krb5 commit: Add kpropd -t iprop-mode tests

Greg Hudson ghudson at mit.edu
Mon Apr 13 17:59:53 EDT 2015 

https://github.com/krb5/krb5/commit/fa76eebe09c09063b64715da4b7bcb7a969848da
commit fa76eebe09c09063b64715da4b7bcb7a969848da
Author: Greg Hudson <ghudson at mit.edu>
Date:   Wed Apr 8 18:12:31 2015 -0400

    Add kpropd -t iprop-mode tests
    
    Add a run_kpropd_once() method to K5Realm(), and add tests to
    t_iprop.py for the cases where no updates are needed, where
    incremental updates are needed, and where a full resync is needed
    followed by a poll for updates.
    
    ticket: 8161

 src/tests/t_iprop.py |   46 ++++++++++++++++++++++++++++++++++++++++++++++
 src/util/k5test.py   |   19 ++++++++++++++-----
 2 files changed, 60 insertions(+), 5 deletions(-)

diff --git a/src/tests/t_iprop.py b/src/tests/t_iprop.py
index 78938fc..1ed8dbd 100755
--- a/src/tests/t_iprop.py
+++ b/src/tests/t_iprop.py
@@ -352,4 +352,50 @@ kpropd2.send_signal(signal.SIGUSR1)
 wait_for_prop(kpropd2, True, 2, 0)
 check_ulog(0, 0, 0, [], slave2)
 
+# Stop the kprop daemons so we can test kpropd -t.
+stop_daemon(kpropd1)
+stop_daemon(kpropd2)
+
+# Test the case where no updates are needed.
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'KDC is synchronized' not in out:
+    fail('Expected synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+
+# Make a change on the master; this will cause a full resync since the
+# master was recently reinitialized.
+realm.run([kadminl, 'modprinc', '-maxlife', '5 minutes', pr1])
+check_ulog(1, 1, 1, [pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+    'KDC is synchronized' not in out):
+    fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 1, [], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:05:00' not in out:
+    fail('slave1 does not have modification from master after kpropd -t')
+
+# Make another change and get it via incremental update.
+realm.run([kadminl, 'modprinc', '-maxlife', '15 minutes', pr1])
+check_ulog(2, 1, 2, [pr1, pr1])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if 'Got incremental updates (sno=2 ' not in out:
+    fail('Expected incremental updates from kpropd -t')
+check_ulog(1, 2, 2, [pr1], slave1)
+out = realm.run([kadminl, 'getprinc', pr1], env=slave1)
+if 'Maximum ticket life: 0 days 00:15:00' not in out:
+    fail('slave1 does not have modification from master after kpropd -t')
+
+# Propagate a policy change via full resync.
+realm.run([kadminl, 'addpol', '-minclasses', '3', 'testpol'])
+check_ulog(0, 0, 0, [])
+out = realm.run_kpropd_once(slave1, ['-d'])
+if ('Full propagation transfer finished' not in out or
+    'KDC is synchronized' not in out):
+    fail('Expected full dump and synchronized from kpropd -t')
+check_ulog(0, 0, 0, [], slave1)
+out = realm.run([kadminl, 'getpol', 'testpol'], env=slave1)
+if 'Minimum number of password character classes: 3' not in out:
+    fail('slave1 does not have policy from master after kpropd -t')
+
 success('iprop tests')
diff --git a/src/util/k5test.py b/src/util/k5test.py
index 935ec55..5aedff8 100644
--- a/src/util/k5test.py
+++ b/src/util/k5test.py
@@ -309,6 +309,11 @@ Scripts may use the following realm methods and attributes:
   is given, it contains a list of additional kpropd arguments.
   Returns a handle to the kpropd process.
 
+* realm.run_kpropd_once(env, args=[]): Run kpropd once, using the -t
+  flag.  Pass an environment created with realm.special_env() for the
+  slave.  If args is given, it contains a list of additional kpropd
+  arguments.  Returns the kpropd output.
+
 * realm.realm: The realm's name.
 
 * realm.testdir: The realm's storage directory (absolute path).
@@ -925,16 +930,20 @@ class K5Realm(object):
         stop_daemon(self._kadmind_proc)
         self._kadmind_proc = None
 
-    def start_kpropd(self, env, args=[]):
-        global krb5kdc
+    def _kpropd_args(self):
         slavedump_path = os.path.join(self.testdir, 'incoming-slave-datatrans')
         kpropdacl_path = os.path.join(self.testdir, 'kpropd-acl')
-        proc = _start_daemon([kpropd, '-D', '-P', str(self.kprop_port()),
-                              '-f', slavedump_path, '-p', kdb5_util,
-                              '-a', kpropdacl_path] + args, env, 'ready')
+        return [kpropd, '-D', '-P', str(self.kprop_port()),
+                '-f', slavedump_path, '-p', kdb5_util, '-a', kpropdacl_path]
+
+    def start_kpropd(self, env, args=[]):
+        proc = _start_daemon(self._kpropd_args() + args, env, 'ready')
         self._kpropd_procs.append(proc)
         return proc
 
+    def run_kpropd_once(self, env, args=[]):
+        return self.run(self._kpropd_args() + ['-t'] + args, env=env)
+
     def stop(self):
         if self._kdc_proc:
             self.stop_kdc()

More information about the cvs-krb5 mailing list