dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0188-TESTS-Integration-test-for-idle-timeout.patch

8974b2
From fd008eddbf069014d8f17944d018ad3d85d5679f Mon Sep 17 00:00:00 2001
8974b2
From: Jakub Hrozek <jhrozek@redhat.com>
8974b2
Date: Wed, 19 Jul 2017 14:22:17 +0200
8974b2
Subject: [PATCH 188/190] TESTS: Integration test for idle timeout
8974b2
MIME-Version: 1.0
8974b2
Content-Type: text/plain; charset=UTF-8
8974b2
Content-Transfer-Encoding: 8bit
8974b2
8974b2
The secrets responder test was chosen even though the bug was in the generic
8974b2
responder code b/c it runs a single responder process, so it's trivial to
8974b2
read the PID of the responder under test.
8974b2
8974b2
Changes subprocess.call() for os.execv() so that the setup function can
8974b2
return the secret responder PID right away.
8974b2
8974b2
The client timeout in the test has to be at least 10 seconds because
8974b2
internally, the responders don't allow a shorter timeout.
8974b2
8974b2
Regression test for https://pagure.io/SSSD/sssd/issue/3448
8974b2
8974b2
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
8974b2
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
8974b2
---
8974b2
 src/tests/intg/test_secrets.py | 75 ++++++++++++++++++++++++++++++++++--------
8974b2
 1 file changed, 62 insertions(+), 13 deletions(-)
8974b2
8974b2
diff --git a/src/tests/intg/test_secrets.py b/src/tests/intg/test_secrets.py
8974b2
index 202f43e61cb0e4986394ad2b32da5abdcb0be3e9..1be31318b194de1550bc84af16260bf1503567dc 100644
8974b2
--- a/src/tests/intg/test_secrets.py
8974b2
+++ b/src/tests/intg/test_secrets.py
8974b2
@@ -55,9 +55,9 @@ def create_sssd_secrets_fixture(request):
8974b2
     assert secpid >= 0
8974b2
 
8974b2
     if secpid == 0:
8974b2
-        if subprocess.call([resp_path, "--uid=0", "--gid=0"]) != 0:
8974b2
-            print("sssd_secrets failed to start")
8974b2
-            sys.exit(99)
8974b2
+        os.execv(resp_path, ("--uid=0", "--gid=0"))
8974b2
+        print("sssd_secrets failed to start")
8974b2
+        sys.exit(99)
8974b2
     else:
8974b2
         sock_path = os.path.join(config.RUNSTATEDIR, "secrets.socket")
8974b2
         sck = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
8974b2
@@ -83,13 +83,8 @@ def create_sssd_secrets_fixture(request):
8974b2
     return secpid
8974b2
 
8974b2
 
8974b2
-@pytest.fixture
8974b2
-def setup_for_secrets(request):
8974b2
-    """
8974b2
-    Just set up the local provider for tests and enable the secrets
8974b2
-    responder
8974b2
-    """
8974b2
-    conf = unindent("""\
8974b2
+def generate_sec_config():
8974b2
+    return unindent("""\
8974b2
         [sssd]
8974b2
         domains = local
8974b2
         services = nss
8974b2
@@ -100,11 +95,19 @@ def setup_for_secrets(request):
8974b2
         [secrets]
8974b2
         max_secrets = 10
8974b2
         max_payload_size = 2
8974b2
-    """).format(**locals())
8974b2
+    """)
8974b2
+
8974b2
+
8974b2
+@pytest.fixture
8974b2
+def setup_for_secrets(request):
8974b2
+    """
8974b2
+    Just set up the local provider for tests and enable the secrets
8974b2
+    responder
8974b2
+    """
8974b2
+    conf = generate_sec_config()
8974b2
 
8974b2
     create_conf_fixture(request, conf)
8974b2
-    create_sssd_secrets_fixture(request)
8974b2
-    return None
8974b2
+    return create_sssd_secrets_fixture(request)
8974b2
 
8974b2
 
8974b2
 def get_secrets_socket():
8974b2
@@ -386,3 +389,49 @@ def test_containers(setup_for_secrets, secrets_cli):
8974b2
     with pytest.raises(HTTPError) as err406:
8974b2
         cli.create_container(container)
8974b2
     assert str(err406.value).startswith("406")
8974b2
+
8974b2
+
8974b2
+def get_num_fds(pid):
8974b2
+    procpath = os.path.join("/proc/", str(pid), "fd")
8974b2
+    return len([fdname for fdname in os.listdir(procpath)])
8974b2
+
8974b2
+
8974b2
+@pytest.fixture
8974b2
+def setup_for_cli_timeout_test(request):
8974b2
+    """
8974b2
+    Same as the generic setup, except a short client_idle_timeout so that
8974b2
+    the test_idle_timeout() test closes the fd towards the client.
8974b2
+    """
8974b2
+    conf = generate_sec_config() + \
8974b2
+        unindent("""
8974b2
+        client_idle_timeout = 10
8974b2
+        """).format()
8974b2
+
8974b2
+    create_conf_fixture(request, conf)
8974b2
+    return create_sssd_secrets_fixture(request)
8974b2
+
8974b2
+
8974b2
+def test_idle_timeout(setup_for_cli_timeout_test):
8974b2
+    """
8974b2
+    Test that idle file descriptors are reaped after the idle timeout
8974b2
+    passes
8974b2
+    """
8974b2
+    secpid = setup_for_cli_timeout_test
8974b2
+    sock_path = get_secrets_socket()
8974b2
+
8974b2
+    nfds_pre = get_num_fds(secpid)
8974b2
+
8974b2
+    sock = socket.socket(family=socket.AF_UNIX)
8974b2
+    sock.connect(sock_path)
8974b2
+    time.sleep(1)
8974b2
+    nfds_conn = get_num_fds(secpid)
8974b2
+    assert nfds_pre + 1 == nfds_conn
8974b2
+    # With the idle timeout set to 10 seconds, we need to sleep at least 15,
8974b2
+    # because the internal timer ticks every timeout/2 seconds, so it would
8974b2
+    # tick at 5, 10 and 15 seconds and the client timeout check uses a
8974b2
+    # greater-than comparison, so the 10-seconds tick wouldn't yet trigger
8974b2
+    # disconnect
8974b2
+    time.sleep(15)
8974b2
+
8974b2
+    nfds_post = get_num_fds(secpid)
8974b2
+    assert nfds_pre == nfds_post
8974b2
-- 
8974b2
2.9.4
8974b2