File: 1672

package info (click to toggle)
pcp 7.0.5-1
  • links: PTS
  • area: main
  • in suites: forky, sid
  • size: 252,916 kB
  • sloc: ansic: 1,478,844; sh: 177,285; xml: 160,462; cpp: 83,809; python: 24,349; perl: 18,303; yacc: 6,877; lex: 2,864; makefile: 2,694; awk: 165; fortran: 60; java: 52
file content (140 lines) | stat: -rwxr-xr-x 4,216 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
 
#!/bin/sh
# PCP QA Test No. 1672
# Exercise different SASL auth methods using a custom sasldb.
#
# Copyright (c) 2020 Red Hat.
#
# NOTE
#	This test is likely to fail unless a domainname can be
#	found for the host.  For example, when hostname was vm23
#	it failed, but when hostname was set (via /etc/hostname in
#	this case) to vm23.localdomain the test passes.  The test
#	is also known to pass with a domainname(1) explicitly set.

seq=`basename $0`
echo "QA output created by $seq"

. ./common.secure

_get_libpcp_config
$authentication || _notrun "No authentication support available"

sasl_notrun_checks saslpasswd2 sasldblistusers2

$pluginviewer -a | grep 'Plugin "sasldb"' >/dev/null
test $? -eq 0 || _notrun "SASL sasldb auxprop plugin unavailable"

mechanisms="plain login scram-sha-256"
for mech in $mechanisms
do
    case $mech
    in
	scram-*)	# special, we need SCRAM-SHA-256 not SCRAM-SHA-1
		$pluginviewer -c | grep 'SCRAM-SHA-256' >/dev/null 2>&1
		test $? -eq 0 || _notrun "No client support for $mech authentication"
		$pluginviewer -s | grep 'SCRAM-SHA-256' >/dev/null 2>&1
		test $? -eq 0 || _notrun "No server support for $mech authentication"
		;;
	*)
		$pluginviewer -c | grep 'Plugin "'$mech'"' >/dev/null 2>&1
		test $? -eq 0 || _notrun "No client support for $mech authentication"
		$pluginviewer -s | grep 'Plugin "'$mech'"' >/dev/null 2>&1
		test $? -eq 0 || _notrun "No server support for $mech authentication"
		;;
    esac
done

_cleanup()
{
    # restore any modified pmcd configuration files
    _restore_config $PCP_SASLCONF_DIR/pmcd.conf

    _service pmcd restart 2>&1 | _filter_pcp_restart
    _wait_for_pmcd
    _service pmlogger restart 2>&1 | _filter_pcp_restart
    _wait_for_pmlogger

    $sudo rm -rf $tmp.*
}

status=1	# failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15

hostname=`hostname`
echo "hostname -> $hostname" >>$seq_full
if which domainname >/dev/null 2>&1
then
    domainname=`domainname`
elif which dnsdomainname >/dev/null 2>&1
then
    domainname=`dnsdomainname`
else
    domainname=''
fi
echo "domainname -> $domainname" >>$seq_full

echo "hostname -f -> `hostname -f`" >>$seq_full
if [ -n "$domainname" ]
then
    :
elif echo "$hostname" | grep '\.' >/dev/null
then
    :
else
    _notrun "hostname -> $hostname, no domain name available"
fi

_filter_listusers2()
{
    sed \
        -e "s/^$username/USER/" \
        -e "s/@$hostname:/@HOST:/"
}

# real QA test starts here
_save_config $PCP_SASLCONF_DIR/pmcd.conf
echo "mech_list: $mechanisms" >$tmp.sasl
echo "sasldb_path: $tmp.passwd.db" >>$tmp.sasl
$sudo cp $tmp.sasl $PCP_SASLCONF_DIR/pmcd.conf
$sudo chown $PCP_USER:$PCP_GROUP $PCP_SASLCONF_DIR/pmcd.conf
ls -l $PCP_SASLCONF_DIR/pmcd.conf >>$seq_full
$sudo -u $PCP_USER cat $PCP_SASLCONF_DIR/pmcd.conf >>$seq_full

echo "Creating temporary sasldb, add user running QA to it" | tee -a $seq_full
echo y | saslpasswd2 -p -a pmcd -f $tmp.passwd.db $username

echo "Verify saslpasswd2 has successfully added a new user" | tee -a $seq_full
sasldblistusers2 -f $tmp.passwd.db \
| tee -a $seq_full \
| _filter_listusers2

echo "Ensure pmcd can read the password file" | tee -a $seq_full
$sudo chown $PCP_USER:$PCP_GROUP $tmp.passwd.db
ls -l $tmp.passwd.db >>$seq_full
$sudo -u $PCP_USER od -c $tmp.passwd.db >>$seq_full

echo "Start pmcd with this shiny new sasldb"
if ! _service pmcd restart 2>&1; then _exit 1; fi \
| _filter_pcp_restart
_wait_for_pmcd || _exit 1
if ! _service pmlogger restart 2>&1; then _exit 1; fi \
| _filter_pcp_restart
_wait_for_pmlogger || _exit 1

for method in $mechanisms
do
    echo
    echo "=== method: ${method}, authentication with invalid password ===" | tee -a $seq_full
    pminfo -f -h "pcp://localhost?method=${method}&username=${username}&password=n" pmcd.feature.authentication 2>&1 | tee -a $seq_full \
    | grep 'Authentication - ' | grep -E -q "authentication failure|Cannot connect"
    test $? -eq 0 && echo "authentication failure"

    echo
    echo "=== method: ${method}, authentication with correct password ===" | tee -a $seq_full
    pminfo -f -h "pcp://localhost?method=${method}&username=${username}&password=y" pmcd.feature.authentication
done


# success, all done
status=0
exit