[debian-edu-commits] debian-edu/ 01/01: Improve testsuite a bit. * Adjust dnsd testsuite check to not print an error if /var/mail/root do not yet exist. * Refactor ldap-client testsuite check to return an error code for every error, not just most of them.
Petter Reinholdtsen
pere at moszumanska.debian.org
Fri Sep 26 21:01:34 UTC 2014
This is an automated email from the git hooks/post-receive script.
pere pushed a commit to branch master
in repository debian-edu-config.
commit 9fc87750cffd08715bfa2d2745c145f71fa2fcbe
Author: Petter Reinholdtsen <pere at hungry.com>
Date: Fri Sep 26 23:01:30 2014 +0200
Improve testsuite a bit.
* Adjust dnsd testsuite check to not print an error if
/var/mail/root do not yet exist.
* Refactor ldap-client testsuite check to return an error code for
every error, not just most of them.
---
debian/changelog | 4 +++
testsuite/dnsd | 3 +-
testsuite/ldap-client | 92 +++++++++++++++++++++++----------------------------
3 files changed, 48 insertions(+), 51 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 8343f07..2ff0428 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -23,6 +23,10 @@ debian-edu-config (1.806) UNRELEASED; urgency=low
* Extend LTSP test to report error if no LTSP NFS mount point exist.
* Add new test testsuite/nfs-server checking if the NFS subsystem is
working.
+ * Adjust dnsd testsuite check to not print an error if
+ /var/mail/root do not yet exist.
+ * Refactor ldap-client testsuite check to return an error code for
+ every error, not just most of them.
-- Wolfgang Schweer <wschweer at arcor.de> Thu, 25 Sep 2014 23:56:27 +0200
diff --git a/testsuite/dnsd b/testsuite/dnsd
index 0441c66..408d810 100755
--- a/testsuite/dnsd
+++ b/testsuite/dnsd
@@ -127,7 +127,8 @@ for srv in \
fi
done
-if grep -q 'Reloading the zone .* was successful' /var/mail/root ; then
+if [ -e /var/mail/root ] && \
+ grep -q 'Reloading the zone .* was successful' /var/mail/root ; then
echo "error: $0: ldap2zone sending email every hour (BTS #653053)."
else
echo "success: $0: ldap2zone not sending email every hour (BTS #653053)."
diff --git a/testsuite/ldap-client b/testsuite/ldap-client
index 9af35ee..44cd882 100755
--- a/testsuite/ldap-client
+++ b/testsuite/ldap-client
@@ -8,6 +8,9 @@ export LC_ALL
. /usr/share/debian-edu-config/testsuite-lib.sh
+success() { echo "success: $0: $*" ; }
+error() { echo "error: $0: $*" ; RESULT=1; }
+
if test -r /etc/debian-edu/config ; then
. /etc/debian-edu/config
fi
@@ -31,10 +34,9 @@ ldap_server=$(echo $ldap_servers | awk '{print $1}')
# Test if LDAP server is reachable
if ping -c1 $ldap_server > /dev/null 2>&1 ; then
- echo "success: $0: Dynamically located LDAP server '$ldap_server' is pingable."
+ success "Dynamically located LDAP server '$ldap_server' is pingable."
else
- echo "error: $0: Dynamically located LDAP server '$ldap_server' is not pingable, continuing tests using DNS alias ldap."
- RESULT=1
+ error "Dynamically located LDAP server '$ldap_server' is not pingable, continuing tests using DNS alias ldap."
# Autodetection failed, use hardcoded DNS name for the rest of the tests
ldap_server=ldap.intern
fi
@@ -44,16 +46,15 @@ for file in nslcd.conf ; do
grep -v '^#' /etc/$file | grep -v '^$' | sort |
sed "s/^/info: $file: /"
else
- RESULT=1
- echo "error: $0: /etc/$file is missing."
+ error "/etc/$file is missing."
fi
done
# Verify that NSS is properly configured for netgroups in LDAP.
if egrep -q '^netgroup: +files *.* +(ldap|sss)$' /etc/nsswitch.conf ; then
- echo "success: $0: NSS netgroup setting is correct in /etc/nsswitch.conf"
+ success "NSS netgroup setting is correct in /etc/nsswitch.conf"
else
- echo "error: $0: NSS netgroup setting is wrong in /etc/nsswitch.conf"
+ error "NSS netgroup setting is wrong in /etc/nsswitch.conf"
fi
SERVICES="nslcd"
@@ -74,49 +75,42 @@ if [ -f /etc/ldap/ldap.conf ] ; then
if egrep -q "^HOST (ldap|$ldap_server)" /etc/ldap/ldap.conf ; then
:
else
- echo "error: $0: ldap/ldap.conf misses definition of HOST ldap"
- RESULT=1
+ error "ldap/ldap.conf misses definition of HOST ldap"
fi
else
- RESULT=1
- echo "error: $0: /etc/ldap/ldap.conf is missing."
+ error "/etc/ldap/ldap.conf is missing."
fi
# test netgroups
if ldap2netgroup $ldap_server | grep -q tjener ; then
- echo "success: $0: ldap2netgroup found 'tjener'"
+ success "ldap2netgroup found 'tjener'"
else
- echo "error: $0: unable to find 'tjener' in 'all-hosts' using ldap2netgroup."
- RESULT=1
+ error "unable to find 'tjener' in 'all-hosts' using ldap2netgroup."
fi
if netgroup all-hosts | grep -q tjener ; then
- echo "success: $0: netgroup found 'tjener'"
+ success "netgroup found 'tjener'"
else
- echo "error: $0: unable to find 'tjener' in 'all-hosts' using netgroup."
- RESULT=1
+ error "unable to find 'tjener' in 'all-hosts' using netgroup."
fi
if getent group students >/dev/null; then
- echo "success: $0: getent found file group 'students'."
+ success "getent found file group 'students'."
else
- echo "error: $0: getent failed to find file group 'students'."
- RESULT=1
+ error "getent failed to find file group 'students'."
fi
if getent passwd |grep -z home0; then
- echo "success: $0: getent found LDAP user (with home0 home)."
+ success "getent found LDAP user (with home0 home)."
else
- echo "error: $0: getent failed to find LDAP user (with home0 home)."
- RESULT=1
+ error "getent failed to find LDAP user (with home0 home)."
fi
for service in $SERVICES ; do
if /etc/init.d/$service status > /dev/null 2>&1; then
- echo "success: $0: $service service is operational."
+ success "$service service is operational."
else
- echo "error: $0: $service service is not operational."
- RESULT=1
+ error "$service service is not operational."
fi
done
@@ -137,8 +131,7 @@ if [ -x /usr/bin/ldapsearch ] ; then
echo info: $0: Mountpoints found in ldap: $LDAP_MOUNTS
for WANT_MOUNT in /skole tjener / ; do
if ! echo $LDAP_MOUNTS | grep -q $WANT_MOUNT ; then
- echo "error: $0: Missing $WANT_MOUNT mount point in ldap"
- RESULT=1
+ error "Missing $WANT_MOUNT mount point in ldap"
fi
done
@@ -146,16 +139,15 @@ if [ -x /usr/bin/ldapsearch ] ; then
group=admins
if ldapsearch -ZZ -LLL -h $ldap_server -b $namingContexts \
-x "(&(cn=$group)(objectclass=posixGroup))" >/dev/null 2>&1 ; then
- echo "success: $0: TLS search on $ldap_server for cn=$group returned OK exit code."
+ success "TLS search on $ldap_server for cn=$group returned OK exit code."
elif ldapsearch -ZZ -LLL -h ldap.intern -b $namingContexts \
-x "(&(cn=$group)(objectclass=posixGroup))" >/dev/null 2>&1 ; then
- echo "success: $0: TLS search on ldap.intern for cn=$group returned OK exit code."
+ success "TLS search on ldap.intern for cn=$group returned OK exit code."
else
- echo "error: $0: TLS search for cn=$group failed."
+ error "TLS search for cn=$group failed."
fi
else
- echo "error: $0: Missing /usr/bin/ldapsearch "
- RESULT=1
+ error "Missing /usr/bin/ldapsearch "
fi
pubcert=/etc/ldap/ssl/ldap-server-pubkey.pem
@@ -166,63 +158,63 @@ if [ -s $pubcert ] ; then
# Only compare the public part
if sed -n "$sedextract" < $privcert | \
diff - $pubcert ; then
- echo "success: $0: Saved LDAP certificate matches slapd certificate"
+ success "Saved LDAP certificate matches slapd certificate"
else
- echo "error: $0: Saved LDAP certificate do not matches slapd certificate"
+ error "Saved LDAP certificate do not matches slapd certificate"
fi
else
if echo | openssl s_client -connect $ldap_server:ldaps 2>/dev/null | \
sed -n "$sedextract" | diff - $pubcert ; then
- echo "success: $0: Fetched LDAP certificate matches slapd certificate"
+ success "Fetched LDAP certificate matches slapd certificate"
else
- echo "error: $0: Fetched LDAP certificate do not matches slapd certificate"
+ error "Fetched LDAP certificate do not matches slapd certificate"
fi
fi
else
- echo "error: $0: Missing LDAP certificate $pubcert"
+ error "Missing LDAP certificate $pubcert"
fi
if [ 1 -eq $(grep -v '^#' /etc/pam.d/common-auth | egrep 'pam_krb5.so|pam_ldap.so|pam_sss.so' | wc -l) ] ; then
- echo "success: $0: Only one PAM module of krb5, ldap and sss is enabled"
+ success "Only one PAM module of krb5, ldap and sss is enabled"
else
- echo "error: $0: Not only one PAM module of krb5, ldap and sss is enabled"
+ error "Not only one PAM module of krb5, ldap and sss is enabled"
fi
# Make sure winbind isn't installed
if deb_installed winbind ; then
- echo "error: $0: winbind is installed"
+ error "winbind is installed"
else
- echo "success: $0: winbind is not installed"
+ success "winbind is not installed"
fi
# Make sure winbind PAM module isn't active either
if grep -q pam_winbind.so /etc/pam.d/common-auth; then
- echo "error: $0: winbind PAM module is active"
+ error "winbind PAM module is active"
else
- echo "success: $0: winbind PAM module is not active"
+ success "winbind PAM module is not active"
fi
if [ -r /etc/ldap/ldap.conf ] ; then
if grep -q '^TLS_REQCERT never' /etc/ldap/ldap.conf ; then
- echo "error: $0: LDAP cert checking turned off in /etc/ldap/ldap.conf"
+ error "LDAP cert checking turned off in /etc/ldap/ldap.conf"
else
- echo "success: $0: LDAP cert checking not turned off in /etc/ldap/ldap.conf"
+ success "LDAP cert checking not turned off in /etc/ldap/ldap.conf"
fi
fi
if [ -r /etc/nslcd.conf ] ; then
if grep -q '^tls_reqcert never' /etc/nslcd.conf ; then
- echo "error: $0: LDAP cert checking turned off in /etc/nslcd.conf"
+ error "LDAP cert checking turned off in /etc/nslcd.conf"
else
- echo "success: $0: LDAP cert checking not turned off in /etc/nslcd.conf"
+ success "LDAP cert checking not turned off in /etc/nslcd.conf"
fi
fi
if [ -r /etc/sssd/sssd.conf ] ; then
if grep -q '^ldap_tls_reqcert never' /etc/sssd/sssd.conf ; then
- echo "error: $0: LDAP cert checking turned off in /etc/sssd/sssd.conf"
+ error "LDAP cert checking turned off in /etc/sssd/sssd.conf"
else
- echo "success: $0: LDAP cert checking not turned off in /etc/sssd/sssd.conf"
+ success "LDAP cert checking not turned off in /etc/sssd/sssd.conf"
fi
fi
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-edu/debian-edu-config.git
More information about the debian-edu-commits
mailing list