See
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/112/display...
------------------------------------------
[...truncated 5593 lines...]
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all=1,timeout=self.timeout)
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3
resp_ctrl_classes=resp_ctrl_classes
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f8e2c634bd0>
func = <built-in method result4 of LDAP object at 0x7f8e2dad7710>
args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None
e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
E
INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient
'\''add'\'' privilege to the
'\''userPassword'\'' attribute",
'\''desc'\'': '\''Insufficient
access'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS
----------------------------- Captured stderr call -----------------------------
INFO:lib389.utils:Account should be inactivated since the subtree is configured
INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and
nousrs
______________________________ test_modify_entry _______________________________
topo_m4 = <lib389.topologies.TopologyMain object at 0x7f8e284b6050>
test_entry = None
def test_modify_entry(topo_m4, test_entry):
"""Check that entries are replicated after modify operation
:id: 36764053-622c-43c2-a132-d7a3ab7d9aaa
:setup: Four masters replication setup, an entry
:steps:
1. Modify the entry on master1 - add attribute
2. Wait for replication to happen
3. Check entry on all other masters
4. Modify the entry on master1 - replace attribute
5. Wait for replication to happen
6. Check entry on all other masters
7. Modify the entry on master1 - delete attribute
8. Wait for replication to happen
9. Check entry on all other masters
:expectedresults:
1. Attribute should be successfully added
2. Some time should pass
3. The change should be present on all masters
4. Attribute should be successfully replaced
5. Some time should pass
6. The change should be present on all masters
4. Attribute should be successfully deleted
8. Some time should pass
9. The change should be present on all masters
"""
log.info('\''Modifying entry {} - add
operation'\''.format(TEST_ENTRY_DN))
test_user = UserAccount(topo_m4.ms["master1"], TEST_ENTRY_DN)
test_user.add('\''mail'\'',
'\''{}(a)redhat.com'\''.format(TEST_ENTRY_NAME))
time.sleep(1)
all_user = topo_m4.all_get_dsldapobject(TEST_ENTRY_DN,
UserAccount)
E AttributeError: '\''TopologyMain'\''
object has no attribute '\''all_get_dsldapobject'\''
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
AttributeError
---------------------------- Captured stderr setup -----------------------------
INFO:dirsrvtests.tests.suites.replication.acceptance_test:Adding entry
uid=mmrepl_test,dc=example,dc=com
INFO:dirsrvtests.tests.suites.replication.acceptance_test:Deleting entry
uid=mmrepl_test,dc=example,dc=com
----------------------------- Captured stderr call -----------------------------
INFO:dirsrvtests.tests.suites.replication.acceptance_test:Modifying entry
uid=mmrepl_test,dc=example,dc=com - add operation
______________________________ test_basic_feature ______________________________
topology_st = <lib389.topologies.TopologyMain object at 0x7f8e2c2a49d0>
def test_basic_feature(topology_st):
"""Check basic SASL functionality for PLAIN mechanism
:id: 75ddc6fa-aa5a-4025-9c71-1abad20c91fc
:setup: Standalone instance
:steps:
1. Stop the instance
2. Clean up confdir from previous cert and key files
3. Create RSA files: CA, key and cert
4. Start the instance
5. Create RSA entry
6. Set nsslapd-secureport to 636 and nsslapd-security to
'\''on'\''
7. Restart the instance
8. Create a user
9. Check we can bind
10. Check that PLAIN is listed in supported mechs
11. Set up Plain SASL credentials
12. Try to open a connection without TLS
13. Try to open a connection with TLS
14. Try to open a connection with a wrong password
:expectedresults:
1. The instance should stop
2. Confdir should be clean
3. RSA files should be created
4. The instance should start
5. RSA entry should be created
6. nsslapd-secureport and nsslapd-security should be set successfully
7. The instance should be restarted
8. User should be created
9. Bind should be successful
10. PLAIN should be listed in supported mechs
11. Plain SASL should be successfully set
12. AUTH_UNKNOWN exception should be raised
13. The connection should open
14. INVALID_CREDENTIALS exception should be raised
"""
standalone = topology_st.standalone
# SETUP TLS
standalone.stop()
# Prepare SSL but don'\''t enable it.
for f in ('\''key3.db'\'',
'\''cert8.db'\'', '\''key4.db'\'',
'\''cert9.db'\'', '\''secmod.db'\'',
'\''pkcs11.txt'\''):
try:
os.remove("%s/%s" % (standalone.confdir, f))
except:
pass
assert(standalone.nss_ssl.reinit() is True)
assert(standalone.nss_ssl.create_rsa_ca() is True)
assert(standalone.nss_ssl.create_rsa_key_and_cert() is True)
# Start again
standalone.start()
standalone.rsa.create()
# Set the secure port and nsslapd-security
# Could this fail with selinux?
standalone.config.set('\''nsslapd-secureport'\'',
str(DEFAULT_SECURE_PORT))
standalone.config.set('\''nsslapd-security'\'',
'\''on'\'')
# Do we need to restart to allow starttls?
standalone.restart()
# Create a user
sas = ServiceAccounts(standalone, DEFAULT_SUFFIX)
sas._basedn = DEFAULT_SUFFIX
sa = sas.create(properties={'\''cn'\'':
'\''testaccount'\'', '\''userPassword'\'':
'\''password'\''})
# Check we can bind. This will raise exceptions if it fails.
sa.bind('\''password'\'')
# Check that PLAIN is listed in supported mechns.
assert(standalone.rootdse.supports_sasl_plain())
# The sasl parameters don'\''t change, so set them up now.
# Do we need the sasl map dn:?
auth_tokens = PlainSASL("dn:%s" % sa.dn,
'\''password'\'')
# Check that it fails without TLS
with pytest.raises(ldap.AUTH_UNKNOWN):
standalone.openConnection(saslmethod='\''PLAIN'\'',
sasltoken=auth_tokens, starttls=False, connOnly=True)
# We *have* to use REQCERT NEVER here because python ldap fails cert verification
for .... some reason that even
# I can not solve. I think it'\''s leaking state across connections in
start_tls_s?
# Check that it works with TLS
conn = standalone.openConnection(saslmethod='\''PLAIN'\'',
sasltoken=auth_tokens, starttls=True, connOnly=True,
certdir=standalone.get_cert_dir(), reqcert=ldap.OPT_X_TLS_NEVER)
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/3...:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in openConnection
server.open(*args, **kwargs)
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in open
self.start_tls_s()
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:609: in start_tls_s
return self._ldap_call(self._l.start_tls_s)
<
http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/l...:
in inner
return f(*args, **kwargs)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <lib389.DirSrv object at 0x7f8e2bb0a790>
func = <built-in method start_tls_s of LDAP object at 0x7f8e2dad7c60>, args = ()
kwargs = {}, diagnostic_message_success = None
e = CONNECT_ERROR({'\''info'\'': '\''TLS error
-8174:security library: bad database.'\'',
'\''desc'\'': '\''Connect error'\''},)
def _ldap_call(self,func,*args,**kwargs):
"""
Wrapper method mainly for serializing calls into OpenLDAP libs
and trace logs
"""
self._ldap_object_lock.acquire()
if __debug__:
if self._trace_level>=1:
self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % (
repr(self),
self._uri,
'\''.'\''.join((self.__class__.__name__,func.__name__)),
pprint.pformat((args,kwargs))
))
if self._trace_level>=9:
traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file)
diagnostic_message_success = None
try:
try:
result = func(*args,**kwargs)
E CONNECT_ERROR:
{'\''info'\'': '\''TLS error -8174:security library:
bad database.'\'', '\''desc'\'':
'\''Connect error'\''}
/usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: CONNECT_ERROR
---------------------------- Captured stdout setup -----------------------------
OK group dirsrv exists
OK user dirsrv exists
---------------------------- Captured stderr setup -----------------------------
INFO:lib389.topologies:Instance with parameters
{'\''ldap-port'\'': 38901, '\''suffix'\'':
'\''dc=example,dc=com'\'',
'\''krb5_realm'\'': None,
'\''deployed-dir'\'': '\''/usr'\'',
'\''inst-backupdir'\'': '\''/tmp'\'',
'\''hostname'\'': '\''localhost'\'',
'\''server-id'\'': '\''standalone1'\'',
'\''root-pw'\'': '\''password'\'',
'\''root-dn'\'': '\''cn=Directory
Manager'\'', '\''group-id'\'': None,
'\''InstScriptsEnabled'\'': None,
'\''user-id'\'': None,
'\''ldap-secureport'\'': None} was created.
----------------------------- Captured stderr call -----------------------------
Generating key. This may take a few moments...
Generating key. This may take a few moments...
============= 13 failed, 631 passed, 1 skipped in 8822.00 seconds =============='
+ '[' 1 -ne 0 ']'
+ echo CI Tests 'FAILED!'
CI Tests FAILED!
+ MSG=FAILED
+ RC=1
+ sudo /usr/sbin/sendmail mreynolds(a)redhat.com firstyear(a)redhat.com
+ sudo rm -rf /var/tmp/slapd.vg.113129 /var/tmp/slapd.vg.113241 /var/tmp/slapd.vg.131058
/var/tmp/slapd.vg.85839
+ exit 1
Build step 'Execute shell' marked build as failure
[locks-and-latches] Releasing all the locks
[locks-and-latches] All the locks released