From db466d77223ed7624b64bf6844823c5e8c9324c3 Mon Sep 17 00:00:00 2001 From: aborah Date: Wed, 22 Nov 2023 11:39:18 +0530 Subject: [PATCH] Tests: Expected cn in RDN, got uid Expected cn in RDN, got uid --- src/tests/system/tests/test_ipa.py | 49 ++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 src/tests/system/tests/test_ipa.py diff --git a/src/tests/system/tests/test_ipa.py b/src/tests/system/tests/test_ipa.py new file mode 100644 index 00000000000..4ffa4e0b8d0 --- /dev/null +++ b/src/tests/system/tests/test_ipa.py @@ -0,0 +1,49 @@ +""" +IPA tests. + +:requirement: ipa +""" + +from __future__ import annotations + +import time + +import pytest +from sssd_test_framework.roles.client import Client +from sssd_test_framework.roles.ipa import IPA +from sssd_test_framework.topology import KnownTopology + + +@pytest.mark.topology(KnownTopology.IPA) +@pytest.mark.ticket(jira="RHEL-14427") +def test_cn_in_rdn(client: Client, ipa: IPA): + """ + :title: Expected cn in RDN, got uid + :setup: + ` 1. Configure sssd with debug_level = 1. + 2. Create 2 users. + 3. Create hback rule. + 4. Add the rule for one user. + :steps: + 1. Ssh to client machine with another user that was not added to hback rule. + 2. Check logs for "Expected cn in RDN". + :expectedresults: + 1. Ssh should success. + 2. Log should not be there. + :customerscenario: True + """ + client.sssd.start() + client.sssd.domain["debug_level"] = "1" + client.sssd.config_apply(check_config=False) + + user_bob = ipa.user("bob").add(password="Secret123") + user_alice = ipa.user("alice").add(password="Secret123") + ipa.sssd.clear(db=True, memcache=True, logs=True) + + ipa.host.ssh.run("ipa hbacrule-add --hostcat=all foobar0-allow") + ipa.host.ssh.run(f"ipa hbacrule-add-user --users {user_bob.name} foobar0-allow") + client.auth.su.password(user_alice.name, "Secret123") + + time.sleep(3) + log = client.fs.read(client.sssd.logs.domain()) + assert "Expected cn in RDN" not in log