Use 'test.openqa.fedoraproject.org' not 'domain.local'
Using .local is apparently Bad Form because it's reserved for mDNS. However there doesn't appear to be any particularly Good Form for what to call a test domain you never want to exist outside of a closed system, apparently. Sigh. Let's try this. Includes a bump to disk_ks version because the kickstarts on that image also need to have this change applied. Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
parent
0de57180ee
commit
940848b628
@ -42,7 +42,7 @@ sub start_webui {
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1439429
|
||||
assert_script_run "sed -i -e 's,enable_xauth=1,enable_xauth=0,g' /usr/bin/startx";
|
||||
disable_firefox_studies;
|
||||
type_string "startx /usr/bin/firefox -width 1024 -height 768 https://ipa001.domain.local\n";
|
||||
type_string "startx /usr/bin/firefox -width 1024 -height 768 https://ipa001.test.openqa.fedoraproject.org\n";
|
||||
assert_screen ["freeipa_webui_login", $user_screen], 60;
|
||||
wait_still_screen(stilltime=>5, similarity_level=>45);
|
||||
# softfail on kerberos ticket bugs meaning we get auto-logged in
|
||||
|
@ -1140,7 +1140,7 @@
|
||||
},
|
||||
"settings": {
|
||||
"GRUB": "inst.ks=hd:vdb1:/root-user-crypted-net.ks",
|
||||
"HDD_2": "disk_ks_4.img",
|
||||
"HDD_2": "disk_ks_5.img",
|
||||
"KICKSTART": "1",
|
||||
"NUMDISKS": "2",
|
||||
"ROOT_PASSWORD": "111111",
|
||||
@ -1557,7 +1557,7 @@
|
||||
"fedora-Server-dvd-iso-x86_64-*-64bit": 40
|
||||
},
|
||||
"settings": {
|
||||
"GRUB": "inst.vnc net.ifnames=0 biosdevname=0 ip=172.16.2.114::172.16.2.2:255.255.255.0:vnc001.domain.local:eth0:off",
|
||||
"GRUB": "inst.vnc net.ifnames=0 biosdevname=0 ip=172.16.2.114::172.16.2.2:255.255.255.0:vnc001.test.openqa.fedoraproject.org:eth0:off",
|
||||
"NICTYPE": "tap",
|
||||
"VNC_SERVER": "1",
|
||||
"WORKER_CLASS": "tap"
|
||||
@ -1587,7 +1587,7 @@
|
||||
"fedora-Server-dvd-iso-x86_64-*-64bit": 40
|
||||
},
|
||||
"settings": {
|
||||
"GRUB": "inst.vnc inst.vncconnect=172.16.2.117:5500 net.ifnames=0 biosdevname=0 ip=172.16.2.116::172.16.2.2:255.255.255.0:vnc003.domain.local:eth0:off",
|
||||
"GRUB": "inst.vnc inst.vncconnect=172.16.2.117:5500 net.ifnames=0 biosdevname=0 ip=172.16.2.116::172.16.2.2:255.255.255.0:vnc003.test.openqa.fedoraproject.org:eth0:off",
|
||||
"INSTALL_UNLOCK": "vncconnect_client_ready",
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "install_vncconnect_client",
|
||||
@ -1672,7 +1672,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "iot_zezere_server",
|
||||
"POSTINSTALL": "iot_zezere_ignition",
|
||||
"POST_STATIC": "172.16.2.119 zezere001.domain.local",
|
||||
"POST_STATIC": "172.16.2.119 zezere001.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1690,7 +1690,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "_iot_zezere_server _setup_browser _iot_zezere_remote",
|
||||
"POST_STATIC": "172.16.2.118 zezere002.domain.local",
|
||||
"POST_STATIC": "172.16.2.118 zezere002.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"TEST_TARGET": "NONE",
|
||||
@ -1766,7 +1766,7 @@
|
||||
"HDD_1": "disk_%FLAVOR%_%MACHINE%.qcow2",
|
||||
"NICTYPE": "tap",
|
||||
"POSTINSTALL": "podman",
|
||||
"POST_STATIC": "172.16.2.114 podman001.domain.local",
|
||||
"POST_STATIC": "172.16.2.114 podman001.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1785,7 +1785,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "podman",
|
||||
"POSTINSTALL": "_podman_client",
|
||||
"POST_STATIC": "172.16.2.115 podclient001.domain.local",
|
||||
"POST_STATIC": "172.16.2.115 podclient001.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1805,7 +1805,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "server_role_deploy_domain_controller",
|
||||
"POSTINSTALL": "realmd_join_cockpit freeipa_webui freeipa_password_change freeipa_client",
|
||||
"POST_STATIC": "172.16.2.102 client002.domain.local",
|
||||
"POST_STATIC": "172.16.2.102 client002.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"USER_LOGIN": "false",
|
||||
"WORKER_CLASS": "tap"
|
||||
@ -1823,7 +1823,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "server_role_deploy_domain_controller",
|
||||
"POSTINSTALL": "realmd_join_sssd freeipa_client",
|
||||
"POST_STATIC": "172.16.2.103 client003.domain.local",
|
||||
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1912,7 +1912,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "server_role_deploy_database_server",
|
||||
"POSTINSTALL": "database_client",
|
||||
"POST_STATIC": "172.16.2.105 dbclient.domain.local",
|
||||
"POST_STATIC": "172.16.2.105 dbclient.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1961,7 +1961,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "server_freeipa_replication_replica",
|
||||
"POSTINSTALL": "realmd_join_sssd freeipa_client",
|
||||
"POST_STATIC": "172.16.2.108 client005.domain.local",
|
||||
"POST_STATIC": "172.16.2.108 client005.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -1981,7 +1981,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "role_deploy_domain_controller role_deploy_domain_controller_check",
|
||||
"POST_STATIC": "172.16.2.106 ipa002.domain.local",
|
||||
"POST_STATIC": "172.16.2.106 ipa002.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2002,7 +2002,7 @@
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"PARALLEL_WITH": "server_freeipa_replication_master",
|
||||
"POSTINSTALL": "realmd_join_sssd",
|
||||
"POST_STATIC": "172.16.2.107 ipa003.domain.local",
|
||||
"POST_STATIC": "172.16.2.107 ipa003.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2017,7 +2017,7 @@
|
||||
},
|
||||
"settings": {
|
||||
"GRUB": "inst.ks=hd:vdb1:/freeipaclient.ks",
|
||||
"HDD_2": "disk_ks_4.img",
|
||||
"HDD_2": "disk_ks_5.img",
|
||||
"INSTALL_UNLOCK": "freeipa_ready",
|
||||
"KICKSTART": "1",
|
||||
"NICTYPE": "tap",
|
||||
@ -2041,7 +2041,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "server_remote_logging_server",
|
||||
"POSTINSTALL": "server_remote_logging_client",
|
||||
"POST_STATIC": "172.16.2.113 rsyslogclient.domain.local",
|
||||
"POST_STATIC": "172.16.2.113 rsyslogclient.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2060,7 +2060,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "server_remote_logging_server",
|
||||
"POST_STATIC": "172.16.2.112 rsyslogserver.domain.local",
|
||||
"POST_STATIC": "172.16.2.112 rsyslogserver.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2079,7 +2079,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "role_deploy_database_server",
|
||||
"POST_STATIC": "172.16.2.104 db.domain.local",
|
||||
"POST_STATIC": "172.16.2.104 db.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2098,7 +2098,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "role_deploy_domain_controller role_deploy_domain_controller_check",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"START_AFTER_TEST": "%DEPLOY_UPLOAD_TEST%",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2121,7 +2121,7 @@
|
||||
"NUMDISKS": "2",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "_support_server",
|
||||
"POST_STATIC": "172.16.2.110 support.domain.local",
|
||||
"POST_STATIC": "172.16.2.110 support.test.openqa.fedoraproject.org",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"TEST_TARGET": "NONE",
|
||||
"USER_LOGIN": "false",
|
||||
@ -2213,7 +2213,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "upgrade_2_server_domain_controller",
|
||||
"POSTINSTALL": "_setup_browser freeipa_webui freeipa_password_change freeipa_client",
|
||||
"POST_STATIC": "172.16.2.103 client003.domain.local",
|
||||
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
|
||||
"PREUPGRADE": "realmd_join_sssd",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"TEST_TARGET": "COMPOSE",
|
||||
@ -2249,7 +2249,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "role_deploy_domain_controller_check",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
|
||||
"PREUPGRADE": "role_deploy_domain_controller",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"TEST_TARGET": "COMPOSE",
|
||||
@ -2344,7 +2344,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_WITH": "upgrade_server_domain_controller",
|
||||
"POSTINSTALL": "_setup_browser freeipa_webui freeipa_password_change freeipa_client",
|
||||
"POST_STATIC": "172.16.2.103 client003.domain.local",
|
||||
"POST_STATIC": "172.16.2.103 client003.test.openqa.fedoraproject.org",
|
||||
"PREUPGRADE": "realmd_join_sssd",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"TEST_TARGET": "COMPOSE",
|
||||
@ -2381,7 +2381,7 @@
|
||||
"NICTYPE": "tap",
|
||||
"PARALLEL_CANCEL_WHOLE_CLUSTER": "0",
|
||||
"POSTINSTALL": "role_deploy_domain_controller_check",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.domain.local",
|
||||
"POST_STATIC": "172.16.2.100 ipa001.test.openqa.fedoraproject.org",
|
||||
"PREUPGRADE": "role_deploy_domain_controller",
|
||||
"ROOT_PASSWORD": "weakpassword",
|
||||
"TEST_TARGET": "COMPOSE",
|
||||
|
@ -21,7 +21,7 @@ sub run {
|
||||
assert_script_run "zezere-manage loaddata fedora_iot_runreqs";
|
||||
assert_script_run "zezere-manage loaddata fedora_installed";
|
||||
# create admin user
|
||||
assert_script_run 'zezere-manage createsuperuser --username admin --email zezere@domain.local --no-input';
|
||||
assert_script_run 'zezere-manage createsuperuser --username admin --email zezere@test.openqa.fedoraproject.org --no-input';
|
||||
# set admin password (can't find a non-interactive way sadly)
|
||||
type_string "zezere-manage changepassword admin\n";
|
||||
sleep 2;
|
||||
|
@ -103,7 +103,7 @@ sub run {
|
||||
}
|
||||
## DNS / DHCP (dnsmasq)
|
||||
# create config
|
||||
assert_script_run "printf 'domain=domain.local\ndhcp-range=172.16.2.150,172.16.2.199\ndhcp-option=option:router,172.16.2.2\n' > /etc/dnsmasq.conf";
|
||||
assert_script_run "printf 'domain=test.openqa.fedoraproject.org\ndhcp-range=172.16.2.150,172.16.2.199\ndhcp-option=option:router,172.16.2.2\n' > /etc/dnsmasq.conf";
|
||||
# do PXE setup if this is not an update test
|
||||
_pxe_setup() unless (get_var("ADVISORY_OR_TASK"));
|
||||
# open firewall ports
|
||||
|
@ -8,7 +8,7 @@ sub run {
|
||||
my $self = shift;
|
||||
boot_to_login_screen(timeout => 300);
|
||||
$self->root_console(tty=>3);
|
||||
setup_tap_static('172.16.2.115', 'vnc002.domain.local');
|
||||
setup_tap_static('172.16.2.115', 'vnc002.test.openqa.fedoraproject.org');
|
||||
# test test: check if we can see the server
|
||||
assert_script_run "ping -c 2 172.16.2.114";
|
||||
desktop_vt;
|
||||
|
@ -8,7 +8,7 @@ sub run {
|
||||
my $self = shift;
|
||||
boot_to_login_screen(timeout => 300);
|
||||
$self->root_console(tty=>3);
|
||||
setup_tap_static('172.16.2.117', 'vnc004.domain.local');
|
||||
setup_tap_static('172.16.2.117', 'vnc004.test.openqa.fedoraproject.org');
|
||||
# install tigervnc (Boxes doesn't do reverse VNC)
|
||||
assert_script_run "dnf -y install tigervnc", 180;
|
||||
# take down the firewall
|
||||
|
@ -11,28 +11,28 @@ sub run {
|
||||
send_key "ctrl-alt-f1";
|
||||
wait_still_screen 1;
|
||||
# check domain is listed in 'realm list'
|
||||
validate_script_output 'realm list', sub { $_ =~ m/domain-name: domain\.local.*configured: kerberos-member/s };
|
||||
validate_script_output 'realm list', sub { $_ =~ m/domain-name: test\.openqa\.fedoraproject\.org.*configured: kerberos-member/s };
|
||||
# check we can see the admin user in getent
|
||||
assert_script_run 'getent passwd admin@DOMAIN.LOCAL';
|
||||
assert_script_run 'getent passwd admin@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
# check keytab entries
|
||||
my $hostname = script_output 'hostname';
|
||||
my $qhost = quotemeta($hostname);
|
||||
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@DOMAIN\.LOCAL/ };
|
||||
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@TEST\.OPENQA\.FEDORAPROJECT\.ORG/ };
|
||||
# check we can kinit with the host principal
|
||||
assert_script_run "kinit -k host/$hostname\@DOMAIN.LOCAL";
|
||||
assert_script_run "kinit -k host/$hostname\@TEST.OPENQA.FEDORAPROJECT.ORG";
|
||||
# Set a longer timeout for login(1) to workaround RHBZ #1661273
|
||||
assert_script_run 'echo "LOGIN_TIMEOUT 180" >> /etc/login.defs';
|
||||
# switch to tty2 for login tests
|
||||
send_key "ctrl-alt-f2";
|
||||
# try and login as test1, should work
|
||||
console_login(user=>'test1@DOMAIN.LOCAL', password=>'batterystaple');
|
||||
console_login(user=>'test1@TEST.OPENQA.FEDORAPROJECT.ORG', password=>'batterystaple');
|
||||
type_string "exit\n";
|
||||
# try and login as test2, should fail. we cannot use console_login
|
||||
# as it takes 10 seconds to complete when login fails, and
|
||||
# "permission denied" message doesn't last that long
|
||||
sleep 2;
|
||||
assert_screen "text_console_login";
|
||||
type_string "test2\@DOMAIN.LOCAL\n";
|
||||
type_string "test2\@TEST.OPENQA.FEDORAPROJECT.ORG\n";
|
||||
assert_screen "console_password_required";
|
||||
type_string "batterystaple\n";
|
||||
assert_screen "login_permission_denied";
|
||||
|
@ -10,7 +10,7 @@ sub run {
|
||||
# check whether test3 exists, i.e. whether freeipa_webui at
|
||||
# least managed to create it. if not, we may as well just
|
||||
# die now, this test cannot work.
|
||||
assert_script_run 'getent passwd test3@DOMAIN.LOCAL';
|
||||
assert_script_run 'getent passwd test3@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
# clear browser data so we don't go back to the 'admin' login
|
||||
assert_script_run 'rm -rf /root/.mozilla';
|
||||
# clear kerberos ticket so we don't auto-auth as 'test4'
|
||||
|
@ -48,19 +48,19 @@ sub run {
|
||||
assert_screen "root_console";
|
||||
wait_still_screen 5;
|
||||
# set permanent passwords for both accounts
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test3@DOMAIN.LOCAL';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test4@DOMAIN.LOCAL';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test3@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test4@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
# switch to tty4 (boy, the tty jugglin')
|
||||
send_key "ctrl-alt-f4";
|
||||
# try and login as test3, should work
|
||||
console_login(user=>'test3@DOMAIN.LOCAL', password=>'batterystaple');
|
||||
console_login(user=>'test3@TEST.OPENQA.FEDORAPROJECT.ORG', password=>'batterystaple');
|
||||
type_string "exit\n";
|
||||
# try and login as test4, should fail. we cannot use console_login
|
||||
# as it takes 10 seconds to complete when login fails, and
|
||||
# "permission denied" message doesn't last that long
|
||||
sleep 2;
|
||||
assert_screen "text_console_login";
|
||||
type_string "test4\@DOMAIN.LOCAL\n";
|
||||
type_string "test4\@TEST.OPENQA.FEDORAPROJECT.ORG\n";
|
||||
assert_screen "console_password_required";
|
||||
type_string "batterystaple\n";
|
||||
assert_screen "login_permission_denied";
|
||||
|
@ -10,7 +10,7 @@ sub run {
|
||||
my $self = shift;
|
||||
# use FreeIPA server as DNS server
|
||||
bypass_1691487;
|
||||
assert_script_run "printf 'search domain.local\nnameserver 172.16.2.100' > /etc/resolv.conf";
|
||||
assert_script_run "printf 'search test.openqa.fedoraproject.org\nnameserver 172.16.2.100' > /etc/resolv.conf";
|
||||
# this gets us the name of the first connection in the list,
|
||||
# which should be what we want
|
||||
my $connection = script_output "nmcli --fields NAME con show | head -2 | tail -1";
|
||||
@ -50,7 +50,7 @@ sub run {
|
||||
# cockpit 232: https://github.com/cockpit-project/cockpit/issues/14895
|
||||
my $tabs = $cockpitver > 231 ? "\t\t\t" : "\t";
|
||||
type_string($tabs, 4);
|
||||
type_string("ipa001.domain.local", 4);
|
||||
type_string("ipa001.test.openqa.fedoraproject.org", 4);
|
||||
type_string("\t\t", 4);
|
||||
type_string("admin", 4);
|
||||
send_key "tab";
|
||||
|
@ -9,15 +9,15 @@ use utils;
|
||||
sub run {
|
||||
my $self=shift;
|
||||
# use FreeIPA server or replica as DNS server
|
||||
my $server = 'ipa001.domain.local';
|
||||
my $server = 'ipa001.test.openqa.fedoraproject.org';
|
||||
my $server_ip = '172.16.2.100';
|
||||
my $server_mutex = 'freeipa_ready';
|
||||
if (get_var("FREEIPA_REPLICA")) {
|
||||
$server = 'ipa002.domain.local';
|
||||
$server = 'ipa002.test.openqa.fedoraproject.org';
|
||||
$server_ip = '172.16.2.106';
|
||||
}
|
||||
if (get_var("FREEIPA_REPLICA_CLIENT")) {
|
||||
$server = 'ipa003.domain.local';
|
||||
$server = 'ipa003.test.openqa.fedoraproject.org';
|
||||
$server_ip = '172.16.2.107';
|
||||
$server_mutex = 'replica_ready';
|
||||
}
|
||||
|
@ -38,7 +38,7 @@ sub run {
|
||||
}
|
||||
assert_script_run "systemctl restart firewalld.service";
|
||||
# deploy the server
|
||||
my $args = "-U --auto-forwarders --realm=DOMAIN.LOCAL --domain=domain.local --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
|
||||
my $args = "-U --auto-forwarders --realm=TEST.OPENQA.FEDORAPROJECT.ORG --domain=test.openqa.fedoraproject.org --ds-password=monkeys123 --admin-password=monkeys123 --setup-dns --reverse-zone=2.16.172.in-addr.arpa --allow-zone-overlap";
|
||||
assert_script_run "ipa-server-install $args", 1200;
|
||||
# enable and start the systemd service
|
||||
assert_script_run "systemctl enable ipa.service";
|
||||
@ -47,7 +47,7 @@ sub run {
|
||||
# kinit as admin
|
||||
assert_script_run 'echo "monkeys123" | kinit admin';
|
||||
# set up an OTP for client001 enrolment (it will enrol with a kickstart)
|
||||
assert_script_run 'ipa host-add client001.domain.local --password=monkeys --force';
|
||||
assert_script_run 'ipa host-add client001.test.openqa.fedoraproject.org --password=monkeys --force';
|
||||
# create two user accounts, test1 and test2
|
||||
assert_script_run 'echo "correcthorse" | ipa user-add test1 --first test --last one --password';
|
||||
assert_script_run 'echo "correcthorse" | ipa user-add test2 --first test --last two --password';
|
||||
@ -61,10 +61,10 @@ sub run {
|
||||
assert_script_run 'ipa pwpolicy-mod --minlife=0';
|
||||
# magic voodoo crap to allow reverse DNS client sync to work
|
||||
# https://docs.pagure.org/bind-dyndb-ldap/BIND9/SyncPTR.html
|
||||
assert_script_run 'ipa dnszone-mod domain.local. --allow-sync-ptr=TRUE';
|
||||
assert_script_run 'ipa dnszone-mod test.openqa.fedoraproject.org. --allow-sync-ptr=TRUE';
|
||||
# kinit as each user and set a new password
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test1@DOMAIN.LOCAL';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test2@DOMAIN.LOCAL';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test1@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
assert_script_run 'printf "correcthorse\nbatterystaple\nbatterystaple" | kinit test2@TEST.OPENQA.FEDORAPROJECT.ORG';
|
||||
# we're ready for children to enrol, now
|
||||
mutex_create("freeipa_ready");
|
||||
# if upgrade test, wait for children to enrol before upgrade
|
||||
|
Loading…
Reference in New Issue
Block a user