1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
|
#!/usr/bin/python
# This is a regression test for
# https://bugzilla.redhat.com/show_bug.cgi?id=586032 .
#
# We start a KDC, remove the kadm5 lock file, use the KDC, re-create the
# kadm5 lock file, and use kadmin.local. The kinit should fail, and the
# kadmin.local should succeed.
import os
from k5test import *
p = 'foo'
realm = K5Realm(create_user=False)
realm.addprinc(p, p)
kadm5_lock = os.path.join(realm.testdir, 'db.kadm5.lock')
if not os.path.exists(kadm5_lock):
fail('kadm5 lock file not created: ' + kadm5_lock)
os.unlink(kadm5_lock)
output = realm.kinit(p, p, [], expected_code=1)
if 'A service is not available' not in output:
fail('krb5kdc should have returned service not available error')
f = open(kadm5_lock, 'w')
f.close()
output = realm.run([kadminl, 'modprinc', '-allow_tix', p])
if 'Cannot lock database' in output:
fail('krb5kdc still holds a lock on the principal db')
success('KDB locking tests')
|