Skip to content

Commit

Permalink
tests - housekeeping - logging
Browse files Browse the repository at this point in the history
housekeeping, the following is looked at and may have been done:

* fixed typos and standardized formatting
* renamed test cases to improve the clarity of what the test does
* improved docstring language, setup, steps and expected results
* synced code with the docstring order
* removed necessary configuration relevant to the test
* added pytest.mark.importance to test cases
* added error messages to assertions
  • Loading branch information
Dan Lavu committed Aug 20, 2024
1 parent edb35af commit 721eb5d
Showing 1 changed file with 75 additions and 69 deletions.
144 changes: 75 additions & 69 deletions src/tests/system/tests/test_logging.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
"""
Automation for default debug level
SSSD Logging Tests.
client.sssd.start(debug_level=None), means no configuration. It is the same as if
the parameter is omitted from 'sssd.conf'.
:requirement: SSSD - Default debug level
"""
Expand All @@ -14,147 +17,152 @@


@pytest.mark.topology(KnownTopology.Client)
def test_logging__default_debug_level_check(client: Client):
def test_logging__default_settings_logs_debug_level(client: Client):
"""
:title: Check default debug level when sssd started successfully
:title: Default settings writes the debug level to logs
:setup:
1. Clear logs and cache
2. Start SSSD with default debug level
1. Configure SSSD for local system authentication
2. Clear logs and start SSSD with default debug level
:steps:
1. Check log files
:expectedresults:
1. "Starting with debug level = 0x0070" is in each file and
if log contains more than one line, log message with number "0x3f7c0" is stored
1. Logs messages contain default debug level 0x0070
:customerscenario: False
"""
client.sssd.common.local()
client.sssd.default_domain = "local"

client.sssd.clear(db=True, memcache=True, logs=True, config=False)
client.sssd.clear(logs=True)
client.sssd.start(debug_level=None)

for file in [client.sssd.logs.monitor, client.sssd.logs.domain(), client.sssd.logs.nss, client.sssd.logs.pam]:
log_str = client.fs.read(file)
assert "Starting with debug level = 0x0070" in log_str, f"Log file has wrong format: {log_str}"
assert "Starting with debug level = 0x0070" in log_str, "Debug level value are not in logs!"

if len(log_str.split("\n")) > 1:
assert "(0x3f7c0)" in log_str, f"Log file has wrong format: {log_str}"
assert "(0x3f7c0)" in log_str, f"String '{log_str}'Debug level value are not in logs!"


@pytest.mark.topology(KnownTopology.Client)
def test_logging__default_debug_level_check_with_login(client: Client):
def test_logging__default_settings_does_not_log_user_logins(client: Client):
"""
:title: Successful login with default debug level doesn't generate any logs
:title: Default debug level does not log user logins
:setup:
1. Add local user, set its password
2. Add fallback_homedir (generates extra logs on user auth if not specified)
3. Clear cache and logs
1. Create user
2. Configure SSSD for local system authentication
3. Clear cache and logs and start SSSD with default debug level
:steps:
1. Start SSSD with default debug level
2. Authenticate with user
3. Check that logs were not generated
1. Store current logs and authenticate as a local user.
2. Compare stored logs with the current ones.
:expectedresults:
1. SSSD started successfully
2. User is authenticated
3. Diff of copy and logs is empty
1. Login was successful
2. Before event did not generate any new logs lines
:customerscenario: False
"""

client.local.user("user1").add(password="Secret123")
client.local.user("user1").add()
client.sssd.common.local()
client.sssd.default_domain = "local"
client.sssd.domain["fallback_homedir"] = "/home/%%u"

client.sssd.clear(db=True, memcache=True, logs=True, config=False)
client.sssd.clear(logs=True, config=False)
client.sssd.start(debug_level=None)

client.fs.copy("/var/log/sssd", "/tmp/copy")
assert client.auth.ssh.password("user1", "Secret123"), "Authentication failed"
assert client.auth.ssh.password("user1", "Secret123"), "Login failed!"
assert not client.host.conn.run("diff /var/log/sssd /tmp/copy").stdout, "Debug messages were generated"


@pytest.mark.ticket(bz=1893159)
@pytest.mark.parametrize("permissions", ["000", "100", "200", "300"])
@pytest.mark.topology(KnownTopology.Client)
def test_logging__default_debug_level_fatal_and_critical_failures(client: Client):
def test_logging__default_settings_logs_sssd_conf_permissions_errors(client: Client, permissions: str):
"""
:title: Check that messages with levels 0 and 1 are logged for fatal or critical failures
:title: Default debug_level logs sssd.conf unreadable ssd.conf permission errors
:setup:
1. Start SSSD with default debug level (config file is created)
2. Restrict sssd.conf permissions
1. Configure SSSD for local system authentication
2. Start SSSD, note this configures SSSD, the config file is created here
3. Set invalid file permissions for sssd.conf
4. Stop SSSD
:steps:
1. Restart sssd and check exit code
1. Start SSSD with default debug level
:expectedresults:
1. SSSD failed to start with expected error code
:customerscenario: True
"""
client.sssd.common.local()
client.sssd.default_domain = "local"
client.sssd.start(debug_level=None)
client.fs.chmod(mode="444", path="/etc/sssd/sssd.conf")
client.fs.chmod(mode=permissions, path="/etc/sssd/sssd.conf")
client.sssd.stop()

assert (
client.sssd.restart(debug_level=None, raise_on_error=False, apply_config=False).rc == 3
), "SSSD didn't fail to read config, which is not expected"
client.sssd.start(debug_level=None, raise_on_error=False, apply_config=False).rc == 3
), "SSSD erroneously started!"
assert "File ownership and permissions check failed" in client.fs.read(
client.sssd.logs.monitor
), "File check error messages are not in logs!"


@pytest.mark.ticket(bz=1893159)
@pytest.mark.topology(KnownTopology.Client)
def test_logging__default_debug_level_cannot_load_sssd_config(client: Client):
def test_logging__default_settings_logs_domain_configuration_errors(client: Client):
"""
:title: Check that messages with level 2 are logged when SSSD can't load config
:title: Default debug_level logs domain configuration errors
:setup:
1. Set 'domains' to 'non_existing_domain' in sssd section
1. Configure SSSD with an invalid domain
:steps:
1. Try to start SSSD with default debug level
1. Start SSSD with default debug level
2. Check logs
:expectedresults:
1. SSSD failed to start
2. Correct error message is in log file
2. Logs contain error message
:customerscenario: True
"""
client.sssd.sssd["domains"] = "non_existing_domain"
assert (
client.sssd.start(debug_level=None, raise_on_error=False).rc != 0
), "SSSD started successfully, which is not expected"
assert "id_provider is not set for domain [non_existing_domain]" in client.fs.read(client.sssd.logs.monitor)
assert client.sssd.start(debug_level=None, raise_on_error=False).rc != 0, "SSSD erroneously started!"
assert "No properly configured domains, fatal error!" in client.fs.read(
client.sssd.logs.monitor
), "Domain is configured!"


@pytest.mark.ticket(bz=1893159)
@pytest.mark.topology(KnownTopology.LDAP)
def test_logging__default_debug_level_nonexisting_ldap_server(client: Client):
def test_logging__default_settings_logs_offline_errors(client: Client):
"""
:title: Check that messages with level 2 are logged when LDAP server doesn't exist
:title: Default debug_level logs offline errors
:setup:
1. Set ldap_uri to a non-existing ldap-server
2. Start sssd with default debug level
3. Enable ifp responder
1. Configure SSSD with an invalid uri and enable ifp responder
2. Start SSSD with default debug level
3. Enable infopipe responder
:steps:
1. Check logs
2. Check default domain status
:expectedresults:
1. Domain logs should contain a log related to 'going offline'
2. LDAP is not connected
1. Logs contain connection errors
2. SSSD is not connected
:customerscenario: True
"""
client.sssd.domain["ldap_uri"] = "ldap://typo.invalid"
client.sssd.enable_responder("ifp")
client.sssd.start(debug_level=None, raise_on_error=False)

logs = client.fs.read(client.sssd.logs.domain())
assert "Failed to connect, going offline" in logs, "String was not found in the logs"
assert "Failed to connect, going offline" in logs, "Offline error messages are not in logs!"

assert client.sssd.default_domain, "default_domain is None"
res = client.sssctl.domain_status(client.sssd.default_domain)
assert "LDAP: not connected" in res.stdout
assert client.sssd.default_domain is not None, "Failed to load default domain!"
result = client.sssctl.domain_status(client.sssd.default_domain)
assert result is not None
assert "LDAP: not connected" in result.stdout, "LDAP is connected!"


@pytest.mark.ticket(bz=1915319)
@pytest.mark.topology(KnownTopology.Client)
def test_logging__default_debug_level_sbus(client: Client):
def test_logging__default_settings_logs_sbus_remove_key_error(client: Client):
"""
:title: SBUS doesn't trigger failure message at modules startup
:title: Default debug_level logs sbus remove key error
:setup:
1. Start sssd with default debug level
1. Configure SSSD for local system authentication and start SSSD
:steps:
1. Check logs
:expectedresults:
Expand All @@ -166,37 +174,35 @@ def test_logging__default_debug_level_sbus(client: Client):
client.sssd.start(debug_level=None)

for file in [client.sssd.logs.monitor, client.sssd.logs.domain(), client.sssd.logs.nss, client.sssd.logs.pam]:
assert "Unable to remove key" not in client.fs.read(file), f"'Unable to remove key' was found in file: {file}"
assert "Unable to remove key" not in client.fs.read(file), "Remove key messages are in the logs!"


@pytest.mark.ticket(bz=1416150)
@pytest.mark.topology(KnownTopology.LDAP)
def test_logging__log_to_syslog_when_backend_goes_offline(client: Client):
def test_logging__default_settings_logs_to_syslog_when_ldap_is_offline(client: Client):
"""
:title: Log to syslog when sssd cannot contact servers goes offline
:title: Log to syslog when sssd cannot contact ldap servers and the servers go offline
:setup:
1. Set an invalid hostname uri and disable the offset to refresh sudo rules
2. Start SSSD
1. Configure SSSD with an invalid uri and start SSSD
:steps:
1. Check domain status for default domain
2. Clear journal and restart SSSD
3. Check journalctl
1. Check domain status using sssctl
2. Clear syslog and restart SSSD and check syslog
:expectedresults:
1. Domain is offline
2. Succeed
3. "Backend is offline" found
2. Logs contain SSSD errors
:customerscenario: True
"""
client.sssd.domain["ldap_uri"] = "ldaps://typo.invalid"
client.sssd.domain["ldap_sudo_random_offset"] = "0"
client.sssd.start()
assert client.sssd.default_domain is not None, "Failed to load default domain"

assert client.sssd.default_domain is not None, "Failed to load default domain!"
status = client.sssctl.domain_status(client.sssd.default_domain)
assert "Offline" in status.stdout or "Unable to get online status" in status.stderr, "Domain is not offline"
assert status is not None
assert "Offline" in status.stdout or "Unable to get online status" in status.stderr, "Domain is not offline!"

client.journald.clear()
client.sssd.restart()
time.sleep(1)

log = client.journald.journalctl(grep="Backend is offline", unit="sssd")
assert log.rc == 0, "'Backend is offline' is not logged"
assert log.rc == 0, "Offline error messages are not in logs!"

0 comments on commit 721eb5d

Please sign in to comment.