os-autoinst-distri-rocky/tests/freeipa_client_postinstall.pm
Adam Williamson e24c377b01 add FreeIPA web UI testing
Summary:
as a new, non-fatal test step in the cockpit enrolment test,
because it kinda fits in there; we have an enrolled system with
a web browser *right there*. This will require making the wiki
reporting stuff slightly cleverer so we can say 'report a pass
for this wiki test instance if this test step passed', but that
should be possible. Making this non-fatal means the rest of the
cockpit enrolment test will go ahead even if the freeipa web UI
fails.

The 'check if we can log in' stuff is identical to freeipa_
client_postinstall except with different user names, so we could
potentially factor that out somehow, but I couldn't think of a
super clean way to do it so for now it's just copied.

Note this diff is on top of the freeipa-realmd branch which
is for D894, it's not on top of develop.

Test Plan:
Run the modified test and see if it works. No other
tests are modified, so they should be OK.

Reviewers: garretraziel

Reviewed By: garretraziel

Subscribers: tflink

Differential Revision: https://phab.qadevel.cloud.fedoraproject.org/D895
2016-06-28 12:01:31 -07:00

49 lines
1.8 KiB
Perl

use base "installedtest";
use strict;
use testapi;
sub run {
my $self=shift;
# switch to tty1 (we're usually there already, but just in case
# we're carrying on from a failed freeipa_webui that didn't fail
# at tty1)
send_key "ctrl-alt-f1";
wait_still_screen 1;
# check domain is listed in 'realm list'
validate_script_output 'realm list', sub { $_ =~ m/domain-name: domain\.local.*configured: kerberos-member/s };
# check we can see the admin user in getent
assert_script_run 'getent passwd admin@DOMAIN.LOCAL';
# check keytab entries
my $hostname = script_output 'hostname';
my $qhost = quotemeta($hostname);
validate_script_output 'klist -k', sub { $_ =~ m/$qhost\@DOMAIN\.LOCAL/ };
# check we can kinit with the host principal
assert_script_run "kinit -k host/$hostname\@DOMAIN.LOCAL";
# switch to tty3
send_key "ctrl-alt-f3";
# try and login as test1, should work
$self->console_login(user=>'test1@DOMAIN.LOCAL', password=>'batterystaple');
type_string "exit\n";
# try and login as test2, should fail. we cannot use console_login
# as it takes 10 seconds to complete when login fails, and
# "permission denied" message doesn't last that long
sleep 2;
assert_screen "text_console_login";
type_string "test2\@DOMAIN.LOCAL\n";
assert_screen "console_password_required";
type_string "batterystaple\n";
assert_screen "login_permission_denied";
}
sub test_flags {
# without anything - rollback to 'lastgood' snapshot if failed
# 'fatal' - whole test suite is in danger if this fails
# 'milestone' - after this test succeeds, update 'lastgood'
# 'important' - if this fails, set the overall state to 'fail'
return { fatal => 1 };
}
1;
# vim: set sw=4 et: