IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

ipatests/test_integration/test_replica_promotion.py: Fix firewall config

Browse Source 
The firewall needs to be configured before installing replicas.

See: https://pagure.io/freeipa/issue/7755
Signed-off-by: Thomas Woerner <twoerner@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
This commit is contained in:
Thomas Woerner 2018-12-05 16:46:55 +01:00 committed by Christian Heimes
parent 8e25ee64c8
commit f86b410ff5
1 changed files with 18 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
ipatests/test_integration/test_replica_promotion.py
View File

@ -56,6 +56,9 @@ class TestReplicaPromotionLevel1(ReplicaPromotionBase):
Test for ticket 6353 Test for ticket 6353
""" """
# Configure firewall first
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
expected_err = "--password and --admin-password options are " \ expected_err = "--password and --admin-password options are " \
"mutually exclusive" "mutually exclusive"
result = self.replicas[0].run_command([ result = self.replicas[0].run_command([
@ -69,8 +72,6 @@ class TestReplicaPromotionLevel1(ReplicaPromotionBase):
raiseonerr=False) raiseonerr=False)
assert result.returncode == 1 assert result.returncode == 1
assert expected_err in result.stderr_text assert expected_err in result.stderr_text
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
@replicas_cleanup @replicas_cleanup
def test_one_command_installation(self): def test_one_command_installation(self):
@ -79,14 +80,15 @@ class TestReplicaPromotionLevel1(ReplicaPromotionBase):
http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan http://www.freeipa.org/page/V4/Replica_Promotion/Test_plan
#Test_case:_Replica_can_be_installed_using_one_command #Test_case:_Replica_can_be_installed_using_one_command
""" """
# Configure firewall first
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
self.replicas[0].run_command(['ipa-replica-install', '-w', self.replicas[0].run_command(['ipa-replica-install', '-w',
self.master.config.admin_password, self.master.config.admin_password,
'-n', self.master.domain.name, '-n', self.master.domain.name,
'-r', self.master.domain.realm, '-r', self.master.domain.realm,
'--server', self.master.hostname, '--server', self.master.hostname,
'-U']) '-U'])
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
# Ensure that pkinit is properly configured, test for 7566 # Ensure that pkinit is properly configured, test for 7566
result = self.replicas[0].run_command(['ipa-pkinit-manage', 'status']) result = self.replicas[0].run_command(['ipa-pkinit-manage', 'status'])
assert "PKINIT is enabled" in result.stdout_text assert "PKINIT is enabled" in result.stdout_text
@ -136,6 +138,9 @@ class TestUnprivilegedUserPermissions(IntegrationTest):
def test_replica_promotion_by_unprivileged_user(self): def test_replica_promotion_by_unprivileged_user(self):
replica = self.replicas[0] replica = self.replicas[0]
tasks.install_client(self.master, replica) tasks.install_client(self.master, replica)
# Configure firewall first
Firewall(replica).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
result2 = replica.run_command(['ipa-replica-install', result2 = replica.run_command(['ipa-replica-install',
'-P', self.username, '-P', self.username,
'-p', self.new_password, '-p', self.new_password,
@ -149,14 +154,15 @@ class TestUnprivilegedUserPermissions(IntegrationTest):
self.master.run_command(['ipa', 'group-add-member', 'admins', self.master.run_command(['ipa', 'group-add-member', 'admins',
'--users=%s' % self.username]) '--users=%s' % self.username])
# Configure firewall first
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
self.replicas[0].run_command(['ipa-replica-install', self.replicas[0].run_command(['ipa-replica-install',
'-P', self.username, '-P', self.username,
'-p', self.new_password, '-p', self.new_password,
'-n', self.master.domain.name, '-n', self.master.domain.name,
'-r', self.master.domain.realm, '-r', self.master.domain.realm,
'-U']) '-U'])
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
class TestProhibitReplicaUninstallation(IntegrationTest): class TestProhibitReplicaUninstallation(IntegrationTest):
@ -212,6 +218,9 @@ class TestWrongClientDomain(IntegrationTest):
'-w', self.master.config.admin_password, '-w', self.master.config.admin_password,
'--server', self.master.hostname, '--server', self.master.hostname,
'--force-join']) '--force-join'])
# Configure firewall first
Firewall(client).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
result = client.run_command(['ipa-replica-install', '-U', '-w', result = client.run_command(['ipa-replica-install', '-U', '-w',
self.master.config.dirman_password], self.master.config.dirman_password],
raiseonerr=False) raiseonerr=False)
@ -230,6 +239,9 @@ class TestWrongClientDomain(IntegrationTest):
'--force-join'], raiseonerr=False) '--force-join'], raiseonerr=False)
assert(result.returncode == 0), ( assert(result.returncode == 0), (
'Failed to setup client with the upcase domain name') 'Failed to setup client with the upcase domain name')
# Configure firewall first
Firewall(self.replicas[0]).enable_services(["freeipa-ldap",
"freeipa-ldaps"])
result1 = client.run_command(['ipa-replica-install', '-U', '-w', result1 = client.run_command(['ipa-replica-install', '-U', '-w',
self.master.config.dirman_password], self.master.config.dirman_password],
raiseonerr=False) raiseonerr=False)