ipatests: test ipa-getkeytab server option

Test various usages of the -s/--server option: * -s is defined, use it as the server * no -s, use the host value from /etc/ipa/default.conf * -s is '_srv_', do DNS discovery https://pagure.io/freeipa/issue/8478 Signed-off-by: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2024-12-23 07:33:27 -06:00 · 2021-07-16 12:59:47 -04:00 · 2021-07-16 12:59:47 -04:00 · 7729b1c8ff
commit 7729b1c8ff
parent fece03d446
1 changed files with 58 additions and 0 deletions
--- a/ipatests/test_integration/test_commands.py
+++ b/ipatests/test_integration/test_commands.py
@ -1490,6 +1490,64 @@ class TestIPACommand(IntegrationTest):

        assert isrgrootx1_nick in result

+    def test_ipa_getkeytab_server(self):
+        """
+        Exercise the ipa-getkeytab server options
+
+        This relies on the behavior that without a TGT
+        ipa-getkeytab will quit and not do much of anything.
+
+        A bogus keytab and principal are passed in to satisfy the
+        minimum requirements.
+        """
+        tasks.kdestroy_all(self.master)
+
+        # Pass in a server name to use
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-s",
+                self.master.hostname,
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert 'Using provided server %s' % self.master.hostname in result
+
+        # Don't pass in a name, should use /etc/ipa/default.conf
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert (
+            'Using server from config %s' % self.master.hostname
+            in result
+        )
+
+        # Use DNS SRV lookup
+        result = self.master.run_command(
+            [
+                paths.IPA_GETKEYTAB,
+                "-k",
+                "/tmp/keytab",
+                "-p",
+                "foo",
+                "-s",
+                "_srv_",
+                "-v",
+            ], raiseonerr=False).stderr_text
+
+        assert 'Discovered server %s' % self.master.hostname in result
+

 class TestIPACommandWithoutReplica(IntegrationTest):
    """