From 4b79fe61c77e4d546a7880bbf307e88f62c8e207 Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Tue, 2 Apr 2024 12:37:26 +0200 Subject: [PATCH] TESTS: don't use deprecated sssd.conf::user option Currently when SSSD is built '--with-sssd-user=sssd' it's also configured to run under 'sssd' user by default via sssd.service, so that sssd.conf::user option is ignored anyway. Since sssd.conf::user is deprecated and will go away, it doesn't make much sense to put effort into testing it. What makes sense is to test sssd.service::User option, but this is out of scope of this patch. --- src/tests/system/tests/test_authentication.py | 15 --------------- src/tests/system/tests/test_autofs.py | 5 ----- src/tests/system/tests/test_identity.py | 15 --------------- src/tests/system/tests/test_ldap.py | 5 ----- src/tests/system/tests/test_sudo.py | 15 --------------- 5 files changed, 55 deletions(-) diff --git a/src/tests/system/tests/test_authentication.py b/src/tests/system/tests/test_authentication.py index 83085851a01..ae8ee432050 100644 --- a/src/tests/system/tests/test_authentication.py +++ b/src/tests/system/tests/test_authentication.py @@ -15,11 +15,6 @@ @pytest.mark.topology(KnownTopologyGroup.AnyProvider) @pytest.mark.parametrize("method", ["su", "ssh"]) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_authentication__login(client: Client, provider: GenericProvider, method: str, sssd_service_user: str): """ :title: ssh/su login @@ -46,11 +41,6 @@ def test_authentication__login(client: Client, provider: GenericProvider, method @pytest.mark.topology(KnownTopologyGroup.AnyProvider) @pytest.mark.parametrize("method", ["su", "ssh"]) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_authentication__offline_login(client: Client, provider: GenericProvider, method: str, sssd_service_user: str): """ :title: Offline ssh/su login @@ -103,11 +93,6 @@ def test_authentication__offline_login(client: Client, provider: GenericProvider @pytest.mark.topology(KnownTopology.AD) @pytest.mark.ticket(gh=7174) @pytest.mark.parametrize("method", ["su", "ssh"]) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_authentication__login_using_email_address(client: Client, ad: AD, method: str, sssd_service_user: str): """ :title: Login using user's email address diff --git a/src/tests/system/tests/test_autofs.py b/src/tests/system/tests/test_autofs.py index 9206dc44f5c..b20ef9e50f2 100644 --- a/src/tests/system/tests/test_autofs.py +++ b/src/tests/system/tests/test_autofs.py @@ -17,11 +17,6 @@ @pytest.mark.ticket(gh=6739) @pytest.mark.parametrize("cache_first", [False, True]) @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_autofs__cache_first( client: Client, nfs: NFS, provider: GenericProvider, cache_first: bool, sssd_service_user: str ): diff --git a/src/tests/system/tests/test_identity.py b/src/tests/system/tests/test_identity.py index ab6734f2ee1..4b2276d6f56 100644 --- a/src/tests/system/tests/test_identity.py +++ b/src/tests/system/tests/test_identity.py @@ -14,11 +14,6 @@ @pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_identity__lookup_username_with_id(client: Client, provider: GenericProvider, sssd_service_user: str): """ :title: Resolve user by name with id @@ -53,11 +48,6 @@ def test_identity__lookup_username_with_id(client: Client, provider: GenericProv @pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_identity__lookup_uid_with_id(client: Client, provider: GenericProvider, sssd_service_user: str): """ :title: Resolve user by uid with id @@ -240,11 +230,6 @@ def test_identity__lookup_user_by_group_with_getent(client: Client, provider: Ge @pytest.mark.importance("critical") @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_identity__lookup_group_membership_by_username_with_id( client: Client, provider: GenericProvider, sssd_service_user: str ): diff --git a/src/tests/system/tests/test_ldap.py b/src/tests/system/tests/test_ldap.py index bfef3d055f3..aab4067b144 100644 --- a/src/tests/system/tests/test_ldap.py +++ b/src/tests/system/tests/test_ldap.py @@ -18,11 +18,6 @@ @pytest.mark.parametrize("modify_mode", ["exop", "ldap_modify"]) @pytest.mark.parametrize("use_ppolicy", ["true", "false"]) @pytest.mark.topology(KnownTopology.LDAP) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_ldap__change_password(client: Client, ldap: LDAP, modify_mode: str, use_ppolicy: str, sssd_service_user: str): """ :title: Change password with "ldap_pwmodify_mode" set to @modify_mode diff --git a/src/tests/system/tests/test_sudo.py b/src/tests/system/tests/test_sudo.py index 3afe86f3f49..1f1cc314ed3 100644 --- a/src/tests/system/tests/test_sudo.py +++ b/src/tests/system/tests/test_sudo.py @@ -22,11 +22,6 @@ @pytest.mark.importance("critical") @pytest.mark.authorization @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_sudo__user_allowed(client: Client, provider: GenericProvider, sssd_service_user: str): """ :title: One user is allowed to run command, other user is not @@ -161,11 +156,6 @@ def test_sudo__case_sensitive_false(client: Client, provider: GenericProvider): @pytest.mark.importance("critical") @pytest.mark.authorization @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_sudo__rules_refresh(client: Client, provider: GenericProvider, sssd_service_user: str): """ :title: Sudo rules refresh works @@ -507,11 +497,6 @@ def is_smart_skipped(line: str) -> bool: @pytest.mark.authorization @pytest.mark.ticket(bz=1294670, gh=3969) @pytest.mark.topology(KnownTopologyGroup.AnyProvider) -@pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) -@pytest.mark.require( - lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), - "SSSD was built without support for running under non-root", -) def test_sudo__local_users_negative_cache(client: Client, provider: LDAP, sssd_service_user: str): """ :title: Sudo responder hits negative cache for local users