10:24 p.m.
See
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/102/display...
------------------------------------------
[...truncated 4641 lines...]
suites/replication/acceptance_test.py::test_modify_stripattrs PASSED
suites/replication/acceptance_test.py::test_new_suffix PASSED
suites/replication/acceptance_test.py::test_many_attrs PASSED
suites/replication/acceptance_test.py::test_double_delete PASSED
suites/replication/acceptance_test.py::test_password_repl_error PASSED
suites/replication/acceptance_test.py::test_invalid_agmt PASSED
suites/replication/changelog_test.py::test_verify_changelog PASSED
suites/replication/changelog_test.py::test_verify_changelog_online_backup PASSED
suites/replication/changelog_test.py::test_verify_changelog_offline_backup PASSED
suites/replication/cleanallruv_test.py::test_clean PASSED
suites/replication/cleanallruv_test.py::test_clean_restart PASSED
suites/replication/cleanallruv_test.py::test_clean_force PASSED
suites/replication/cleanallruv_test.py::test_abort PASSED
suites/replication/cleanallruv_test.py::test_abort_restart PASSED
suites/replication/cleanallruv_test.py::test_abort_certify PASSED
suites/replication/cleanallruv_test.py::test_stress_clean PASSED
suites/replication/cleanallruv_test.py::test_multiple_tasks_with_force PASSED
suites/replication/ruvstore_test.py::test_ruv_entry_backup PASSED
suites/replication/ruvstore_test.py::test_memoryruv_sync_with_databaseruv PASSED
suites/replication/single_master_test.py::test_mail_attr_repl PASSED
suites/replication/single_master_test.py::test_lastupdate_attr_before_init PASSED
suites/replication/tombstone_test.py::test_purge_success PASSED
suites/replication/wait_for_async_feature_test.py::test_not_int_value PASSED
suites/replication/wait_for_async_feature_test.py::test_multi_value PASSED
suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr0]
PASSED
suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr1]
PASSED
suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr2]
PASSED
suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr3]
PASSED
suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr0]
PASSED
suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr1]
PASSED
suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr2]
PASSED
suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr3]
PASSED
suites/schema/schema_reload_test.py::test_valid_schema PASSED
suites/schema/schema_reload_test.py::test_invalid_schema PASSED
suites/schema/test_eduperson.py::test_account_locking PASSED
suites/schema/test_schema.py::test_schema_comparewithfiles PASSED
suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[true] PASSED
suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[false] PASSED
=================================== FAILURES ===================================
_______________________________ test_ticket48944 _______________________________
topo = <lib389.topologies.TopologyMain object at 0x7f0651a91150>
def test_ticket48944(topo):
"""On a read only replica invalid state info can accumulate
:ID: 833be131-f3bf-493e-97c6-3121438a07b1
:feature: Account Policy Plugin
:setup: Two master and two consumer setup
:steps: 1. Configure Account policy plugin with alwaysrecordlogin set to yes
2. Check if entries are synced across masters and consumers
3. Stop all masters and consumers
4. Start master1 and bind as user1 to create lastLoginTime attribute
5. Start master2 and wait for the sync of lastLoginTime attribute
6. Stop master1 and bind as user1 from master2
7. Check if lastLoginTime attribute is updated and greater than master1
8. Stop master2, start consumer1, consumer2 and then master2
9. Check if lastLoginTime attribute is updated on both consumers
10. Bind as user1 to both consumers and check the value is updated
11. Check if lastLoginTime attribute is not updated from consumers
12. Start master1 and make sure the lastLoginTime attribute is not updated
on consumers
13. Bind as user1 from master1 and check if all masters and consumers have
the same value
14. Check error logs of consumers for "deletedattribute;deleted"
message
:expectedresults: No accumulation of replica invalid state info on consumers
"""
log.info("Ticket 48944 - On a read only replica invalid state info can
accumulate")
user_name = '\''newbzusr'\''
tuserdn = '\''uid={}1,ou=people,{}'\''.format(user_name,
SUFFIX)
inst_list = ['\''master1'\'',
'\''master2'\'', '\''consumer1'\'',
'\''consumer2'\'']
for inst_name in inst_list:
_enable_plugin(topo, inst_name)
log.info('\''Sleep for 10secs for the server to come
up'\'')
time.sleep(10)
log.info('\''Add few entries to server and check if entries are
replicated'\'')
for nos in range(10):
userdn =
'\''uid={}{},ou=people,{}'\''.format(user_name, nos, SUFFIX)
try:
topo.ms['\''master1'\''].add_s(Entry((userdn, {
'\''objectclass'\'': '\''top
person'\''.split(),
'\''objectclass'\'':
'\''inetorgperson'\'',
'\''cn'\'': user_name,
'\''sn'\'': user_name,
'\''userpassword'\'': USER_PW,
'\''mail'\'':
'\''{}(a)redhat.com'\''.format(user_name)})))
except ldap.LDAPError as e:
log.error('\''Failed to add {} user: error
{}'\''.format(userdn, e.message['\''desc'\'']))
raise e
log.info('\''Checking if entries are synced across masters and
consumers'\'')
entries_m1 = topo.ms['\''master1'\''].search_s(SUFFIX,
ldap.SCOPE_SUBTREE, '\''uid={}*'\''.format(user_name),
['\''uid=*'\''])
exp_entries = str(entries_m1).count('\''dn:
uid={}*'\''.format(user_name))
entries_m2 = topo.ms['\''master2'\''].search_s(SUFFIX,
ldap.SCOPE_SUBTREE, '\''uid={}*'\''.format(user_name),
['\''uid=*'\''])
act_entries = str(entries_m2).count('\''dn:
uid={}*'\''.format(user_name))
assert act_entries == exp_entries
inst_list = ['\''consumer1'\'',
'\''consumer2'\'']
for inst in inst_list:
entries_other = topo.cs[inst].search_s(SUFFIX, ldap.SCOPE_SUBTREE,
'\''uid={}*'\''.format(user_name),
['\''uid=*'\''])
act_entries = str(entries_other).count('\''dn:
uid={}*'\''.format(user_name))
assert act_entries == exp_entries
topo.ms['\''master2'\''].stop(timeout=10)
topo.ms['\''master1'\''].stop(timeout=10)
topo.cs['\''consumer1'\''].stop(timeout=10)
topo.cs['\''consumer2'\''].stop(timeout=10)
topo.ms['\''master1'\''].start(timeout=10)
lastLogin_m1_1 = _last_login_time(topo, tuserdn,
'\''master1'\'', '\''bind_n_check'\'')
log.info('\''Start master2 to sync lastLoginTime attribute from
master1'\'')
topo.ms['\''master2'\''].start(timeout=10)
time.sleep(5)
log.info('\''Stop master1'\'')
topo.ms['\''master1'\''].stop(timeout=10)
log.info('\''Bind as user1 to master2 and check if lastLoginTime
attribute is greater than master1'\'')
lastLogin_m2_1 = _last_login_time(topo, tuserdn,
'\''master2'\'', '\''bind_n_check'\'')
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
in _last_login_time
topo.ms[inst_name].simple_bind_s(userdn, USER_PW)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:223: in simple_bind_s
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all=1,timeout=self.timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f0651bb4750>
func = <built-in method result4 of LDAP object at 0x7f06524f6bc0>
args = (2, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INVALID_CREDENTIALS({'\''desc'\'': '\''Invalid
credentials'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
E
INVALID_CREDENTIALS: {'\''desc'\'': '\''Invalid
credentials'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INVALID_CREDENTIALS
---------------------------- Captured stdout setup -----------------------------
OK group dirsrv exists
OK user dirsrv exists
OK group dirsrv exists
OK user dirsrv exists
OK group dirsrv exists
OK user dirsrv exists
OK group dirsrv exists
OK user dirsrv exists
('\''Update succeeded: status '\'', '\''0 Total update
succeeded'\'')
('\''Update succeeded: status '\'', '\''0 Total update
succeeded'\'')
('\''Update succeeded: status '\'', '\''0 Total update
succeeded'\'')
---------------------------- Captured stderr setup -----------------------------
INFO:lib389.topologies:Instance with parameters
{'\''ldap-port'\'': 39201, '\''suffix'\'':
'\''dc=example,dc=com'\'',
'\''krb5_realm'\'': None,
'\''deployed-dir'\'': '\''/usr'\'',
'\''inst-backupdir'\'': '\''/tmp'\'',
'\''hostname'\'': '\''localhost'\'',
'\''server-id'\'': '\''consumer1'\'',
'\''root-pw'\'': '\''password'\'',
'\''root-dn'\'': '\''cn=Directory
Manager'\'', '\''group-id'\'': None,
'\''InstScriptsEnabled'\'': None,
'\''user-id'\'': None,
'\''ldap-secureport'\'': None} was created.
INFO:lib389:Found entry dn: cn=replrepl,cn=config
cn: bind dn pseudo user
cn: replrepl
objectClass: top
objectClass: person
sn: bind dn pseudo user
userPassword:
{PBKDF2_SHA256}AAAIAJ+Q9XaOfANyIdQxq9DuoYP5DlmQKaWdjEm0h2S9quClBUIbeqKZUTEHPrLU2peGTH08MknfZhsXZxQpGeL1pSDgdvWN33KQGin551lewNP0qB0N2wWltQpQ0BdsG9f9my2kGHTgONeMZqpnGNjQpiw+DRKkNaOFXL2ZRUmXNqtOxj1XRoyu4NwERrqIIsZD9zmsIIALLwXvmDj8alL8O3IdlNwOkDYZwpiFfDTsg5gPTV8dI8VFHKJdK+x1asaBiJ4p/TmXAyevM695wZqxmVmaCtc4qb9b7tHHpUD4a2oF8x+mnuDjzM4CDhNgreSoUjSannD4s+1ev8RerOtoTwk4pI0Ym8BDWlncGjKtCK5RrC9BiEqICMFX0oGiJQFV5Vck1VWozqlJsOTYBEYcLkJFhtoM8sT604xBJ14aFbAD
INFO:lib389.topologies:Instance with parameters
{'\''ldap-port'\'': 39202, '\''suffix'\'':
'\''dc=example,dc=com'\'',
'\''krb5_realm'\'': None,
'\''deployed-dir'\'': '\''/usr'\'',
'\''inst-backupdir'\'': '\''/tmp'\'',
'\''hostname'\'': '\''localhost'\'',
'\''server-id'\'': '\''consumer2'\'',
'\''root-pw'\'': '\''password'\'',
'\''root-dn'\'': '\''cn=Directory
Manager'\'', '\''group-id'\'': None,
'\''InstScriptsEnabled'\'': None,
'\''user-id'\'': None,
'\''ldap-secureport'\'': None} was created.
INFO:lib389:Found entry dn: cn=replrepl,cn=config
cn: bind dn pseudo user
cn: replrepl
objectClass: top
objectClass: person
sn: bind dn pseudo user
userPassword:
{PBKDF2_SHA256}AAAIADl94NV/5RgWbLTsBNgXGnuUvsMxaZtbsLlqfCo6+eSFm6rh5UToHcy1Qk6J3qRXXsgVVczvbE9/kiEhsg1lWRp1p3mpde/Lb3K5A2sL9RDMvfrtXZA9yXyzZ1h8qsOunPKhl+dlO2MFQ+RxmYQ0Z47uTxgPjvEtLfqNq9eBjLrMsqom0FOf/9L6mYR/QkqzVTDpB5Wfu1+cgr0/sdj624K2W2Vt0EupiEzOjziEIaOLJrSN9ZxFaTBJXwiDjXbHRAFMp72/8d2u/6mWk6Ilt2+vCAc+QiipS0N51uKd0Dn9Y3REZsXgSueVwBKwGzhsR4xV/9x4RwVJhoiufl7TbgM5xjnQKZh5noUKONxIDnHLq7ujewhkZOvfAoFgzqkC+geMVQO9LhopE+KyZBZ2jn3V5XOalZvh2ct0PZf5/zaa
INFO:lib389.topologies:Instance with parameters
{'\''ldap-port'\'': 39001, '\''suffix'\'':
'\''dc=example,dc=com'\'',
'\''krb5_realm'\'': None,
'\''deployed-dir'\'': '\''/usr'\'',
'\''inst-backupdir'\'': '\''/tmp'\'',
'\''hostname'\'': '\''localhost'\'',
'\''server-id'\'': '\''master1'\'',
'\''root-pw'\'': '\''password'\'',
'\''root-dn'\'': '\''cn=Directory
Manager'\'', '\''group-id'\'': None,
'\''InstScriptsEnabled'\'': None,
'\''user-id'\'': None,
'\''ldap-secureport'\'': None} was created.
INFO:lib389:Found entry dn: cn=replrepl,cn=config
cn: bind dn pseudo user
cn: replrepl
objectClass: top
objectClass: person
sn: bind dn pseudo user
userPassword:
{PBKDF2_SHA256}AAAIAHhDRcaOkv8wUcJHinQ7Z994nVNXTnh8EOe/d0HQGG+M68tEdbtEAzCGS0fL8Fzm4W8R9AHlU28YBWFzka3COf0jVYOplV+5SbwRmG7CR4ZX+IYXUl2xpzRthuRts6FE3UStOdrkuw/QBix0VfbCEfV3FHBYpyhThDGiqJkTN7j7i8zA4mjCHPiKWRNPozKH6aVAGl2gw41AtA6/0RjtF7wEn1vEYdFU93ei6I5ixq7v8uhtYk5Q/B1zoRRIG1X+h+3seUFE66+f/n7MsU8Fm/ZAOp/WUBGRQ8TiPyjZCkaeb3n4/h72nos6yfKFHzsUQY0gHUEUVhku3wFLG7fiX2skJbHsSwINaloL6y1b+dewn1uSefGCMi5G+QkjwqKyCJyj6b/Kb9DiAt/ornUNhBMoYB9QD0QGlnHNmr/EP83h
INFO:lib389.topologies:Instance with parameters
{'\''ldap-port'\'': 39002, '\''suffix'\'':
'\''dc=example,dc=com'\'',
'\''krb5_realm'\'': None,
'\''deployed-dir'\'': '\''/usr'\'',
'\''inst-backupdir'\'': '\''/tmp'\'',
'\''hostname'\'': '\''localhost'\'',
'\''server-id'\'': '\''master2'\'',
'\''root-pw'\'': '\''password'\'',
'\''root-dn'\'': '\''cn=Directory
Manager'\'', '\''group-id'\'': None,
'\''InstScriptsEnabled'\'': None,
'\''user-id'\'': None,
'\''ldap-secureport'\'': None} was created.
INFO:lib389:Found entry dn: cn=replrepl,cn=config
cn: bind dn pseudo user
cn: replrepl
objectClass: top
objectClass: person
sn: bind dn pseudo user
userPassword:
{PBKDF2_SHA256}AAAIAN7VzsqBEJ4iBqm9ckJlKg4PelTR7/cHsCNM8dds+CUNGGu/L4Kfb4ghpVTb8F04wsmlDshJAkpPUnjUTU673M9UppmnwN/kFMTOk2CJH01ks5JfOTS43+GsOkXQCGUQmHsSsiw03jAaDqlZdnmMJIFAOeG3dyu6TtieWvLezTLtAM3ddtmdUqMVA36L40oSaBKM2oTHqvlXa5zUBbEtdO71G395oEsDaMTx6cBxCd6hHx0OUEWUOuI7ERjK77h8bHp4JEWdhFvLB6LfyLnA5EmFDWSMS5clF9GJw6PJyAi/+A1JPz7eh03pylTxuZTauql2FAsyMvNUOTxeKFZitJ7eXHRLulueld8qDSjHQ3UGu8ztfIKjC811f1GtsZtQYVMM1OIFYabf6zS6GsjGTgqII/vwe/ZG44Iy8eOhsdGo
INFO:Replica:Starting async replication
cn=meTo_localhost:39002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
INFO:Replica:Starting async replication
cn=meTo_localhost:39201,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
INFO:Replica:Starting async replication
cn=meTo_localhost:39202,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config
----------------------------- Captured stderr call -----------------------------
INFO:dirsrvtests.tests.tickets.ticket48944_test:Ticket 48944 - On a read only replica
invalid state info can accumulate
INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure
required attributes
INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on
master1
INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure
required attributes
INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on
master2
INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure
required attributes
INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on
consumer1
INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure
required attributes
INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on
consumer2
INFO:dirsrvtests.tests.tickets.ticket48944_test:Sleep for 10secs for the server to come
up
INFO:dirsrvtests.tests.tickets.ticket48944_test:Add few entries to server and check if
entries are replicated
INFO:dirsrvtests.tests.tickets.ticket48944_test:Checking if entries are synced across
masters and consumers
INFO:dirsrvtests.tests.tickets.ticket48944_test:Start master2 to sync lastLoginTime
attribute from master1
INFO:dirsrvtests.tests.tickets.ticket48944_test:Stop master1
INFO:dirsrvtests.tests.tickets.ticket48944_test:Bind as user1 to master2 and check if
lastLoginTime attribute is greater than master1
============== 1 failed, 621 passed, 1 skipped in 9143.01 seconds =============='
+ '[' 1 -ne 0 ']'
+ echo CI Tests 'FAILED!'
CI Tests FAILED!
+ MSG=FAILED
+ RC=1
+ sudo /usr/sbin/sendmail mreynolds(a)redhat.com firstyear(a)redhat.com
+ sudo rm -rf /var/tmp/slapd.vg.19176 /var/tmp/slapd.vg.46037 /var/tmp/slapd.vg.46166
/var/tmp/slapd.vg.63176
+ exit 1
Build step 'Execute shell' marked build as failure
10:16 p.m.
New subject: Build failed in Jenkins: NIGHTLY #103
See
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/103/display...
------------------------------------------
[...truncated 5459 lines...]
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850>
accpol_local = None
def test_locact_inact(topology_st, accpol_local):
"""Verify if user account is inactivated when
accountInactivityLimit is exceeded.
:ID: 02140e36-79eb-4d88-ba28-66478689289b
:feature: Account Policy Plugin
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps: 1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs before it reaches accountInactivityLimit and check
users.
3. Run ldapsearch as normal user, expected 0
4. Wait till accountInactivityLimit is exceeded
5. Run ldapsearch as normal user and check if its inactivated, expected
error 19.
6. Replace user'\''s lastLoginTime attribute and check if its
activated, expected 0
:assert: Should return error code 19
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "inactusr"
nousrs = 3
log.info('\''AccountInactivityLimit set to 10. Account will be
inactivated if not accessed in 10 secs'\'')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
log.info('\''Sleep for 9 secs to check if account is not inactivated,
expected value 0'\'')
time.sleep(9)
log.info('\''Account should not be inactivated since
AccountInactivityLimit not exceeded'\'')
account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled")
log.info('\''Sleep for 2 more secs to check if account is
inactivated'\'')
time.sleep(2)
account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled")
log.info('\''Sleep +9 secs to check if account {}3 is
inactivated'\''.format(userid))
time.sleep(9)
account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled")
log.info('\''Add lastLoginTime attribute to all users and check if its
activated'\'')
add_time_attr(topology_st, suffix, subtree, userid, nousrs,
'\''lastLoginTime'\'')
account_status(topology_st, suffix, subtree, userid, nousrs, 0,
"Enabled")
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850>
suffix = '\''dc=example,dc=com'\'', subtree =
'\''ou=people'\'', userid =
'\''inactusr'\''
nousrs = 3, ulimit = 0, tochck = '\''Enabled'\''
def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck):
"""Check account status for the given suffix, subtree, userid and
nousrs"""
while (nousrs > ulimit):
usrrdn = '\''{}{}'\''.format(userid, nousrs)
userdn = '\''uid={},{},{}'\''.format(usrrdn, subtree,
suffix)
if (tochck == "Enabled"):
try:
topology_st.standalone.simple_bind_s(userdn, USER_PASW)
except ldap.LDAPError as e:
log.error('\''User {} failed to login, expected
0'\''.format(userdn))
raise e
E
CONSTRAINT_VIOLATION: {'\''info'\'': '\''Account
inactivity limit exceeded. Contact system administrator to reset.'\'',
'\''desc'\'': '\''Constraint
violation'\''}
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
CONSTRAINT_VIOLATION
---------------------------- Captured stderr setup -----------------------------
INFO:lib389.utils:Adding Local account policy plugin configuration entries
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:AccountInactivityLimit set to 10. Account will be inactivated if not
accessed in 10 secs
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and
nousrs
INFO:lib389.utils:Sleep for 9 secs to check if account is not inactivated, expected value
0
INFO:lib389.utils:Account should not be inactivated since AccountInactivityLimit not
exceeded
INFO:lib389.utils:Sleep for 2 more secs to check if account is inactivated
INFO:lib389.utils:Sleep +9 secs to check if account inactusr3 is inactivated
INFO:lib389.utils:Add lastLoginTime attribute to all users and check if its activated
INFO:lib389.utils:Enable account by replacing
lastLoginTime/createTimeStamp/ModifyTimeStamp attribute
ERROR:lib389.utils:User uid=inactusr3,ou=people,dc=example,dc=com failed to login,
expected 0
_____________________________ test_locinact_modrdn _____________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850>
accpol_local = None
def test_locinact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when moved from ou=groups
to ou=people subtree.
:ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1
:feature: Account Policy Plugin
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps: 1. Add few users to ou=groups subtree in the default suffix
2. Plugin configured to ou=people subtree only.
3. Wait for few secs before it reaches accountInactivityLimit and check
users.
4. Run ldapsearch as normal user, expected 0
5. Wait till accountInactivityLimit exceeded
6. Move users from ou=groups subtree to ou=people subtree
7. Check if users are inactivated, expected error 19
:assert: Should return error code 0 and 19
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=groups"
userid = "nolockusr"
nousrs = 1
log.info('\''Account should not be inactivated since the subtree is
not configured'\'')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
in add_users
users.create(properties=user_properties)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in create
return co.create(rdn, properties, self._basedn)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in create
self._instance.add_ext_s(e, serverctrls=self._server_controls,
clientctrls=self._client_controls)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all=1,timeout=self.timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f7b8c07c150>
func = <built-in method result4 of LDAP object at 0x7f7b933bccb0>
args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
E
INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:Account should not be inactivated since the subtree is not configured
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and
nousrs
______________________________ test_locact_modrdn ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850>
accpol_local = None
def test_locact_modrdn(topology_st, accpol_local):
"""Verify if user account is inactivated when users moved from
ou=people to ou=groups subtree.
:ID: e821cbae-bfc3-40d3-947d-b228c809987f
:feature: Account Policy Plugin
:setup: Standalone instance, ou=people subtree configured for Local account
policy plugin configuration, set accountInactivityLimit to few secs.
:steps: 1. Add few users to ou=people subtree in the default suffix
2. Wait for few secs and check if users not inactivated, expected 0.
3. Move users from ou=people to ou=groups subtree
4. Wait till accountInactivityLimit is exceeded
5. Check if users are active in ou=groups subtree, expected 0
:assert: Should return error code 0
"""
suffix = DEFAULT_SUFFIX
subtree = "ou=people"
userid = "lockusr"
nousrs = 1
log.info('\''Account should be inactivated since the subtree is
configured'\'')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
in add_users
users.create(properties=user_properties)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in create
return co.create(rdn, properties, self._basedn)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in create
self._instance.add_ext_s(e, serverctrls=self._server_controls,
clientctrls=self._client_controls)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(ent.dn, ent.toTupleList(), *args[2:])
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all=1,timeout=self.timeout)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f7b8c07c150>
func = <built-in method result4 of LDAP object at 0x7f7b933bccb0>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
E
INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:Account should be inactivated since the subtree is configured
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and
nousrs
============= 11 failed, 611 passed, 1 skipped in 8924.93 seconds =============='
+ '[' 1 -ne 0 ']'
+ echo CI Tests 'FAILED!'
CI Tests FAILED!
+ MSG=FAILED
+ RC=1
+ sudo /usr/sbin/sendmail mreynolds(a)redhat.com firstyear(a)redhat.com
+ sudo rm -rf /var/tmp/slapd.vg.118806 /var/tmp/slapd.vg.14926 /var/tmp/slapd.vg.15028
/var/tmp/slapd.vg.32108
+ exit 1
Build step 'Execute shell' marked build as failure
10:23 p.m.
New subject: Jenkins build is back to normal : NIGHTLY #104
2400
days inactive
2402
days old
389-devel@lists.fedoraproject.org
2 comments
1 participants
participants (1)
-
mareynol@redhat.com