__cmp__ and cmp were removed from Python 3.
Reviewed-By: David Kupka <dkupka@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
For the duration of the test, makes resolv.conf unmanaged.
If NetworkManager is not running, nothing is changed.
https://fedorahosted.org/freeipa/ticket/5331
Reviewed-By: Martin Basti <mbasti@redhat.com>
In FreeIPA CI-tests the install_master task automatically performs kinit after
successfull installation. This may break some backup/restore tests which
perform backup into previously installed IPA master. In this case it is
neccessary to re-kinit after restore.
https://fedorahosted.org/freeipa/ticket/5326
Reviewed-By: Martin Basti <mbasti@redhat.com>
In beaker lab the situation when master and replica have ip addresses from
different subnets is quite frequent. When a replica has ip from different
subnet than master's, ipa-replica-prepare looks up a proper reverse zone to
add a pointer record, and if it does not find it, it asks a user for permission
to create it automatically. It breaks the tests adding the unexpected input.
The workaround is to always create a reverse zone for a new replica.
Corresponding ticket is https://fedorahosted.org/freeipa/ticket/5306
Reviewed-By: Petr Spacek <pspacek@redhat.com>
Reviewed-By: Martin Basti <mbasti@redhat.com>
StandardError was removed in Python3 and instead
Exception should be used.
Signed-off-by: Robert Kuska <rkuska@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
The six way of doing this is to replace all occurences of "unicode"
with "six.text_type". However, "unicode" is non-ambiguous and
(arguably) easier to read. Also, using it makes the patches smaller,
which should help with backporting.
Reviewed-By: Petr Viktorin <pviktori@redhat.com>
Since IPA 4.2 has an additional permission
"Request Certificate ignoring CA ACLs", the number of legacy
permission in testcase is updated from 8 to 9.
https://fedorahosted.org/freeipa/ticket/5264
Signed off-by: Abhijeet Kasurde <akasurde@redhat.com>
Reviewed-By: Tomas Babej <tbabej@redhat.com>
In Python 3, zip() returns an iterator. To get a list, it must
be explicitly converted.
In most cases, zip() result is iterated over so this is not
necessary.
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
In Python 3, range() behaves like the old xrange().
The difference between range() and xrange() is usually not significant,
especially if the whole result is iterated over.
Convert xrange() usage to range() for small ranges.
Use modern idioms in a few other uses of range().
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
In Python 3, `print` is no longer a statement. Call it as a function
everywhere, and include the future import to remove the statement
in Python 2 code as well.
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
In Python 2, map() returns a list; in Python 3 it returns an iterator.
Replace all uses by list comprehensions, generators, or for loops,
as required.
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
In Python 3, filter() returns an iterator.
Use list comprehensions instead.
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Python 2 has keys()/values()/items(), which return lists,
iterkeys()/itervalues()/iteritems(), which return iterators,
and viewkeys()/viewvalues()/viewitems() which return views.
Python 3 has only keys()/values()/items(), which return views.
To get iterators, one can use iter() or a for loop/comprehension;
for lists there's the list() constructor.
When iterating through the entire dict, without modifying the dict,
the difference between Python 2's items() and iteritems() is
negligible, especially on small dicts (the main overhead is
extra memory, not CPU time). In the interest of simpler code,
this patch changes many instances of iteritems() to items(),
iterkeys() to keys() etc.
In other cases, helpers like six.itervalues are used.
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
python-krbV library is deprecated and doesn't work with python 3. Replacing all
it's usages with python-gssapi.
- Removed Backend.krb and KRB5_CCache classes
They were wrappers around krbV classes that cannot really work without them
- Added few utility functions for querying GSSAPI credentials
in krb_utils module. They provide replacements for KRB5_CCache.
- Merged two kinit_keytab functions
- Changed ldap plugin connection defaults to match ipaldap
- Unified getting default realm
Using api.env.realm instead of krbV call
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Reviewed-By: Robbie Harwood <rharwood@redhat.com>
Reviewed-By: Simo Sorce <ssorce@redhat.com>
The vault-mod command has been modified to support changing vault
encryption attributes (i.e. type, password, public/private keys)
in addition to normal attributes (i.e. description). Changing the
encryption requires retrieving the stored secret with the old
attributes and rearchiving it with the new attributes.
https://fedorahosted.org/freeipa/ticket/5176
Reviewed-By: Martin Basti <mbasti@redhat.com>
The issue reported in ticket [1] hasn't been solved yet.
This patch prevents the test cases for OTP import being run.
The change is intended as a *temporary* workaround until
proper fix for the issue is introduced.
[1] https://fedorahosted.org/freeipa/ticket/5192
Reviewed-By: Martin Basti <mbasti@redhat.com>
The deprecated has_key method will be removed from dicts in Python 3.
For custom dict-like classes, has_key() is kept on Python 2,
but disabled for Python 3.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
Python 3 uses double-underscored names for internal function attributes.
In Python 2.7, these names exist as aliases to the old 'func_*' and
'im_*' names.
Reviewed-By: Tomas Babej <tbabej@redhat.com>
These tests excercise various scenarios when using new class of API commands
to add or remove certificates to user/service/host entries.
Part of http://www.freeipa.org/page/V4/User_Certificates
Reviewed-By: Milan Kubík <mkubik@redhat.com>
Some of the IPA LDAP entries are using ipaUniqueID as
the "primary key". To match this UUID based attribute
in assert_deepequal, an instance of Fuzzy class must
be used. This change adds the possibility to assign
the Fuzzy object as the DN for the tracked entry.
The user may need to override the rdn and name
properties for the class using the Fuzzy DN.
Reviewed-By: Lenka Doudova <ldoudova@redhat.com>
Use Python-3 compatible syntax, without breaking compatibility with py 2.7
- Octals literals start with 0o to prevent confusion
- The "L" at the end of large int literals is not required as they use
long on Python 2 automatically.
- Using 'int' instead of 'long' for small numbers is OK in all cases except
strict type checking checking, e.g. type(0).
https://fedorahosted.org/freeipa/ticket/4985
Reviewed-By: Jan Cholasta <jcholast@redhat.com>
Old certificates of the services are no longer removed and revoked
after new ones have been issued.
Check that both old and new certificates are present.
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
Both context.xmlclient and context.xmlclient_<id> need to be created
in order to successfully call the Command.forward method.
Reviewed-By: Martin Basti <mbasti@redhat.com>
In the previous versions, version in the response was generated
as part of the process_keyword_arguments method. This is no longer true,
and so the explicit check for it should be removed.
Reviewed-By: Martin Basti <mbasti@redhat.com>
The realmdomains_mod command will fail if the testing environment
is configured improperly and the IPA domain's NS/SOA records are
not resolvable. This can easily happen if the machine's DNS server
is not configured to the IPA server.
Leave a explanatory note in the class.
Reviewed-By: Martin Basti <mbasti@redhat.com>
