This is a test that is able to build and test gssapi/sasl binding between two masters for the purposes of replication.
attachment 0001-Ticket-48829-Add-gssapi-sasl-replication-bind-test.patch
Hi William, thank you for developing tests!
Your code works as it should. Verified.
I have only one concern. Could you please change the path and the file name to something like this?
{{{ dirsrvtests/tests/suites/gssapi/gssapi_repl_test.py }}} So we would have "'''gssapi'''" test suite for all gssapi related tests. Also, "'''ticket_'''" prefix doesn't have much sense here, lets stick to our test suite naming convention.
Beside that, ack.
Excellent!! Thanks so much for adding the test case!
To run this test script, there are some prerequisites, I guess...
This is one of them? We are supposed to have these lines in /etc/hosts? {{{ 18 # WARNING!!!!! If this test is failing, and your here to find out why, the 19 # reason is very likely your hosts file!!!! 20 # 21 # IT MUST LOOK LIKE THIS BELOW: Note the unique IPS for each kdc name! 22 # 23 # 127.0.0.1 ldapkdc.example.com localhost 24 # 127.0.1.1 ldapkdc1.example.com 25 # 127.0.2.1 ldapkdc2.example.com 26 # }}} And each test box is also expected to have KDC installed? How about krb5.conf? Thanks & sorry about my ignorance...
commit 2a32cab Total 7 (delta 4), reused 0 (delta 0) To ssh://git.fedorahosted.org/git/389/ds.git e72a9ea..2a32cab master -> master
Replying to [comment:2 nhosoi]:
Excellent!! Thanks so much for adding the test case! To run this test script, there are some prerequisites, I guess... This is one of them? We are supposed to have these lines in /etc/hosts? {{{ 18 # WARNING!!!!! If this test is failing, and your here to find out why, the 19 # reason is very likely your hosts file!!!! 20 # 21 # IT MUST LOOK LIKE THIS BELOW: Note the unique IPS for each kdc name! 22 # 23 # 127.0.0.1 ldapkdc.example.com localhost 24 # 127.0.1.1 ldapkdc1.example.com 25 # 127.0.2.1 ldapkdc2.example.com 26 # }}}
This is one of them? We are supposed to have these lines in /etc/hosts? {{{ 18 # WARNING!!!!! If this test is failing, and your here to find out why, the 19 # reason is very likely your hosts file!!!! 20 # 21 # IT MUST LOOK LIKE THIS BELOW: Note the unique IPS for each kdc name! 22 # 23 # 127.0.0.1 ldapkdc.example.com localhost 24 # 127.0.1.1 ldapkdc1.example.com 25 # 127.0.2.1 ldapkdc2.example.com 26 # }}}
Yes. Sadly this is a prerequisite, as I don't feel comfortable having the test modify the hosts, host file :(
If there is a smarter way, I would like to know it. Perhaps we need to make this test LD_PRELOAD something like cwrap and have it respond with these hosts? When the test is done remove it?
And each test box is also expected to have KDC installed? How about krb5.conf? Thanks & sorry about my ignorance...
No issue.
This test installs the kdc, and the needed krb5.conf! Look in lib389/mit_krb5.py for details! I developed this a few months back to help make testing like this even easier.
If you provision a mit_krb5 realm is a lib389 test, when you build the DirSrv instance, it will have a principal and keytab created for it as part of the install. Should make testing much easier.
Metadata Update from @firstyear: - Issue assigned to firstyear - Issue set to the milestone: 0.0 NEEDS_TRIAGE
Metadata Update from @vashirov: - Issue set to the milestone: None (was: 0.0 NEEDS_TRIAGE)
389-ds-base is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in 389-ds-base's github repository.
This issue has been cloned to Github and is available here: - https://github.com/389ds/389-ds-base/issues/1889
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @spichugi: - Issue close_status updated to: wontfix (was: Fixed)
Login to comment on this ticket.