See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/84/display/redirect
------------------------------------------ [...truncated 5415 lines...] :assert: Should return error code 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "inactusr" nousrs = 3 log.info('''AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs''') add_users(topology_st, suffix, subtree, userid, nousrs, 0) log.info('''Sleep for 9 secs to check if account is not inactivated, expected value 0''') time.sleep(9) log.info('''Account should not be inactivated since AccountInactivityLimit not exceeded''') account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled") log.info('''Sleep for 2 more secs to check if account is inactivated''') time.sleep(2) account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled") log.info('''Sleep +9 secs to check if account {}3 is inactivated'''.format(userid)) time.sleep(9) account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled") log.info('''Add lastLoginTime attribute to all users and check if its activated''') add_time_attr(topology_st, suffix, subtree, userid, nousrs, '''lastLoginTime''')
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:883: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850> suffix = '''dc=example,dc=com''', subtree = '''ou=people''', userid = '''inactusr''' nousrs = 3, ulimit = 0, tochck = '''Enabled'''
def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck): """Check account status for the given suffix, subtree, userid and nousrs"""
while (nousrs > ulimit): usrrdn = '''{}{}'''.format(userid, nousrs) userdn = '''uid={},{},{}'''.format(usrrdn, subtree, suffix) if (tochck == "Enabled"): try: topology_st.standalone.simple_bind_s(userdn, USER_PASW) except ldap.LDAPError as e: log.error('''User {} failed to login, expected 0'''.format(userdn))
raise e
E CONSTRAINT_VIOLATION: {'''info''': '''Account inactivity limit exceeded. Contact system administrator to reset.''', '''desc''': '''Constraint violation'''}
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:306: CONSTRAINT_VIOLATION ---------------------------- Captured stderr setup ----------------------------- INFO:lib389.utils:Adding Local account policy plugin configuration entries ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO:lib389.utils:Sleep for 9 secs to check if account is not inactivated, expected value 0 INFO:lib389.utils:Account should not be inactivated since AccountInactivityLimit not exceeded INFO:lib389.utils:Sleep for 2 more secs to check if account is inactivated INFO:lib389.utils:Sleep +9 secs to check if account inactusr3 is inactivated INFO:lib389.utils:Add lastLoginTime attribute to all users and check if its activated INFO:lib389.utils:Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute ERROR:lib389.utils:User uid=inactusr3,ou=people,dc=example,dc=com failed to login, expected 0 _____________________________ test_locinact_modrdn _____________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850> accpol_local = None
def test_locinact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when moved from ou=groups to ou=people subtree.
:ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1 :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=groups subtree in the default suffix 2. Plugin configured to ou=people subtree only. 3. Wait for few secs before it reaches accountInactivityLimit and check users. 4. Run ldapsearch as normal user, expected 0 5. Wait till accountInactivityLimit exceeded 6. Move users from ou=groups subtree to ou=people subtree 7. Check if users are inactivated, expected error 19 :assert: Should return error code 0 and 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=groups" userid = "nolockusr" nousrs = 1 log.info('''Account should not be inactivated since the subtree is not configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:909: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:833: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:640: in create self._instance.add_s(e) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s return self.result(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:130: in inner objtype, data = f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2 resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f60926d58d0> func = <built-in method result4 of LDAP object at 0x7f609f229260> args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should not be inactivated since the subtree is not configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ______________________________ test_locact_modrdn ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f60926d5850> accpol_local = None
def test_locact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when users moved from ou=people to ou=groups subtree.
:ID: e821cbae-bfc3-40d3-947d-b228c809987f :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=people subtree in the default suffix 2. Wait for few secs and check if users not inactivated, expected 0. 3. Move users from ou=people to ou=groups subtree 4. Wait till accountInactivityLimit is exceeded 5. Check if users are active in ou=groups subtree, expected 0 :assert: Should return error code 0 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "lockusr" nousrs = 1 log.info('''Account should be inactivated since the subtree is configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:950: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:833: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:640: in create self._instance.add_s(e) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s return self.result(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:130: in inner objtype, data = f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2 resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f60926d58d0> func = <built-in method result4 of LDAP object at 0x7f609f229260> args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should be inactivated since the subtree is configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ============= 11 failed, 597 passed, 1 skipped in 12728.25 seconds =============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.124754 /var/tmp/slapd.vg.20629 /var/tmp/slapd.vg.20771 /var/tmp/slapd.vg.36027 + exit 1 Build step 'Execute shell' marked build as failure
See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/85/display/redirect
------------------------------------------ [...truncated 4477 lines...] suites/paged_results/paged_results_test.py::test_maxsimplepaged_per_conn_success[1000] PASSED suites/paged_results/paged_results_test.py::test_maxsimplepaged_per_conn_failure[0] PASSED suites/paged_results/paged_results_test.py::test_maxsimplepaged_per_conn_failure[1] PASSED suites/password/password_test.py::test_password_delete_specific_password PASSED suites/password/pwdAdmin_test.py::test_pwdAdmin_init PASSED suites/password/pwdAdmin_test.py::test_pwdAdmin PASSED suites/password/pwdAdmin_test.py::test_pwdAdmin_config_validation PASSED suites/password/pwdPolicy_attribute_test.py::test_change_pwd[on-off-UNWILLING_TO_PERFORM] PASSED suites/password/pwdPolicy_attribute_test.py::test_change_pwd[off-off-UNWILLING_TO_PERFORM] PASSED suites/password/pwdPolicy_attribute_test.py::test_change_pwd[off-on-None] PASSED suites/password/pwdPolicy_attribute_test.py::test_change_pwd[on-on-None] PASSED suites/password/pwdPolicy_attribute_test.py::test_pwd_min_age PASSED suites/password/pwdPolicy_inherit_global_test.py::test_entry_has_no_restrictions[off-off] PASSED suites/password/pwdPolicy_inherit_global_test.py::test_entry_has_no_restrictions[on-off] PASSED suites/password/pwdPolicy_inherit_global_test.py::test_entry_has_no_restrictions[off-on] PASSED suites/password/pwdPolicy_inherit_global_test.py::test_entry_has_restrictions[cn=config] PASSED suites/password/pwdPolicy_inherit_global_test.py::test_entry_has_restrictions[cn="cn=nsPwPolicyEntry,ou=People,dc=example,dc=com",cn=nsPwPolicyContainer,ou=People,dc=example,dc=com] PASSED suites/password/pwdPolicy_syntax_test.py::test_pwdPolicy_syntax PASSED suites/password/pwdPolicy_warning_test.py::test_different_values[ ] PASSED suites/password/pwdPolicy_warning_test.py::test_different_values[junk123] PASSED suites/password/pwdPolicy_warning_test.py::test_different_values[on] PASSED suites/password/pwdPolicy_warning_test.py::test_different_values[off] PASSED suites/password/pwdPolicy_warning_test.py::test_expiry_time PASSED suites/password/pwdPolicy_warning_test.py::test_password_warning[passwordSendExpiringTime-off] PASSED suites/password/pwdPolicy_warning_test.py::test_password_warning[passwordWarning-3600] PASSED suites/password/pwdPolicy_warning_test.py::test_with_different_password_states PASSED suites/password/pwdPolicy_warning_test.py::test_default_behavior PASSED suites/password/pwdPolicy_warning_test.py::test_when_maxage_and_warning_are_the_same PASSED suites/password/pwdPolicy_warning_test.py::test_with_local_policy PASSED suites/password/pwd_algo_test.py::test_pwd_algo_test PASSED suites/password/pwd_lockout_bypass_test.py::test_lockout_bypass PASSED suites/password/pwp_history_test.py::test_pwp_history_test PASSED suites/password/regression_test.py::test_trivial_passw_check[UIDpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[MAILpwtest1@redhat.com] PASSED suites/password/regression_test.py::test_trivial_passw_check[GNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[CNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[SNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[CNpwtest1ZZZZ] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZZZZCNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZCNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[CNpwtest1Z] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZCNpwtest1Z] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZCNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[CNpwtest1ZZ] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZCNpwtest1ZZ] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZZCNpwtest1] PASSED suites/password/regression_test.py::test_trivial_passw_check[CNpwtest1ZZZ] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZZCNpwtest1ZZZ] PASSED suites/password/regression_test.py::test_trivial_passw_check[ZZZZZZCNpwtest1ZZZZZZZZ] PASSED suites/password/regression_test.py::test_global_vs_local[UIDpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[MAILpwtest1@redhat.com] PASSED suites/password/regression_test.py::test_global_vs_local[GNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[CNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[SNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[CNpwtest1ZZZZ] PASSED suites/password/regression_test.py::test_global_vs_local[ZZZZZCNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[ZCNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[CNpwtest1Z] PASSED suites/password/regression_test.py::test_global_vs_local[ZCNpwtest1Z] PASSED suites/password/regression_test.py::test_global_vs_local[ZZCNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[CNpwtest1ZZ] PASSED suites/password/regression_test.py::test_global_vs_local[ZZCNpwtest1ZZ] PASSED suites/password/regression_test.py::test_global_vs_local[ZZZCNpwtest1] PASSED suites/password/regression_test.py::test_global_vs_local[CNpwtest1ZZZ] PASSED suites/password/regression_test.py::test_global_vs_local[ZZZCNpwtest1ZZZ] PASSED suites/password/regression_test.py::test_global_vs_local[ZZZZZZCNpwtest1ZZZZZZZZ] PASSED suites/plugins/accpol_test.py::test_glact_inact PASSED suites/plugins/accpol_test.py::test_glremv_lastlogin PASSED suites/plugins/accpol_test.py::test_glact_login PASSED suites/plugins/accpol_test.py::test_glinact_limit PASSED suites/plugins/accpol_test.py::test_glnologin_attr PASSED suites/plugins/accpol_test.py::test_glnoalt_stattr PASSED suites/plugins/accpol_test.py::test_glattr_modtime PASSED suites/plugins/accpol_test.py::test_glnoalt_nologin PASSED suites/plugins/accpol_test.py::test_glinact_nsact PASSED suites/plugins/accpol_test.py::test_glinact_acclock PASSED suites/plugins/accpol_test.py::test_glnact_pwexp PASSED suites/plugins/accpol_test.py::test_locact_inact PASSED suites/plugins/accpol_test.py::test_locinact_modrdn PASSED suites/plugins/accpol_test.py::test_locact_modrdn PASSED suites/plugins/attr_uniqueness_test.py::test_attr_uniqueness_init PASSED suites/plugins/attr_uniqueness_test.py::test_attr_uniqueness PASSED suites/plugins/dna_test.py::test_basic PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_001 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_003 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_004 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_005 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_006 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_007 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_008 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_009 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_010 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_011 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_012 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_013 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_014 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_015 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_016 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_017 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_018 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_019 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_020 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_021 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_022 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_023 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_024 PASSED suites/plugins/memberof_test.py::test_memberof_MultiGrpAttr_025 PASSED suites/plugins/memberof_test.py::test_memberof_auto_add_oc PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_init PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_specific_time PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_day_of_week PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_denied_ip PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_denied_host PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_allowed_ip PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_access_allowed_host PASSED suites/plugins/rootdn_plugin_test.py::test_rootdn_config_validate PASSED suites/psearch/psearch_test.py::test_psearch PASSED suites/replication/acceptance_test.py::test_add_entry PASSED suites/replication/acceptance_test.py::test_modify_entry PASSED suites/replication/acceptance_test.py::test_delete_entry PASSED suites/replication/acceptance_test.py::test_modrdn_entry[0] PASSED suites/replication/acceptance_test.py::test_modrdn_entry[1] PASSED suites/replication/acceptance_test.py::test_modrdn_after_pause PASSED suites/replication/acceptance_test.py::test_modify_stripattrs PASSED suites/replication/acceptance_test.py::test_new_suffix PASSED suites/replication/acceptance_test.py::test_many_attrs PASSED suites/replication/acceptance_test.py::test_double_delete PASSED suites/replication/acceptance_test.py::test_password_repl_error PASSED suites/replication/acceptance_test.py::test_invalid_agmt PASSED suites/replication/changelog_test.py::test_verify_changelog PASSED suites/replication/changelog_test.py::test_verify_changelog_online_backup PASSED suites/replication/changelog_test.py::test_verify_changelog_offline_backup PASSED suites/replication/cleanallruv_test.py::test_clean PASSED suites/replication/cleanallruv_test.py::test_clean_restart PASSED suites/replication/cleanallruv_test.py::test_clean_force PASSED suites/replication/cleanallruv_test.py::test_abort PASSED suites/replication/cleanallruv_test.py::test_abort_restart PASSED suites/replication/cleanallruv_test.py::test_abort_certify PASSED suites/replication/cleanallruv_test.py::test_stress_clean PASSED suites/replication/cleanallruv_test.py::test_multiple_tasks_with_force PASSED suites/replication/single_master_test.py::test_mail_attr_repl PASSED suites/replication/single_master_test.py::test_lastupdate_attr_before_init PASSED suites/replication/tombstone_test.py::test_purge_success PASSED suites/replication/wait_for_async_feature_test.py::test_not_int_value PASSED suites/replication/wait_for_async_feature_test.py::test_multi_value PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr0] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr1] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr2] PASSED suites/replication/wait_for_async_feature_test.py::test_value_check[waitfor_async_attr3] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr0] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr1] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr2] PASSED suites/replication/wait_for_async_feature_test.py::test_behavior_with_value[waitfor_async_attr3] PASSED suites/schema/test_eduperson.py::test_account_locking PASSED suites/schema/test_schema.py::test_schema_comparewithfiles PASSED suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[true] PASSED suites/setup_ds/setup_ds_test.py::test_slapd_InstScriptsEnabled[false] PASSED
=================================== FAILURES =================================== _____________________ test_ticket48228_test_subtree_policy _____________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f5e0bf3c790>
def test_ticket48228_test_subtree_policy(topology_st): """ Check subtree level password policy """
log.info(''' Set inhistory = 6''') set_subtree_pwpolicy(topology_st)
log.info(''' Bind as directory manager''') log.info("Bind as %s" % DN_DM) topology_st.standalone.simple_bind_s(DN_DM, PASSWORD)
log.info(''' Add an entry''' + USER2_DN) try: topology_st.standalone.add_s( Entry((USER2_DN, {'''objectclass''': "top person organizationalPerson inetOrgPerson".split(), '''sn''': '''2''', '''cn''': '''user 2''', '''uid''': '''user2''', '''givenname''': '''user''', '''mail''': '''user2@example.com''', '''userpassword''': '''password'''}))) except ldap.LDAPError as e: log.fatal('''test_ticket48228: Failed to add user''' + USER2_DN + ''': error ''' + e.message['''desc''']) assert False
log.info(''' Update the password of ''' + USER2_DN + ''' 6 times''')
update_passwd(topology_st, USER2_DN, '\''password'\'', 6)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/tickets/ticket48228_test.py:231: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7f5e0bf3c790> user = '''uid=user2,dc=example,dc=com''', passwd = '''password''', times = 6
def update_passwd(topology_st, user, passwd, times): # Set the default value cpw = passwd for i in range(times): log.info(" Bind as {%s,%s}" % (user, cpw)) topology_st.standalone.simple_bind_s(user, cpw) # Now update the value for this iter. cpw = '''password%d''' % i try: topology_st.standalone.modify_s(user, [(ldap.MOD_REPLACE, '''userpassword''', cpw)]) except ldap.LDAPError as e: log.fatal( '''test_ticket48228: Failed to update the password ''' + cpw + ''' of user ''' + user + ''': error ''' + e.message[ '''desc''']) assert False
# checking the first password, which is supposed to be in history inhistory = check_passwd_inhistory(topology_st, user, cpw, passwd)
assert inhistory == 1
E assert 0 == 1
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/tickets/ticket48228_test.py:142: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.tickets.ticket48228_test: Set inhistory = 6 INFO:dirsrvtests.tests.tickets.ticket48228_test: +++++ Enable subtree level password policy +++++
INFO:dirsrvtests.tests.tickets.ticket48228_test: Add the container INFO:dirsrvtests.tests.tickets.ticket48228_test: Add the password policy subentry {passwordHistory: on, passwordInHistory: 6} INFO:dirsrvtests.tests.tickets.ticket48228_test: Add the COS template INFO:dirsrvtests.tests.tickets.ticket48228_test: Add the COS definition INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as directory manager INFO:dirsrvtests.tests.tickets.ticket48228_test:Bind as cn=Directory Manager INFO:dirsrvtests.tests.tickets.ticket48228_test: Add an entryuid=user2,dc=example,dc=com INFO:dirsrvtests.tests.tickets.ticket48228_test: Update the password of uid=user2,dc=example,dc=com 6 times INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password0} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password1} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password2} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password3} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password4} INFO:dirsrvtests.tests.tickets.ticket48228_test: Bind as {uid=user2,dc=example,dc=com,password5} ============= 1 failed, 607 passed, 1 skipped in 12972.67 seconds ==============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.50764 /var/tmp/slapd.vg.77453 /var/tmp/slapd.vg.77598 /var/tmp/slapd.vg.92819 + exit 1 Build step 'Execute shell' marked build as failure
See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/86/display/redirect
------------------------------------------ [...truncated 4863 lines...] e.message['''desc'''])
assert False
E assert False
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/rootdn_plugin_test.py:313: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:Running test_rootdn_access_denied_ip... CRITICAL:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:test_rootdn_access_denied_ip: Root DN bind failed unexpectedly failed: error Server is unwilling to perform ________________________ test_rootdn_access_denied_host ________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f2dea206a50>
def test_rootdn_access_denied_host(topology_st): ''''''''' Test denied Host feature - we can just test denying localhost '''''''''
log.info('''Running test_rootdn_access_denied_host...''') hostname = socket.gethostname() localhost = DirSrvTools.getLocalhost() try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD, '''rootdn-deny-host''', hostname)]) if localhost != hostname: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD, '''rootdn-deny-host''', localhost)]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_denied_host: Failed to set deny host: error ''' + e.message['''desc''']) assert False
# # Bind as Root DN - should fail # try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) succeeded = True except ldap.LDAPError as e: succeeded = False
if succeeded: log.fatal('''test_rootdn_access_denied_host: Root DN was incorrectly able to bind''') assert False
# # Change the denied host so root DN succeeds # try: topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_denied_host: : failed to bind as user1''') assert False
try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, '''rootdn-deny-host''', '''i.dont.exist.com''')]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_denied_host: Failed to set rootDN plugin config: error ''' + e.message['''desc''']) assert False
try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_denied_host: Root DN bind failed unexpectedly failed: error ''' + e.message['''desc'''])
assert False
E assert False
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/rootdn_plugin_test.py:390: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:Running test_rootdn_access_denied_host... CRITICAL:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:test_rootdn_access_denied_host: Root DN bind failed unexpectedly failed: error Server is unwilling to perform ________________________ test_rootdn_access_allowed_ip _________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f2dea206a50>
def test_rootdn_access_allowed_ip(topology_st): ''''''''' Test allowed ip feature '''''''''
log.info('''Running test_rootdn_access_allowed_ip...''')
# # Set allowed host to an unknown host - blocks the Root DN # try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, '''rootdn-allow-ip''', '''255.255.255.255''')]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_ip: Failed to set allowed host: error ''' + e.message['''desc''']) assert False
# # Bind as Root DN - should fail # try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) succeeded = True except ldap.LDAPError as e: succeeded = False
if succeeded: log.fatal('''test_rootdn_access_allowed_ip: Root DN was incorrectly able to bind''') assert False
# # Allow localhost # try: topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_ip: : failed to bind as user1''') assert False
try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, '''rootdn-allow-ip''', '''127.0.0.1'''), (ldap.MOD_ADD, '''rootdn-allow-ip''', '''::1''')]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_ip: Failed to set allowed host: error ''' + e.message['''desc''']) assert False
try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_ip: Root DN bind failed unexpectedly failed: error ''' + e.message['''desc'''])
assert False
E assert False
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/rootdn_plugin_test.py:464: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:Running test_rootdn_access_allowed_ip... CRITICAL:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:test_rootdn_access_allowed_ip: Root DN bind failed unexpectedly failed: error Server is unwilling to perform _______________________ test_rootdn_access_allowed_host ________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f2dea206a50>
def test_rootdn_access_allowed_host(topology_st): ''''''''' Test allowed ip feature '''''''''
log.info('''Running test_rootdn_access_allowed_host...''')
# # Set allowed host to an unknown host - blocks the Root DN # try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, '''rootdn-allow-host''', '''i.dont.exist.com''')]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_host: Failed to set allowed host: error ''' + e.message['''desc''']) assert False
# # Bind as Root DN - should fail # try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) succeeded = True except ldap.LDAPError as e: succeeded = False
if succeeded: log.fatal('''test_rootdn_access_allowed_host: Root DN was incorrectly able to bind''') assert False
# # Allow localhost # try: topology_st.standalone.simple_bind_s(USER1_DN, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_host: : failed to bind as user1''') assert False
hostname = socket.gethostname() localhost = DirSrvTools.getLocalhost() try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_DELETE, '''rootdn-allow-host''', None)]) topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD, '''rootdn-allow-host''', localhost)]) if hostname != localhost: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_ADD, '''rootdn-allow-host''', hostname)]) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_host: Failed to set allowed host: error ''' + e.message['''desc''']) assert False
try: topology_st.standalone.simple_bind_s(DN_DM, PASSWORD) except ldap.LDAPError as e: log.fatal('''test_rootdn_access_allowed_host: Root DN bind failed unexpectedly failed: error ''' + e.message['''desc'''])
assert False
E assert False
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/rootdn_plugin_test.py:548: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:Running test_rootdn_access_allowed_host... CRITICAL:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:test_rootdn_access_allowed_host: Root DN bind failed unexpectedly failed: error Server is unwilling to perform _________________________ test_rootdn_config_validate __________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f2dea206a50>
def test_rootdn_config_validate(topology_st): ''''''''' Test configuration validation
test single valued attributes: rootdn-open-time, rootdn-close-time, rootdn-days-allowed
'''''''''
log.info('''Running test_rootdn_config_validate...''')
# # Test rootdn-open-time # try: topology_st.standalone.modify_s(PLUGIN_DN, [(ldap.MOD_REPLACE, '''rootdn-open-time''', '''0000''')]) log.fatal('''test_rootdn_config_validate: Incorrectly allowed to just add "rootdn-open-time" ''')
assert False
E assert False
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/rootdn_plugin_test.py:588: AssertionError ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:Running test_rootdn_config_validate... CRITICAL:dirsrvtests.tests.suites.plugins.rootdn_plugin_test:test_rootdn_config_validate: Incorrectly allowed to just add "rootdn-open-time" ============= 7 failed, 607 passed, 1 skipped in 12997.53 seconds ==============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.110707 /var/tmp/slapd.vg.68716 /var/tmp/slapd.vg.95342 /var/tmp/slapd.vg.95479 + exit 1 Build step 'Execute shell' marked build as failure
See http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/87/display/redirect
------------------------------------------ [...truncated 5271 lines...] :assert: Should return error code 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "inactusr" nousrs = 3 log.info('''AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs''') add_users(topology_st, suffix, subtree, userid, nousrs, 0) log.info('''Sleep for 9 secs to check if account is not inactivated, expected value 0''') time.sleep(9) log.info('''Account should not be inactivated since AccountInactivityLimit not exceeded''') account_status(topology_st, suffix, subtree, userid, 3, 2, "Enabled") log.info('''Sleep for 2 more secs to check if account is inactivated''') time.sleep(2) account_status(topology_st, suffix, subtree, userid, 2, 0, "Disabled") log.info('''Sleep +9 secs to check if account {}3 is inactivated'''.format(userid)) time.sleep(9) account_status(topology_st, suffix, subtree, userid, 3, 2, "Disabled") log.info('''Add lastLoginTime attribute to all users and check if its activated''') add_time_attr(topology_st, suffix, subtree, userid, nousrs, '''lastLoginTime''')
account_status(topology_st, suffix, subtree, userid, nousrs, 0, "Enabled")
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:883: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
topology_st = <lib389.topologies.TopologyMain object at 0x7fe971d4e110> suffix = '''dc=example,dc=com''', subtree = '''ou=people''', userid = '''inactusr''' nousrs = 3, ulimit = 0, tochck = '''Enabled'''
def account_status(topology_st, suffix, subtree, userid, nousrs, ulimit, tochck): """Check account status for the given suffix, subtree, userid and nousrs"""
while (nousrs > ulimit): usrrdn = '''{}{}'''.format(userid, nousrs) userdn = '''uid={},{},{}'''.format(usrrdn, subtree, suffix) if (tochck == "Enabled"): try: topology_st.standalone.simple_bind_s(userdn, USER_PASW) except ldap.LDAPError as e: log.error('''User {} failed to login, expected 0'''.format(userdn))
raise e
E CONSTRAINT_VIOLATION: {'''info''': '''Account inactivity limit exceeded. Contact system administrator to reset.''', '''desc''': '''Constraint violation'''}
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:306: CONSTRAINT_VIOLATION ---------------------------- Captured stderr setup ----------------------------- INFO:lib389.utils:Adding Local account policy plugin configuration entries ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:AccountInactivityLimit set to 10. Account will be inactivated if not accessed in 10 secs INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs INFO:lib389.utils:Sleep for 9 secs to check if account is not inactivated, expected value 0 INFO:lib389.utils:Account should not be inactivated since AccountInactivityLimit not exceeded INFO:lib389.utils:Sleep for 2 more secs to check if account is inactivated INFO:lib389.utils:Sleep +9 secs to check if account inactusr3 is inactivated INFO:lib389.utils:Add lastLoginTime attribute to all users and check if its activated INFO:lib389.utils:Enable account by replacing lastLoginTime/createTimeStamp/ModifyTimeStamp attribute ERROR:lib389.utils:User uid=inactusr3,ou=people,dc=example,dc=com failed to login, expected 0 _____________________________ test_locinact_modrdn _____________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7fe971d4e110> accpol_local = None
def test_locinact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when moved from ou=groups to ou=people subtree.
:ID: 5f25bea3-fab0-4db4-b43d-2d47cc6e5ad1 :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=groups subtree in the default suffix 2. Plugin configured to ou=people subtree only. 3. Wait for few secs before it reaches accountInactivityLimit and check users. 4. Run ldapsearch as normal user, expected 0 5. Wait till accountInactivityLimit exceeded 6. Move users from ou=groups subtree to ou=people subtree 7. Check if users are inactivated, expected error 19 :assert: Should return error code 0 and 19 """
suffix = DEFAULT_SUFFIX subtree = "ou=groups" userid = "nolockusr" nousrs = 1 log.info('''Account should not be inactivated since the subtree is not configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:909: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:833: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:640: in create self._instance.add_s(e) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s return self.result(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:130: in inner objtype, data = f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2 resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7fe971d4e310> func = <built-in method result4 of LDAP object at 0x7fe976febcb0> args = (14, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should not be inactivated since the subtree is not configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ______________________________ test_locact_modrdn ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7fe971d4e110> accpol_local = None
def test_locact_modrdn(topology_st, accpol_local): """Verify if user account is inactivated when users moved from ou=people to ou=groups subtree.
:ID: e821cbae-bfc3-40d3-947d-b228c809987f :feature: Account Policy Plugin :setup: Standalone instance, ou=people subtree configured for Local account policy plugin configuration, set accountInactivityLimit to few secs. :steps: 1. Add few users to ou=people subtree in the default suffix 2. Wait for few secs and check if users not inactivated, expected 0. 3. Move users from ou=people to ou=groups subtree 4. Wait till accountInactivityLimit is exceeded 5. Check if users are active in ou=groups subtree, expected 0 :assert: Should return error code 0 """
suffix = DEFAULT_SUFFIX subtree = "ou=people" userid = "lockusr" nousrs = 1 log.info('''Account should be inactivated since the subtree is configured''')
add_users(topology_st, suffix, subtree, userid, nousrs, 0)
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:950: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/plugins/accpol_test.py:278: in add_users users.create(properties=user_properties) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:833: in create return co.create(rdn, properties, self._basedn) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/_mapped_object.py:640: in create self._instance.add_s(e) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:158: in inner return f(ent.dn, ent.toTupleList(), *args[2:]) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:210: in add_s return self.result(msgid,all=1,timeout=self.timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:130: in inner objtype, data = f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:503: in result resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:507: in result2 resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all,timeout) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7fe971d4e310> func = <built-in method result4 of LDAP object at 0x7fe976febcb0> args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''},)
def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('''*** %s %s - %s\n%s\n''' % ( repr(self), self._uri, '''.'''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try:
result = func(*args,**kwargs)
E INSUFFICIENT_ACCESS: {'''info''': "Insufficient '''add''' privilege to the '''userPassword''' attribute", '''desc''': '''Insufficient access'''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should be inactivated since the subtree is configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ============= 10 failed, 604 passed, 1 skipped in 12638.62 seconds =============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@redhat.com firstyear@redhat.com + sudo rm -rf /var/tmp/slapd.vg.127167 /var/tmp/slapd.vg.23132 /var/tmp/slapd.vg.23270 /var/tmp/slapd.vg.38438 + exit 1 Build step 'Execute shell' marked build as failure
389-devel@lists.fedoraproject.org