sssd test library doc

sssd.testlib.common.qe_class

class sssd.testlib.common.qe_class.QeBaseHost(domain, hostname, role, ip=None, external_hostname=None, username=None, password=None, test_dir=None, host_type=None)

QeBaseHost subclass of multhost plugin BaseHost class.

Attributes

config The Config that this Host is a part of
transport Provides means to manipulate files & run processs on the remote host

Methods

add_log_collector(collector) Register a log collector for this host
collect_log(filename) Call all registered log collectors on the given filename
from_dict(dct, domain) Load this Host from a dict
get_file_contents(filename[, encoding]) Shortcut for transport.get_file_contents
put_file_contents(filename, contents) Shortcut for transport.put_file_contents
remove_log_collector(collector) Unregister a log collector
reset_connection() Reset the connection
run_command(argv[, set_env, stdin_text, ...]) Run the given command on this host
to_dict() Export info about this Host to a dict
transport_class alias of ParamikoTransport
class sssd.testlib.common.qe_class.QeConfig(**kwargs)

QeConfig subclass of multihost plugin to extend functionality.

Methods

filter(descriptions) Destructively filters hosts and orders domains to fit description
from_dict(dct) Load a Config object from a dict
get_domain_class() return custom domain class.
get_logger(name) Override get_logger to set logging level.
host_by_name(name) Get a host from any domain by name
to_dict([_autosave_names]) Save this Config object to a dict compatible with from_dict
__init__(**kwargs)
get_domain_class()

return custom domain class.

This is needed to fully extend the config for custom multihost plugin extensions.

Args:
None
Returns:
None
get_logger(name)

Override get_logger to set logging level.

Args:
name (str): Name of the logger
Returns:
log (obj): Logger object
class sssd.testlib.common.qe_class.QeDomain(config, name, domain_type)

QeDomain subclass of multihost plugin domain class.

Attributes

extra_roles Roles of this Domain’s hosts that aren’t included in static_roles
roles All the roles of the hosts in this domain
static_roles Roles typical for this domain type

Methods

filter(host_counts) Destructively filter hosts in this domain
fits(description) Return True if the this fits the description
from_dict(dct, config) Load this Domain from a dict
get_host_class(host_dict)
host_by_name(name) Return a host with the given name
host_by_role(role) Return the first host of the given role
hosts_by_role(role) Return all hosts of the given role
to_dict() Export this Domain from a dict

Subclass of pytest_multihost.config.Domain

Parameters:
  • config (obj) – config config
  • name (str) – Name
  • domain_type (str) –
Return None:

Attributes

extra_roles Roles of this Domain’s hosts that aren’t included in static_roles
roles All the roles of the hosts in this domain
static_roles Roles typical for this domain type

Methods

filter(host_counts) Destructively filter hosts in this domain
fits(description) Return True if the this fits the description
from_dict(dct, config) Load this Domain from a dict
get_host_class(host_dict)
host_by_name(name) Return a host with the given name
host_by_role(role) Return the first host of the given role
hosts_by_role(role) Return all hosts of the given role
to_dict() Export this Domain from a dict
__init__(config, name, domain_type)

Subclass of pytest_multihost.config.Domain

Parameters:
  • config (obj) – config config
  • name (str) – Name
  • domain_type (str) –
Return None:
class sssd.testlib.common.qe_class.QeHost(domain, hostname, role, ip=None, external_hostname=None, username=None, password=None, test_dir=None, host_type=None)

QeHost subclass of multihost plugin host class.

This extends functionality of the host class for SSSD QE purposes. Here we add support functions that will be very widely used across tests and must be run on any or all hosts in the environment.

Attributes

config The Config that this Host is a part of
distro Get contents of /etc/redhat-release
sys_hostname Get system hostname
transport Provides means to manipulate files & run processs on the remote host

Methods

add_log_collector(collector) Register a log collector for this host
collect_log(filename) Call all registered log collectors on the given filename
dnf_install(package) Install packges through dnf
dnf_uninstall(package) Uninstall packages through dnf
from_dict(dct, domain) Load this Host from a dict
get_file_contents(filename[, encoding]) Shortcut for transport.get_file_contents
put_file_contents(filename, contents) Shortcut for transport.put_file_contents
remove_log_collector(collector) Unregister a log collector
reset_connection() Reset the connection
run_command(argv[, set_env, stdin_text, ...]) Run the given command on this host
service_sssd(action) Start/stop/restart sssd service based on RHEL Version
to_dict() Export info about this Host to a dict
transport_class alias of ParamikoTransport
yum_install(package) Install packages through yum
yum_uninstall(package) Uninstall packages through yum
distro

Get contents of /etc/redhat-release

Parameters:None
Return str:contents of /etc/redhat-release
dnf_install(package)

Install packges through dnf

Parameters:package (str) – Name of the package to be installed
Return str:Returncode of the dnf command
Exception:None
dnf_uninstall(package)

Uninstall packages through dnf :param str package: Name of the package to be uninstalled :return str: Return code of the dnf remove command :Exception: None

service_sssd(action)

Start/stop/restart sssd service based on RHEL Version

Parameters:action (str) – Action to be performed (start/stop/restart)
Returns:str Return code of the systemctl/service command

:Exception Raises exception

sys_hostname

Get system hostname

Args:
None
Returns:
str: System hostname
yum_install(package)

Install packages through yum

Parameters:package (str) – Name of the package to be installed
Return str:Returncode of the yum command
Exception:None
yum_uninstall(package)

Uninstall packages through yum :param str package: Name of the package to be uninstalled :return str: Return code of the yum remove command :Exception: None

class sssd.testlib.common.qe_class.QeWinHost(domain, hostname, role, **kwargs)

Windows Host class

Subclass of pytest_multihost.host.WinHost, QeBaseHost Functions defined provide extra attributes when using Windows AD

Attributes:
domainname (str): Return domainname of the AD Machine realm (str): Return AD realm in uppper case

Attributes

config The Config that this Host is a part of
domain_basedn_entry Return base DN Entry of the
domainname Return Domain name
realm Return AD Realm
transport Provides means to manipulate files & run processs on the remote host

Methods

add_log_collector(collector) Register a log collector for this host
collect_log(filename) Call all registered log collectors on the given filename
from_dict(dct, domain) Load this Host from a dict
get_file_contents(filename[, encoding]) Shortcut for transport.get_file_contents
put_file_contents(filename, contents) Shortcut for transport.put_file_contents
remove_log_collector(collector) Unregister a log collector
reset_connection() Reset the connection
run_command(argv[, set_env, stdin_text, ...]) Run the given command on this host
to_dict() Export info about this Host to a dict
transport_class alias of ParamikoTransport
domain_basedn_entry

Return base DN Entry of the

domainname

Return Domain name

realm

Return AD Realm

sssd.testlib.common.qe_class.session_multihost(request)

Mulithost plugin fixture for session scope

sssd.testlib.common.authconfig

class sssd.testlib.common.authconfig.RedHatAuthConfig(host)

AuthConfig class implements system-independent interface to configure system authentication resources. In Red Hat systems this is done with authconfig(8) utility.

AuthConfig class is nothing more than a tool to gather configuration options and execute their processing. These options then converted by an actual implementation to series of a system calls to appropriate utilities performing real configuration.

If you need to re-use existing AuthConfig instance for multiple runs, make sure to call ‘AuthConfig.reset()’ between the runs.

Methods

add_option(option)
add_parameter(option, value)
backup(path)
build_args()
disable(option)
enable(option)
execute([update])
reset()
restore(path)
__init__(host)

sssd.testlib.common.utils

This module defines classes regarding sssd tools, AD Operations and LDAP Operations

class sssd.testlib.common.utils.ADOperations(ad_host)

ADOperations class consists of methods related to managing AD User With Unix properties.

Methods

ad_conn() Create a LDAP Connection with AD
add_user_member_of_group(group, user) Add user member of a group
create_ad_unix_group(groupname) Create AD Group with UNIX Attributes
create_ad_unix_user_group(username, groupname) Create a AD User with Unix Attributes
delete_ad_user_group(user_group) Delete AD user
remove_user_from_group(group, user) Remove User from Group membership
__init__(ad_host)
ad_conn()

Create a LDAP Connection with AD

:param None :Return obj: Object of LdapOperations :Exceptions: None

add_user_member_of_group(group, user)

Add user member of a group

Parameters:
  • group (str) – Name of Windows AD Group
  • user (str) – Name of Windows AD user
Return bool:

True if user is added as member to group

Exceptions:

None

create_ad_unix_group(groupname)

Create AD Group with UNIX Attributes

Parameters:groupname (str) – Windows AD Group name

:Return bool : True if AD group was created with Unix Attributes :Exceptions: None

create_ad_unix_user_group(username, groupname, password='Secret123')

Create a AD User with Unix Attributes

Parameters:
  • username (str) – AD User Name
  • groupname (str) – AD Group Name
  • password (str) – User password (default: Secret123)
Return bool:

if user/group added correctly return True else False

Exceptions:

False

delete_ad_user_group(user_group)

Delete AD user

Parameters:user_group (str) – User or Group Name to be deleted
Return bool:True if delete is successfull else false
Exceptions:None
remove_user_from_group(group, user)

Remove User from Group membership

Parameters:
  • group (str) – Name of Windows AD Group
  • user (str) – Name of Windows AD user
Return bool:

True if user is removed from group else False

Exceptions:

None

class sssd.testlib.common.utils.LdapOperations(uri, binddn, bindpw)

LDapOperations consists of functions related to ldap operations, like adding entry, adding a DN, modifying DN, search entries.

Attributes:
uri(str): ldap server uri(ldap(s):///<hostname/ipaddress> binddn(str): Binddn required to bind bindpw(str): Bind password conn: ldap bind object (already initialized)

Methods

add_entry(entry, ldap_dn) Add an entry to ldap server
bind() Bind to ldap server
del_dn(ldap_dn) Delete dn
enable_autofs_schema(basedn) Enable autofs schema
modify_ldap(ldap_dn, modify_list) Modify ldap dn
search(basedn, criteria, attributes[, scope]) Search ldap server and return results
__init__(uri, binddn, bindpw)
add_entry(entry, ldap_dn)

Add an entry to ldap server :param dict entry: attributes/objectclass to be added to dn :param str dn: Entry dn to be added

bind()

Bind to ldap server :param: None :return: None :Exceptions: None

del_dn(ldap_dn)

Delete dn

enable_autofs_schema(basedn)

Enable autofs schema

Parameters:basedn (str) – base dn of the ldap server
Returns:None
Exceptions:None
modify_ldap(ldap_dn, modify_list)

Modify ldap dn

search(basedn, criteria, attributes, scope=2)

Search ldap server and return results

Parameters:
  • base (str) – basedn of ldap server
  • criteria (str) – Search criteria(ex: “(&(objectClass=user)(sAMAccountName=Administrator))”
  • attributes (str) – Attributes to be returned in the result

:scope obj : scope to be used when search default: ldap.SCOPE_SUBTREE :return tuple: Success/Fail, bool(True,False)

class sssd.testlib.common.utils.PkiTools(nssdir=None, nssdir_pwd=None)

PkiTools consists of functions related to creation of certificate requests, updating profile xml with certificate requests.

Methods

create_nssdb() Create a NSS Database on a temporary Directory
createselfsignedcerts(serverlist[, ca_dn, ...]) Creates a NSS DB in /tmp/nssDirxxxx where self signed Root CA and Server Certs
execute(args[, stdin, capture_output, ...]) Execute a command and return stdout, stderr and return code
generate_pkcs10(subject_dn[, keysize, ...]) Generate certificate request of type pkcs10.
generate_subject_dn(inputs) Generate Subject DN based on the inputs provided
strip_header(csr) Strip headers from certificate request
__init__(nssdir=None, nssdir_pwd=None)
create_nssdb()

Create a NSS Database on a temporary Directory

return:

str nssdb: path of the NSS DB Directory

classmethod createselfsignedcerts(serverlist, ca_dn=None, passphrase='Secret123', canickname='Example CA')

Creates a NSS DB in /tmp/nssDirxxxx where self signed Root CA and Server Certs are created

Parameters:
  • CA_DN (str) – Distinguished Name for CA Cert
  • Server_DN (str) – Distinguished Name for Server Cert
execute(args, stdin=None, capture_output=True, raiseonerr=False, env=None, cwd=None)

Execute a command and return stdout, stderr and return code

Parameters:
  • args (str) – List of arguments for the command
  • stdin (str) – Optional input
  • capture_output (bool) – Capture output of the command (default True)
  • raiseonerr (bool) – Raise exception if command fails
  • env (str) – Environment variables to be set before the command is run
  • cwd (str) – Current working Directory
Return stdout, stderr and returncode:
 

if command return code is 0

Exception:

raises exception if raiseonerr is True

generate_pkcs10(subject_dn, keysize='2048', keyalgo='rsa', nssdb_dir=None, nssdb_pwd=None)

Generate certificate request of type pkcs10.

Parameters:
  • nssdb_dir (str) – Directory containing NSS Db
  • nssdb_pwd (str) – NSS DB password
  • subject_dn (str) – subject DN for which the certificate request should be generated
  • output_file (str) – path of the output file where certificate request should be stored
  • keysize (str) – size of the rsa keys (default 2048)
  • keyalgo (str) – Algorithm to be used to generate key pair (default ‘rsa’)
Return str csr:

Certificate request stripped with headers

generate_subject_dn(inputs)

Generate Subject DN based on the inputs provided

Parameters:inputs (dict) – Dictionary containing inputs to create a subject DN {CN:’Server1.example.org’, ‘E’:’root@localhost’, ‘OU’:’IDM QE’,Country:’US’}
Return str subject:
 returns subject in x.500 DN format
strip_header(csr)

Strip headers from certificate request

Parameters:csr (str) – Certificate request with headers
Return str stripped_csr:
 Certificate request with stripped headers
class sssd.testlib.common.utils.sssdTools(Host)

Collection of assorted functions which is used in fixtures

Attributes:
Host(obj: Multihost object type): Multihost Object authbackup(str): Backup directory of authconfig

Methods

config_authconfig(hostname, domainname) Run authconfig to configure kerberos and sssd auth on remote host
config_smb_net_ads_join(domainname) Configure smb.conf as Domain Member to Windows AD
delete_sssd_domain_log(domainname) Remove the sssd domain log
export_nfs_fs(path_list, nfs_client) Add local file systems directories to /etc/exports
get_ad_user_info(username, ad_host) Get the ad user information through ‘net ads dn’ command
realm_join(domainname, client_software, ...) Join system to AD/IPA Domain using realm
realm_leave(domainname) Leave system from AD/IPA Domain
remove_sss_cache(cache_path) Remove the sssd cache
restore_authconfig() Restore the default authconfig
update_resolv_conf(ip_addr) Update /etc/resolv.conf with Windows AD ipaddress
__init__(Host)
config_authconfig(hostname, domainname)

Run authconfig to configure kerberos and sssd auth on remote host

Parameters:
  • hostname (str) – Hostname of server(AD) to which client is configured to auth
  • domainame – Domain name of ipa/AD
Returns:

None

Exceptions:

None

config_smb_net_ads_join(domainname)

Configure smb.conf as Domain Member to Windows AD :param str domainname: Domainname of AD/ipa :return: None :Exception: None

delete_sssd_domain_log(domainname)

Remove the sssd domain log

Parameters:cache_path (str) – Domainname from default configuration file
Return bool:True if deletion is successful
Exception:Raises exception(builtin)
export_nfs_fs(path_list, nfs_client)

Add local file systems directories to /etc/exports

Todo: We are not checking if the directories added to /etc/exports already exist.

param str path_list:
 list of directories to be created
param str nfs_client:
 hostname/ip-address of nfs client
return bool:True if successfully added values in /etc/exports
Exception:Raises exception(builtin) if not successfully added
get_ad_user_info(username, ad_host)

Get the ad user information through ‘net ads dn’ command

Parameters:
  • username (str) – The name of ad user
  • ad_host (str) – Host of active directory
Return bool:

True is command is successful

Returns:

output of command

Exception:

Raises exception(builtin)

realm_join(domainname, client_software, admin_password)

Join system to AD/IPA Domain using realm :param str domainame: Domainname of AD/ipa :param str client_software: client software to be used (sssd/samba) :param str admin_password: Administrator password required to join :return bool: True if successfully joined to AD/ipa else raises Exception :Exception: Raises exception(builtin)

realm_leave(domainname)

Leave system from AD/IPA Domain

Parameters:domainame (str) – Domainname of AD/ipa
Return bool:True if successfully dis-joined to AD/ipa else raises Exception
Exception:Raises exception(builtin)
remove_sss_cache(cache_path)

Remove the sssd cache :param str cache_path: The relative path of cache :return bool: True if deletion and mkdir is successful :Exception: Raises exception(builtin)

restore_authconfig()

Restore the default authconfig

update_resolv_conf(ip_addr)

Update /etc/resolv.conf with Windows AD ipaddress

Parameters:ip_addr (str) – IP Address to be added in resolv.conf
Returns:None
Exception:Raises exception of builtin type Exception

sssd.testlib.common.libdirsrv