forked from sig_core/toolkit
fix up IPA portion
This commit is contained in:
parent
1acca22141
commit
1d710a6d42
@ -19,28 +19,37 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Test adding a user"
|
||||
userDetails="$(ipa user-add --first=test --last=user --random ipatestuser)"
|
||||
echo "$userDetails" | grep -q 'Added user "ipatestuser"'
|
||||
r_checkExitStatus $?
|
||||
ipa user-add --first=test --last=user --random ipatestuser > /tmp/ipatestuser
|
||||
grep -q 'Added user "ipatestuser"' /tmp/ipatestuser
|
||||
|
||||
echo "$userDetails" | grep -q 'First name: test'
|
||||
ret_val=$?
|
||||
if [ "$ret_val" -ne 0 ]; then
|
||||
r_log "ipa" "User was not created, this is considered fatal"
|
||||
r_checkExitStatus 1
|
||||
exit 1
|
||||
fi
|
||||
|
||||
sed -i 's|^ ||g' /tmp/ipatestuser
|
||||
grep -q 'First name: test' /tmp/ipatestuser
|
||||
r_checkExitStatus $?
|
||||
echo "$userDetails" | grep -q 'Last name: user'
|
||||
grep -q 'Last name: user' /tmp/ipatestuser
|
||||
r_checkExitStatus $?
|
||||
echo "$userDetails" | grep -q 'Full name: test user'
|
||||
grep -q 'Full name: test user' /tmp/ipatestuser
|
||||
r_checkExitStatus $?
|
||||
echo "$userDetails" | grep -q 'Home directory: /home/ipatestuser'
|
||||
grep -q 'Home directory: /home/ipatestuser' /tmp/ipatestuser
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Changing password of the user"
|
||||
kdestroy &> /dev/null
|
||||
userPassword="$(awk '/Random password/ { print $3 }' /tmp/ipatestuser)"
|
||||
/bin/rm /tmp/ipatestuser
|
||||
|
||||
expect -f - <<EOF
|
||||
set send_human {.1 .3 1 .05 2}
|
||||
spawn kinit ipatestuser
|
||||
sleep 1
|
||||
expect "Password for ipatestuser@RLIPA.LOCAL: "
|
||||
send -h -- "$(echo "$userDetails" | awk '$0 ~ /Random password/ {print $3}')\r"
|
||||
send -h -- "$(echo "$userPassword")\r"
|
||||
sleep 1
|
||||
expect "Enter new password: "
|
||||
send -h -- "gr@YAm3thy5st!\r"
|
||||
|
@ -19,15 +19,15 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Adding test service"
|
||||
ipa service-add testservice/rltest.rlipa.local &> /dev/null
|
||||
ipa service-add testservice/onyxtest.rlipa.local &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Getting keytab for service"
|
||||
ipa-getkeytab -s rltest.rlipa.local -p testservice/rltest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
|
||||
ipa-getkeytab -s onyxtest.rlipa.local -p testservice/onyxtest.rlipa.local -k /tmp/testservice.keytab &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Getting a certificate for service"
|
||||
ipa-getcert request -K testservice/rltest.rlipa.local -D rltest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
|
||||
ipa-getcert request -K testservice/onyxtest.rlipa.local -D onyxtest.rlipa.local -f /etc/pki/tls/certs/testservice.crt -k /etc/pki/tls/private/testservice.key &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
while true; do
|
||||
@ -49,7 +49,7 @@ while ! stat /etc/pki/tls/certs/testservice.crt &> /dev/null; do
|
||||
done
|
||||
|
||||
r_log "ipa" "Verifying keytab"
|
||||
klist -k /tmp/testservice.keytab | grep "testservice/rltest.rlipa.local" &> /dev/null
|
||||
klist -k /tmp/testservice.keytab | grep "testservice/onyxtest.rlipa.local" &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Verifying key matches the certificate"
|
||||
|
@ -19,7 +19,7 @@ klist | grep "admin@RLIPA.LOCAL" &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Adding testzone subdomain"
|
||||
ipa dnszone-add --name-server=rltest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
|
||||
ipa dnszone-add --name-server=onyxtest.rlipa.local. --admin-email=hostmaster.testzone.rlipa.local. testzone.rlipa.local &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
sleep 5
|
||||
|
||||
@ -28,7 +28,7 @@ dig @localhost SOA testzone.rlipa.local | grep -q "status: NOERROR" &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Adding a CNAME record to the primary domain"
|
||||
ipa dnsrecord-add rlipa.local testrecord --cname-hostname=rltest &> /dev/null
|
||||
ipa dnsrecord-add rlipa.local testrecord --cname-hostname=onyxtest &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
sleep 5
|
||||
|
||||
@ -37,7 +37,7 @@ dig @localhost CNAME testrecord.rlipa.local | grep -q "status: NOERROR" &> /dev/
|
||||
r_checkExitStatus $?
|
||||
|
||||
r_log "ipa" "Adding a CNAME to subdomain"
|
||||
ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=rltest.rlipa.local. &> /dev/null
|
||||
ipa dnsrecord-add testzone.rlipa.local testrecord --cname-hostname=onyxtest.rlipa.local. &> /dev/null
|
||||
r_checkExitStatus $?
|
||||
sleep 5
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user