From 5a5cc5b37bb4262c7ee95ac109a56fa27c3ed716 Mon Sep 17 00:00:00 2001 From: Dan Lavu Date: Wed, 27 Mar 2024 14:52:43 -0400 Subject: [PATCH] tests: test_ldap.py, removing references to ldap_use_ppolicy --- src/tests/system/tests/test_ldap.py | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/src/tests/system/tests/test_ldap.py b/src/tests/system/tests/test_ldap.py index 5e3bef0ec53..0d79925e3a5 100644 --- a/src/tests/system/tests/test_ldap.py +++ b/src/tests/system/tests/test_ldap.py @@ -9,6 +9,7 @@ import time import pytest + from sssd_test_framework.roles.client import Client from sssd_test_framework.roles.ldap import LDAP from sssd_test_framework.topology import KnownTopology @@ -18,14 +19,13 @@ @pytest.mark.importance("critical") @pytest.mark.authentication @pytest.mark.parametrize("modify_mode", ["exop", "ldap_modify"]) -@pytest.mark.parametrize("use_ppolicy", ["true", "false"]) @pytest.mark.topology(KnownTopology.LDAP) @pytest.mark.parametrize("sssd_service_user", ("root", "sssd")) @pytest.mark.require( lambda client, sssd_service_user: ((sssd_service_user == "root") or client.features["non-privileged"]), "SSSD was built without support for running under non-root", ) -def test_ldap__password_change(client: Client, ldap: LDAP, modify_mode: str, use_ppolicy: str, sssd_service_user: str): +def test_ldap__password_change(client: Client, ldap: LDAP, modify_mode: str, sssd_service_user: str): """ :title: Change password with "ldap_pwmodify_mode" set to @modify_mode :setup: @@ -54,7 +54,6 @@ def test_ldap__password_change(client: Client, ldap: LDAP, modify_mode: str, use client.sssd.set_service_user(sssd_service_user) client.sssd.domain["ldap_pwmodify_mode"] = modify_mode - client.sssd.domain["ldap_use_ppolicy"] = use_ppolicy client.sssd.start() assert client.auth.ssh.password(user, old_pass), "Authentication with old correct password failed" @@ -67,10 +66,9 @@ def test_ldap__password_change(client: Client, ldap: LDAP, modify_mode: str, use @pytest.mark.ticket(bz=[795044, 1695574]) @pytest.mark.parametrize("modify_mode", ["exop", "ldap_modify"]) -@pytest.mark.parametrize("use_ppolicy", ["true", "false"]) @pytest.mark.topology(KnownTopology.LDAP) def test_ldap__password_change_new_passwords_do_not_match( - client: Client, ldap: LDAP, modify_mode: str, use_ppolicy: str + client: Client, ldap: LDAP, modify_mode: str ): """ :title: Change password with "ldap_pwmodify_mode" set to @modify_mode, but retyped password do not match @@ -89,7 +87,6 @@ def test_ldap__password_change_new_passwords_do_not_match( ldap.aci.add('(targetattr="userpassword")(version 3.0; acl "pwp test"; allow (all) userdn="ldap:///self";)') client.sssd.domain["ldap_pwmodify_mode"] = modify_mode - client.sssd.domain["ldap_use_ppolicy"] = use_ppolicy client.sssd.start() assert not client.auth.passwd.password( @@ -99,10 +96,9 @@ def test_ldap__password_change_new_passwords_do_not_match( @pytest.mark.ticket(bz=[795044, 1695574, 1795220]) @pytest.mark.parametrize("modify_mode", ["exop", "ldap_modify"]) -@pytest.mark.parametrize("use_ppolicy", ["true", "false"]) @pytest.mark.topology(KnownTopology.LDAP) def test_ldap__password_change_new_password_does_not_meet_complexity_requirements( - client: Client, ldap: LDAP, modify_mode: str, use_ppolicy: str + client: Client, ldap: LDAP, modify_mode: str ): """ :title: Change password to lower-case letters, password check fail @@ -125,7 +121,6 @@ def test_ldap__password_change_new_password_does_not_meet_complexity_requirement ldap.ldap.modify("cn=config", replace={"passwordCheckSyntax": "on"}) client.sssd.domain["ldap_pwmodify_mode"] = modify_mode - client.sssd.domain["ldap_use_ppolicy"] = use_ppolicy client.sssd.start() assert not client.auth.passwd.password( @@ -133,16 +128,15 @@ def test_ldap__password_change_new_password_does_not_meet_complexity_requirement ), "Password changed successfully, which is not expected" assert ( - "pam_sss(passwd:chauthtok): User info message: Password change failed." - in client.host.ssh.run("journalctl").stdout + "pam_sss(passwd:chauthtok): User info message: Password change failed." + in client.host.ssh.run("journalctl").stdout ) @pytest.mark.ticket(bz=[1695574, 1795220]) @pytest.mark.parametrize("modify_mode", ["exop", "ldap_modify"]) -@pytest.mark.parametrize("use_ppolicy", ["true", "false"]) @pytest.mark.topology(KnownTopology.LDAP) -def test_ldap__password_change_failed_current_password(client: Client, ldap: LDAP, modify_mode: str, use_ppolicy: str): +def test_ldap__password_change_failed_current_password(client: Client, ldap: LDAP, modify_mode: str): """ :title: Password change failed because an incorrect password was used :setup: @@ -160,7 +154,6 @@ def test_ldap__password_change_failed_current_password(client: Client, ldap: LDA ldap.aci.add('(targetattr="userpassword")(version 3.0; acl "pwp test"; allow (all) userdn="ldap:///self";)') client.sssd.domain["ldap_pwmodify_mode"] = modify_mode - client.sssd.domain["ldap_use_ppolicy"] = use_ppolicy client.sssd.start() assert not client.auth.passwd.password("user1", "wrong123", "Newpass123"), "Password change did not fail"