See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/102/display/redirect
------------------------------------------ [...truncated 4641 lines...] suites/replication/acceptance_test.py::test_modify_stripattrs PASSED suites/replication/acceptance_test.py::test_new_suffix PASSED suites/replication/acceptance_test.py::test_many_attrs PASSED suites/replication/acceptance_test.py::test_double_delete PASSED suites/replication/acceptance_test.py::test_password_repl_error PASSED suites/replication/acceptance_test.py::test_invalid_agmt PASSED suites/replication/changelog_test.py::test_verify_changelog PASSED suites/replication/changelog_test.py::test_verify_changelog_online_backup PASSED suites/replication/changelog_test.py::test_verify_changelog_offline_backup PASSED suites/replication/cleanallruv_test.py::test_clean PASSED suites/replication/cleanallruv_test.py::test_clean_restart PASSED suites/replication/cleanallruv_test.py::test_clean_force PASSED suites/replication/cleanallruv_test.py::test_abort PASSED suites/replication/cleanallruv_test.py::test_abort_restart PASSED suites/replication/cleanallruv_test.py::test_abort_certify PASSED suites/replication/cleanallruv_test.py::test_stress_clean PASSED suites/replication/cleanallruv_test.py::test_multiple_tasks_with_force PASSED suites/replication/ruvstore_test.py::test_ruv_entry_backup PASSED suites/replication/ruvstore_test.py::test_memoryruv_sync_with_databaseruv PASSED suites/replication/single_master_test.py::test_mail_attr_repl PASSED suites/replication/single_master_test.py::test_lastupdate_attr_before_init PASSED suites/replication/tombstone_test.py::test_purge_success PASSED suites/replication/wait_for_async_feature_test.py::test_not_int_value PASSED suites/replication/wait_for_async_feature_test.py::test_multi_value PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr0] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr1] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr2] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr3] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr0] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr1] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr2] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr3] PASSED suites/schema/schema_reload_test.py::test_valid_schema PASSED suites/schema/schema_reload_test.py::test_invalid_schema PASSED suites/schema/test_eduperson.py::test_account_locking PASSED suites/schema/test_schema.py::test_schema_comparewithfiles PASSED suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[true] PASSED suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[false] PASSED
=================================== FAILURES =================================== _______________________________ test_ticket48944 _______________________________
topo = <lib389.topologies.TopologyMain object at 0x7f0651a91150>
def test_ticket48944(topo): """On a read only replica invalid state info can accumulate
:ID: 833be131-f3bf-493e-97c6-3121438a07b1 :feature: Account Policy Plugin :setup: Two master and two consumer setup :steps: 1. Configure Account policy plugin with alwaysrecordlogin set to yes 2. Check if entries are synced across masters and consumers 3. Stop all masters and consumers 4. Start master1 and bind as user1 to create lastLoginTime attribute 5. Start master2 and wait for the sync of lastLoginTime attribute 6. Stop master1 and bind as user1 from master2 7. Check if lastLoginTime attribute is updated and greater than master1 8. Stop master2, start consumer1, consumer2 and then master2 9. Check if lastLoginTime attribute is updated on both consumers 10. Bind as user1 to both consumers and check the value is updated 11. Check if lastLoginTime attribute is not updated from consumers 12. Start master1 and make sure the lastLoginTime attribute is not updated on consumers 13. Bind as user1 from master1 and check if all masters and consumers have the same value 14. Check error logs of consumers for "deletedattribute;deleted" message :expectedresults: No accumulation of replica invalid state info on consumers """
log.info("Ticket 48944 - On a read only replica invalid state info can accumulate") user_name = '''newbzusr''' tuserdn = '''uid={}1,ou=people,{}'''.format(user_name, SUFFIX) inst_list = ['''master1''', '''master2''', '''consumer1''', '''consumer2'''] for inst_name in inst_list: _enable_plugin(topo, inst_name)
log.info('''Sleep for 10secs for the server to come up''') time.sleep(10) log.info('''Add few entries to server and check if entries are replicated''') for nos in range(10): userdn = '''uid={}{},ou=people,{}'''.format(user_name, nos, SUFFIX) try: topo.ms['''master1'''].add_s(Entry((userdn, { '''objectclass''': '''top person'''.split(), '''objectclass''': '''inetorgperson''', '''cn''': user_name, '''sn''': user_name, '''userpassword''': USER_PW, '''mail''': '''{}@redhat.com'''.format(user_name)}))) except ldap.LDAPError as e: log.error('''Failed to add {} user: error {}'''.format(userdn, e.message['''desc'''])) raise e
log.info('''Checking if entries are synced across masters and consumers''') entries_m1 = topo.ms['''master1'''].search_s(SUFFIX, ldap.SCOPE_SUBTREE, '''uid={}*'''.format(user_name), ['''uid=*''']) exp_entries = str(entries_m1).count('''dn: uid={}*'''.format(user_name)) entries_m2 = topo.ms['''master2'''].search_s(SUFFIX, ldap.SCOPE_SUBTREE, '''uid={}*'''.format(user_name), ['''uid=*''']) act_entries = str(entries_m2).count('''dn: uid={}*'''.format(user_name)) assert act_entries == exp_entries inst_list = ['''consumer1''', '''consumer2'''] for inst in inst_list: entries_other = topo.cs[inst].search_s(SUFFIX, ldap.SCOPE_SUBTREE, '''uid={}*'''.format(user_name), ['''uid=*''']) act_entries = str(entries_other).count('''dn: uid={}*'''.format(user_name)) assert act_entries == exp_entries
topo.ms['''master2'''].stop(timeout=10) topo.ms['''master1'''].stop(timeout=10) topo.cs['''consumer1'''].stop(timeout=10) topo.cs['''consumer2'''].stop(timeout=10)
topo.ms['''master1'''].start(timeout=10) lastLogin_m1_1 = _last_login_time(topo, tuserdn, '''master1''', '''bind_n_check''')
log.info('''Start master2 to sync lastLoginTime attribute from master1''') topo.ms['''master2'''].start(timeout=10) time.sleep(5) log.info('''Stop master1''') topo.ms['''master1'''].stop(timeout=10) log.info('''Bind as user1 to master2 and check if lastLoginTime attribute is greater than master1''')
lastLogin_m2_1 = _last_login_time(topo, tuserdn, '\''master2'\'', '\''bind_n_check'\'')
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/tickets/ticket48944_test.py:156: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/tickets/ticket48944_test.py:34: in _last_login_time topo.ms[inst_name].simple_bind_s(userdn, USER_PW) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:223: in simple_bind_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f0651bb4750> func = <built-in method result4 of LDAP object at 0x7f06524f6bc0> args = (2, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INVALID_CREDENTIALS({'''desc''': '''Invalid credentials'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INVALID_CREDENTIALS: {'''desc''': '''Invalid credentials'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INVALID_CREDENTIALS ---------------------------- Captured stdout setup ----------------------------- OK group dirsrv exists OK user dirsrv exists OK group dirsrv exists OK user dirsrv exists OK group dirsrv exists OK user dirsrv exists OK group dirsrv exists OK user dirsrv exists ('''Update succeeded: status ''', '''0 Total update succeeded''') ('''Update succeeded: status ''', '''0 Total update succeeded''') ('''Update succeeded: status ''', '''0 Total update succeeded''') ---------------------------- Captured stderr setup ----------------------------- INFO:lib389.topologies:Instance with parameters {'''ldap-port''': 39201, '''suffix''': '''dc=example,dc=com''', '''krb5_realm''': None, '''deployed-dir''': '''/usr''', '''inst-backupdir''': '''/tmp''', '''hostname''': '''localhost''', '''server-id''': '''consumer1''', '''root-pw''': '''password''', '''root-dn''': '''cn=Directory Manager''', '''group-id''': None, '''InstScriptsEnabled''': None, '''user-id''': None, '''ldap-secureport''': None} was created. INFO:lib389:Found entry dn: cn=replrepl,cn=config cn: bind dn pseudo user cn: replrepl objectClass: top objectClass: person sn: bind dn pseudo user userPassword: {PBKDF2_SHA256}AAAIAJ+Q9XaOfANyIdQxq9DuoYP5DlmQKaWdjEm0h2S9quClBUIbeqKZUTEHPrLU2peGTH08MknfZhsXZxQpGeL1pSDgdvWN33KQGin551lewNP0qB0N2wWltQpQ0BdsG9f9my2kGHTgONeMZqpnGNjQpiw+DRKkNaOFXL2ZRUmXNqtOxj1XRoyu4NwERrqIIsZD9zmsIIALLwXvmDj8alL8O3IdlNwOkDYZwpiFfDTsg5gPTV8dI8VFHKJdK+x1asaBiJ4p/TmXAyevM695wZqxmVmaCtc4qb9b7tHHpUD4a2oF8x+mnuDjzM4CDhNgreSoUjSannD4s+1ev8RerOtoTwk4pI0Ym8BDWlncGjKtCK5RrC9BiEqICMFX0oGiJQFV5Vck1VWozqlJsOTYBEYcLkJFhtoM8sT604xBJ14aFbAD
INFO:lib389.topologies:Instance with parameters {'''ldap-port''': 39202, '''suffix''': '''dc=example,dc=com''', '''krb5_realm''': None, '''deployed-dir''': '''/usr''', '''inst-backupdir''': '''/tmp''', '''hostname''': '''localhost''', '''server-id''': '''consumer2''', '''root-pw''': '''password''', '''root-dn''': '''cn=Directory Manager''', '''group-id''': None, '''InstScriptsEnabled''': None, '''user-id''': None, '''ldap-secureport''': None} was created. INFO:lib389:Found entry dn: cn=replrepl,cn=config cn: bind dn pseudo user cn: replrepl objectClass: top objectClass: person sn: bind dn pseudo user userPassword: {PBKDF2_SHA256}AAAIADl94NV/5RgWbLTsBNgXGnuUvsMxaZtbsLlqfCo6+eSFm6rh5UToHcy1Qk6J3qRXXsgVVczvbE9/kiEhsg1lWRp1p3mpde/Lb3K5A2sL9RDMvfrtXZA9yXyzZ1h8qsOunPKhl+dlO2MFQ+RxmYQ0Z47uTxgPjvEtLfqNq9eBjLrMsqom0FOf/9L6mYR/QkqzVTDpB5Wfu1+cgr0/sdj624K2W2Vt0EupiEzOjziEIaOLJrSN9ZxFaTBJXwiDjXbHRAFMp72/8d2u/6mWk6Ilt2+vCAc+QiipS0N51uKd0Dn9Y3REZsXgSueVwBKwGzhsR4xV/9x4RwVJhoiufl7TbgM5xjnQKZh5noUKONxIDnHLq7ujewhkZOvfAoFgzqkC+geMVQO9LhopE+KyZBZ2jn3V5XOalZvh2ct0PZf5/zaa
INFO:lib389.topologies:Instance with parameters {'''ldap-port''': 39001, '''suffix''': '''dc=example,dc=com''', '''krb5_realm''': None, '''deployed-dir''': '''/usr''', '''inst-backupdir''': '''/tmp''', '''hostname''': '''localhost''', '''server-id''': '''master1''', '''root-pw''': '''password''', '''root-dn''': '''cn=Directory Manager''', '''group-id''': None, '''InstScriptsEnabled''': None, '''user-id''': None, '''ldap-secureport''': None} was created. INFO:lib389:Found entry dn: cn=replrepl,cn=config cn: bind dn pseudo user cn: replrepl objectClass: top objectClass: person sn: bind dn pseudo user userPassword: {PBKDF2_SHA256}AAAIAHhDRcaOkv8wUcJHinQ7Z994nVNXTnh8EOe/d0HQGG+M68tEdbtEAzCGS0fL8Fzm4W8R9AHlU28YBWFzka3COf0jVYOplV+5SbwRmG7CR4ZX+IYXUl2xpzRthuRts6FE3UStOdrkuw/QBix0VfbCEfV3FHBYpyhThDGiqJkTN7j7i8zA4mjCHPiKWRNPozKH6aVAGl2gw41AtA6/0RjtF7wEn1vEYdFU93ei6I5ixq7v8uhtYk5Q/B1zoRRIG1X+h+3seUFE66+f/n7MsU8Fm/ZAOp/WUBGRQ8TiPyjZCkaeb3n4/h72nos6yfKFHzsUQY0gHUEUVhku3wFLG7fiX2skJbHsSwINaloL6y1b+dewn1uSefGCMi5G+QkjwqKyCJyj6b/Kb9DiAt/ornUNhBMoYB9QD0QGlnHNmr/EP83h
INFO:lib389.topologies:Instance with parameters {'''ldap-port''': 39002, '''suffix''': '''dc=example,dc=com''', '''krb5_realm''': None, '''deployed-dir''': '''/usr''', '''inst-backupdir''': '''/tmp''', '''hostname''': '''localhost''', '''server-id''': '''master2''', '''root-pw''': '''password''', '''root-dn''': '''cn=Directory Manager''', '''group-id''': None, '''InstScriptsEnabled''': None, '''user-id''': None, '''ldap-secureport''': None} was created. INFO:lib389:Found entry dn: cn=replrepl,cn=config cn: bind dn pseudo user cn: replrepl objectClass: top objectClass: person sn: bind dn pseudo user userPassword: {PBKDF2_SHA256}AAAIAN7VzsqBEJ4iBqm9ckJlKg4PelTR7/cHsCNM8dds+CUNGGu/L4Kfb4ghpVTb8F04wsmlDshJAkpPUnjUTU673M9UppmnwN/kFMTOk2CJH01ks5JfOTS43+GsOkXQCGUQmHsSsiw03jAaDqlZdnmMJIFAOeG3dyu6TtieWvLezTLtAM3ddtmdUqMVA36L40oSaBKM2oTHqvlXa5zUBbEtdO71G395oEsDaMTx6cBxCd6hHx0OUEWUOuI7ERjK77h8bHp4JEWdhFvLB6LfyLnA5EmFDWSMS5clF9GJw6PJyAi/+A1JPz7eh03pylTxuZTauql2FAsyMvNUOTxeKFZitJ7eXHRLulueld8qDSjHQ3UGu8ztfIKjC811f1GtsZtQYVMM1OIFYabf6zS6GsjGTgqII/vwe/ZG44Iy8eOhsdGo
INFO:Replica:Starting async replication cn=meTo_localhost:39002,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config INFO:Replica:Starting async replication cn=meTo_localhost:39201,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config INFO:Replica:Starting async replication cn=meTo_localhost:39202,cn=replica,cn=dc\3Dexample\2Cdc\3Dcom,cn=mapping tree,cn=config ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.tickets.ticket48944_test:Ticket 48944 - On a read only replica invalid state info can accumulate INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure required attributes INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on master1 INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure required attributes INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on master2 INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure required attributes INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on consumer1 INFO:dirsrvtests.tests.tickets.ticket48944_test:Enable account policy plugin and configure required attributes INFO:dirsrvtests.tests.tickets.ticket48944_test:Configure Account policy plugin on consumer2 INFO:dirsrvtests.tests.tickets.ticket48944_test:Sleep for 10secs for the server to come up INFO:dirsrvtests.tests.tickets.ticket48944_test:Add few entries to server and check if entries are replicated INFO:dirsrvtests.tests.tickets.ticket48944_test:Checking if entries are synced across masters and consumers INFO:dirsrvtests.tests.tickets.ticket48944_test:Start master2 to sync lastLoginTime attribute from master1 INFO:dirsrvtests.tests.tickets.ticket48944_test:Stop master1 INFO:dirsrvtests.tests.tickets.ticket48944_test:Bind as user1 to master2 and check if lastLoginTime attribute is greater than master1 ============== 1 failed, 621 passed, 1 skipped in 9143.01 seconds ==============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.19176 /var/tmp/slapd.vg.46037 /var/tmp/slapd.vg.46166 /var/tmp/slapd.vg.63176 + exit 1 Build step 'Execute shell' marked build as failure
See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/103/display/redirect
------------------------------------------ [...truncated 5459 lines...] topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850> accpol_local = None
def test_locact_inact(topology_st, accpol_local): """Verify if user account is inactivated when accountInactivityLimit is exceeded.
:ID: 02140e36-79eb-4d88-ba28-66478689289b :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=people subtree in the default suffix 2. Wait for few secs before it reaches accountInactivityLimit and check users. 3. Run ldapsearch as normal user, expected 0 4. Wait till accountInactivityLimit is exceeded 5. Run ldapsearch as normal user and check if its inactivated, expected error 19. 6. Replace user'''s lastLoginTime attribute and check if its activated, expected 0 :assert: Should return error code 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "inactusr" nousrs = 3 log.info('''AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs''') add_users(topology_st, suffix, subtree, userid, nousrs, 0) log.info('''Sleep for 9 secs to check if account is not inactivated, expected value 0''') time.sleep(9) log.info('''Account should not be inactivated since AccountInactivityLimit not exceeded''') account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled") log.info('''Sleep for 2 more secs to check if account is inactivated''') time.sleep(2) account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled") log.info('''Sleep +9 secs to check if account {}3 is inactivated'''.format(userid)) time.sleep(9) account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled") log.info('''Add lastLoginTime attribute to all users and check if its activated''') add_time_attr(topology_st, suffix, subtree, userid, nousrs, '''lastLoginTime''')
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:883: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850> suffix = '''dc=example,dc=com''', subtree = '''ou=people''', userid = '''inactusr''' nousrs = 3, ulimit = 0, tochck = '''Enabled'''
def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck): """Check account status for the given suffix, subtree, userid and nousrs"""
while (nousrs > ulimit): usrrdn = '''{}{}'''.format(userid, nousrs) userdn = '''uid={},{},{}'''.format(usrrdn, subtree, suffix) if (tochck == "Enabled"): try: topology_st.standalone.simple_bind_s(userdn, USER_PASW) except ldap.LDAPError as e: log.error('''User {} failed to login, expected 0'''.format(userdn))
raise e
E CONSTRAINT_VIOLATION: {'''info''': '''Account inactivity limit exceeded. Contact system administrator to reset.''', '''desc''': '''Constraint violation'''}
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:306: CONSTRAINT_VIOLATION ---------------------------- Captured stderr setup ----------------------------- INFO:lib389.utils:Adding Local account policy plugin configuration entries ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO:lib389.utils:Sleep for 9 secs to check if account is not inactivated, expected value 0 INFO:lib389.utils:Account should not be inactivated since AccountInactivityLimit not exceeded INFO:lib389.utils:Sleep for 2 more secs to check if account is inactivated INFO:lib389.utils:Sleep +9 secs to check if account inactusr3 is inactivated INFO:lib389.utils:Add lastLoginTime attribute to all users and check if its activated INFO:lib389.utils:Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute ERROR:lib389.utils:User uid=inactusr3,ou=people,dc=example,dc=com failed to login, expected 0 _____________________________ test_locinact_modrdn _____________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850> accpol_local = None
def test_locinact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when moved from ou=groups to ou=people subtree.
:ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1 :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=groups subtree in the default suffix 2. Plugin configured to ou=people subtree only. 3. Wait for few secs before it reaches accountInactivityLimit and check users. 4. Run ldapsearch as normal user, expected 0 5. Wait till accountInactivityLimit exceeded 6. Move users from ou=groups subtree to ou=people subtree 7. Check if users are inactivated, expected error 19 :assert: Should return error code 0 and 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=groups" userid = "nolockusr" nousrs = 1 log.info('''Account should not be inactivated since the subtree is not configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:909: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:840: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:642: in create self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f7b8c07c150> func = <built-in method result4 of LDAP object at 0x7f7b933bccb0> args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should not be inactivated since the subtree is not configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ______________________________ test_locact_modrdn ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f7b8c07c850> accpol_local = None
def test_locact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when users moved from ou=people to ou=groups subtree.
:ID: e821cbae-bfc3-40d3-947d-b228c809987f :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=people subtree in the default suffix 2. Wait for few secs and check if users not inactivated, expected 0. 3. Move users from ou=people to ou=groups subtree 4. Wait till accountInactivityLimit is exceeded 5. Check if users are active in ou=groups subtree, expected 0 :assert: Should return error code 0 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "lockusr" nousrs = 1 log.info('''Account should be inactivated since the subtree is configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:950: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:840: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:642: in create self._instance.add_ext_s(e, serverctrls=self._server_controls, clientctrls=self._client_controls) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f7b8c07c150> func = <built-in method result4 of LDAP object at 0x7f7b933bccb0> args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should be inactivated since the subtree is configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ============= 11 failed, 611 passed, 1 skipped in 8924.93 seconds ==============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.118806 /var/tmp/slapd.vg.14926 /var/tmp/slapd.vg.15028 /var/tmp/slapd.vg.32108 + exit 1 Build step 'Execute shell' marked build as failure
389-devel@lists.fedoraproject.org
-
mareynol@redhat.com