021', shell='/bin/bash'))

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen ent.assert_passwd_by_name(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 'user22',

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user22', passwd='*', uid=1022, gid=2002,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1022', shell='/bin/bash'))

d23c747de9d33966483fbdd41f08ad7766da7c5cTimo Sirainen ent.assert_passwd_by_uid(

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen 1022,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen dict(name='user22', passwd='*', uid=1022, gid=2002,

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen gecos='1022', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_name(

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen 'user23',

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen dict(name='user23', passwd='*', uid=1023, gid=2003,

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen gecos='1023', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen ent.assert_passwd_by_uid(

107f6e87c6edcb29cf87195357144dea3fdda9afTimo Sirainen 1023,

107f6e87c6edcb29cf87195357144dea3fdda9afTimo Sirainen dict(name='user23', passwd='*', uid=1023, gid=2003,

107f6e87c6edcb29cf87195357144dea3fdda9afTimo Sirainen gecos='1023', shell='/bin/bash'))

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

834f2b9f60d93e4c7dfc6992e692f5b7213a1b11Timo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainendef test_getpwnam_with_mc(ldap_conn, sanity_rfc2307):

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen test_getpwnam(ldap_conn, sanity_rfc2307)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen stop_sssd()

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen test_getpwnam(ldap_conn, sanity_rfc2307)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainendef test_getgrnam_simple(ldap_conn, sanity_rfc2307):

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_name("group1", dict(name="group1", gid=2001))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_gid(2001, dict(name="group1", gid=2001))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_name("group2", dict(name="group2", gid=2002))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_gid(2002, dict(name="group2", gid=2002))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_name("group3", dict(name="group3", gid=2003))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_gid(2003, dict(name="group3", gid=2003))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_name("group0x", dict(name="group0x", gid=2000))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_gid(2000, dict(name="group0x", gid=2000))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_name("group1x", dict(name="group1x", gid=2010))

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen ent.assert_group_by_gid(2010, dict(name="group1x", gid=2010))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_name("group2x", dict(name="group2x", gid=2020))

2615df45a8027948a474abe5e817b34b0499c171Timo Sirainen ent.assert_group_by_gid(2020, dict(name="group2x", gid=2020))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef test_getgrnam_simple_with_mc(ldap_conn, sanity_rfc2307):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen test_getgrnam_simple(ldap_conn, sanity_rfc2307)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen stop_sssd()

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen test_getgrnam_simple(ldap_conn, sanity_rfc2307)

7e209b78ca757294dbbc15604c88673b3a6b0c39Timo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

d22301419109ed4a38351715e6760011421dadecTimo Sirainendef test_getgrnam_membership(ldap_conn, sanity_rfc2307):

075a53973bbdf15cc3bd2ba4872f96f3f2f00574Timo Sirainen ent.assert_group_by_name(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "group1",

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user1", "user11", "user21")))

d22301419109ed4a38351715e6760011421dadecTimo Sirainen ent.assert_group_by_gid(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen 2001,

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user1", "user11", "user21")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_name(

d22301419109ed4a38351715e6760011421dadecTimo Sirainen "group2",

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user2", "user12", "user22")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_gid(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen 2002,

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user2", "user12", "user22")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

2615df45a8027948a474abe5e817b34b0499c171Timo Sirainen ent.assert_group_by_name(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "group3",

d22301419109ed4a38351715e6760011421dadecTimo Sirainen dict(mem=ent.contains_only("user3", "user13", "user23")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_gid(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen 2003,

d4854db53e9c141db3d02821ed857bea101b1cc2Timo Sirainen dict(mem=ent.contains_only("user3", "user13", "user23")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_name(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "group0x",

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user1", "user2", "user3")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_gid(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen 2000,

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user1", "user2", "user3")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_name(

d22301419109ed4a38351715e6760011421dadecTimo Sirainen "group1x",

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user11", "user12", "user13")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ent.assert_group_by_gid(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen 2010,

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen dict(mem=ent.contains_only("user11", "user12", "user13")))

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen ent.assert_group_by_name(

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "group2x",

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen dict(mem=ent.contains_only("user21", "user22", "user23")))

d22301419109ed4a38351715e6760011421dadecTimo Sirainen ent.assert_group_by_gid(

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen 2020,

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen dict(mem=ent.contains_only("user21", "user22", "user23")))

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen

867990944f0bda3a5bd70895d5a5ebfa611d0505Timo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainendef test_getgrnam_membership_with_mc(ldap_conn, sanity_rfc2307):

3852872e6954b7132e637294132005e86b8ebd4aTimo Sirainen test_getgrnam_membership(ldap_conn, sanity_rfc2307)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen stop_sssd()

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen test_getgrnam_membership(ldap_conn, sanity_rfc2307)

111a7dda02defa4d612468cfc3c40da5240645afTimo Sirainen

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen

d22301419109ed4a38351715e6760011421dadecTimo Sirainendef assert_user_gids_equal(user, expected_gids):

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen (res, errno, gids) = sssd_id.get_user_gids(user)

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen assert res == sssd_id.NssReturnCode.SUCCESS, \

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "Could not find groups for user %s, %d" % (user, errno)

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen

3b1bf68d26c9f2fe4a649f40cf375d52acffc81cTimo Sirainen assert sorted(gids) == sorted(expected_gids), \

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen "result: %s\n expected %s" % (

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ", ".join(["%s" % s for s in sorted(gids)]),

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen ", ".join(["%s" % s for s in sorted(expected_gids)])

24e5e4526d8f5cbc056ab97fd0d154d0936d7a5eTimo Sirainen )

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainendef test_initgroups(ldap_conn, sanity_rfc2307):

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen assert_user_gids_equal('user1', [2000, 2001])

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen assert_user_gids_equal('user2', [2000, 2002])

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen assert_user_gids_equal('user3', [2000, 2003])

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen assert_user_gids_equal('user11', [2010, 2001])

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen assert_user_gids_equal('user12', [2010, 2002])

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen assert_user_gids_equal('user13', [2010, 2003])

66c0f96d704f09c88dd03b0ee13a3e9711ffe593Timo Sirainen

eca30f1fe8556c46abc75c94d03f59b2e89d4162Timo Sirainen assert_user_gids_equal('user21', [2020, 2001])

db0735f9b388c5bcfb781b1b25015e898d63d953Timo Sirainen assert_user_gids_equal('user22', [2020, 2002])

assert_user_gids_equal('user23', [2020, 2003])

def test_initgroups_with_mc(ldap_conn, sanity_rfc2307):

test_initgroups(ldap_conn, sanity_rfc2307)

stop_sssd()

test_initgroups(ldap_conn, sanity_rfc2307)

def test_initgroups_fqname_with_mc(ldap_conn, fqname_rfc2307):

assert_user_gids_equal('user1@LDAP', [2000, 2001])

stop_sssd()

assert_user_gids_equal('user1@LDAP', [2000, 2001])

def assert_initgroups_equal(user, primary_gid, expected_gids):

(res, errno, gids) = sssd_id.call_sssd_initgroups(user, primary_gid)

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user %s, %d" % (user, errno)

assert sorted(gids) == sorted(expected_gids), \

"result: %s\n expected %s" % (

", ".join(["%s" % s for s in sorted(gids)]),

", ".join(["%s" % s for s in sorted(expected_gids)])

)

def assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last,

primary_gid, expected_gids):

assert_initgroups_equal(user1_case1, primary_gid, expected_gids)

assert_initgroups_equal(user1_case2, primary_gid, expected_gids)

assert_initgroups_equal(user1_case_last, primary_gid, expected_gids)

stop_sssd()

user = user1_case1

(res, errno, _) = sssd_id.call_sssd_initgroups(user, primary_gid)

assert res == sssd_id.NssReturnCode.UNAVAIL, \

"Initgroups for user shoudl fail user %s, %d, %d" % (user, res, errno)

user = user1_case2

(res, errno, _) = sssd_id.call_sssd_initgroups(user, primary_gid)

assert res == sssd_id.NssReturnCode.UNAVAIL, \

"Initgroups for user shoudl fail user %s, %d, %d" % (user, res, errno)

# Just last invocation of initgroups shoudl PASS

# Otherwise, we would not be able to invalidate it

assert_initgroups_equal(user1_case_last, primary_gid, expected_gids)

def test_initgroups_case_insensitive_with_mc1(ldap_conn,

fqname_case_insensitive_rfc2307):

user1_case1 = 'User1@LDAP'

user1_case2 = 'uSer1@LDAP'

user1_case_last = 'usEr1@LDAP'

primary_gid = 2001

expected_gids = [2000, 2001]

assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last,

primary_gid, expected_gids)

def test_initgroups_case_insensitive_with_mc2(ldap_conn,

fqname_case_insensitive_rfc2307):

user1_case1 = 'usEr1@LDAP'

user1_case2 = 'User1@LDAP'

user1_case_last = 'uSer1@LDAP'

primary_gid = 2001

expected_gids = [2000, 2001]

assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last,

primary_gid, expected_gids)

def test_initgroups_case_insensitive_with_mc3(ldap_conn,

fqname_case_insensitive_rfc2307):

user1_case1 = 'uSer1@LDAP'

user1_case2 = 'usEr1@LDAP'

user1_case_last = 'User1@LDAP'

primary_gid = 2001

expected_gids = [2000, 2001]

assert_stored_last_initgroups(user1_case1, user1_case2, user1_case_last,

primary_gid, expected_gids)

def run_simple_test_with_initgroups():

ent.assert_passwd_by_name(

'user1',

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

ent.assert_passwd_by_uid(

1001,

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

ent.assert_group_by_name(

"group1",

dict(mem=ent.contains_only("user1", "user11", "user21")))

ent.assert_group_by_gid(

2001,

dict(mem=ent.contains_only("user1", "user11", "user21")))

# unrelated group to user1

ent.assert_group_by_name(

"group2",

dict(mem=ent.contains_only("user2", "user12", "user22")))

ent.assert_group_by_gid(

2002,

dict(mem=ent.contains_only("user2", "user12", "user22")))

assert_initgroups_equal("user1", 2001, [2000, 2001])

def test_invalidation_of_gids_after_initgroups(ldap_conn, sanity_rfc2307):

# the sssd cache was empty and not all user's group were

# resolved with getgr{nm,gid}. Therefore there is a change in

# group membership => user groups should be invalidated

run_simple_test_with_initgroups()

assert_initgroups_equal("user1", 2001, [2000, 2001])

stop_sssd()

ent.assert_passwd_by_name(

'user1',

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

ent.assert_passwd_by_uid(

1001,

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

# unrelated group to user1 must be returned

ent.assert_group_by_name(

"group2",

dict(mem=ent.contains_only("user2", "user12", "user22")))

ent.assert_group_by_gid(

2002,

dict(mem=ent.contains_only("user2", "user12", "user22")))

assert_initgroups_equal("user1", 2001, [2000, 2001])

# user groups must be invalidated

for group in ["group1", "group0x"]:

with pytest.raises(KeyError):

grp.getgrnam(group)

for gid in [2000, 2001]:

with pytest.raises(KeyError):

grp.getgrgid(gid)

def test_initgroups_without_change_in_membership(ldap_conn, sanity_rfc2307):

# the sssd cache was empty and not all user's group were

# resolved with getgr{nm,gid}. Therefore there is a change in

# group membership => user groups should be invalidated

run_simple_test_with_initgroups()

# invalidate cache

subprocess.call(["sss_cache", "-E"])

# all users and groups will be just refreshed from LDAP

# but there will not be a change in group membership

# user groups should not be invlaidated

run_simple_test_with_initgroups()

stop_sssd()

# everything should be in memory cache

run_simple_test_with_initgroups()

def assert_mc_records_for_user1():

ent.assert_passwd_by_name(

'user1',

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

ent.assert_passwd_by_uid(

1001,

dict(name='user1', passwd='*', uid=1001, gid=2001,

gecos='1001', shell='/bin/bash'))

ent.assert_group_by_name(

"group1",

dict(mem=ent.contains_only("user1", "user11", "user21")))

ent.assert_group_by_gid(

2001,

dict(mem=ent.contains_only("user1", "user11", "user21")))

ent.assert_group_by_name(

"group0x",

dict(mem=ent.contains_only("user1", "user2", "user3")))

ent.assert_group_by_gid(

2000,

dict(mem=ent.contains_only("user1", "user2", "user3")))

assert_initgroups_equal("user1", 2001, [2000, 2001])

def assert_missing_mc_records_for_user1():

with pytest.raises(KeyError):

pwd.getpwnam("user1")

with pytest.raises(KeyError):

pwd.getpwuid(1001)

for gid in [2000, 2001]:

with pytest.raises(KeyError):

grp.getgrgid(gid)

for group in ["group0x", "group1"]:

with pytest.raises(KeyError):

grp.getgrnam(group)

(res, err, _) = sssd_id.call_sssd_initgroups("user1", 2001)

assert res == sssd_id.NssReturnCode.UNAVAIL, \

"Initgroups should not find anything after invalidation of mc.\n" \

"User user1, errno:%d" % err

def test_invalidate_user_before_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

subprocess.call(["sss_cache", "-u", "user1"])

stop_sssd()

assert_missing_mc_records_for_user1()

def test_invalidate_user_after_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

stop_sssd()

subprocess.call(["sss_cache", "-u", "user1"])

assert_missing_mc_records_for_user1()

def test_invalidate_users_before_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

subprocess.call(["sss_cache", "-U"])

stop_sssd()

assert_missing_mc_records_for_user1()

def test_invalidate_users_after_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

stop_sssd()

subprocess.call(["sss_cache", "-U"])

assert_missing_mc_records_for_user1()

def test_invalidate_group_before_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

subprocess.call(["sss_cache", "-g", "group1"])

stop_sssd()

assert_missing_mc_records_for_user1()

def test_invalidate_group_after_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

stop_sssd()

subprocess.call(["sss_cache", "-g", "group1"])

assert_missing_mc_records_for_user1()

def test_invalidate_groups_before_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

subprocess.call(["sss_cache", "-G"])

stop_sssd()

assert_missing_mc_records_for_user1()

def test_invalidate_groups_after_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

stop_sssd()

subprocess.call(["sss_cache", "-G"])

assert_missing_mc_records_for_user1()

def test_invalidate_everything_before_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

subprocess.call(["sss_cache", "-E"])

stop_sssd()

assert_missing_mc_records_for_user1()

def test_invalidate_everything_after_stop(ldap_conn, sanity_rfc2307):

# initialize cache with full ID

(res, errno, _) = sssd_id.get_user_groups("user1")

assert res == sssd_id.NssReturnCode.SUCCESS, \

"Could not find groups for user1, %d" % errno

assert_mc_records_for_user1()

stop_sssd()

subprocess.call(["sss_cache", "-E"])

assert_missing_mc_records_for_user1()