3 from filecmp import cmp
5 # Make sure we can dump and load an ordinary database, and that
6 # principals and policies survive a dump/load cycle.
8 realm = K5Realm(start_kdc=False)
9 realm.run([kadminl, 'addpol', 'fred'])
12 dumpfile = os.path.join(realm.testdir, 'dump')
13 realm.run([kdb5_util, 'dump', dumpfile])
15 # Write additional policy records to the dump. Use the 1.8 format for
16 # one of them, to test retroactive compatibility (for issue #8213).
17 f = open('testdir/dump', 'a')
18 f.write('policy compat 0 0 3 4 5 0 '
20 f.write('policy barney 0 0 1 1 1 0 '
23 'fd100f5064625f6372656174696f6e404b5242544553542e434f4d00\n')
26 # Destroy and load the database; check that the policies exist.
27 # Spot-check principal and policy fields.
28 realm.run([kdb5_util, 'destroy', '-f'])
29 realm.run([kdb5_util, 'load', dumpfile])
30 out = realm.run([kadminl, 'getprincs'])
31 if realm.user_princ not in out or realm.host_princ not in out:
32 fail('Missing principal after load')
33 out = realm.run([kadminl, 'getprinc', realm.user_princ])
34 if 'Expiration date: [never]' not in out or 'MKey: vno 1' not in out:
35 fail('Principal has wrong value after load')
36 out = realm.run([kadminl, 'getpols'])
37 if 'fred\n' not in out or 'barney\n' not in out:
38 fail('Missing policy after load')
39 out = realm.run([kadminl, 'getpol', 'compat'])
40 if 'Number of old keys kept: 5' not in out:
41 fail('Policy (1.8 format) has wrong value after load')
42 out = realm.run([kadminl, 'getpol', 'barney'])
43 if 'Number of old keys kept: 1' not in out:
44 fail('Policy has wrong value after load')
46 # Dump/load again, and make sure everything is still there.
47 realm.run([kdb5_util, 'dump', dumpfile])
48 realm.run([kdb5_util, 'load', dumpfile])
49 out = realm.run([kadminl, 'getprincs'])
50 if realm.user_princ not in out or realm.host_princ not in out:
51 fail('Missing principal after load')
52 out = realm.run([kadminl, 'getpols'])
53 if 'compat\n' not in out or 'fred\n' not in out or 'barney\n' not in out:
54 fail('Missing policy after second load')
56 srcdumpdir = os.path.join(srctop, 'tests', 'dumpfiles')
57 srcdump = os.path.join(srcdumpdir, 'dump')
58 srcdump_r18 = os.path.join(srcdumpdir, 'dump.r18')
59 srcdump_r13 = os.path.join(srcdumpdir, 'dump.r13')
60 srcdump_b7 = os.path.join(srcdumpdir, 'dump.b7')
61 srcdump_ov = os.path.join(srcdumpdir, 'dump.ov')
63 # Load a dump file from the source directory.
64 realm.run([kdb5_util, 'destroy', '-f'])
65 realm.run([kdb5_util, 'load', srcdump])
66 realm.run([kdb5_util, 'stash', '-P', 'master'])
68 def dump_compare(realm, opt, srcfile):
69 realm.run([kdb5_util, 'dump'] + opt + [dumpfile])
70 if not cmp(srcfile, dumpfile, False):
71 fail('Dump output does not match %s' % srcfile)
73 # Dump the resulting DB in each non-iprop format and compare with
75 dump_compare(realm, [], srcdump)
76 dump_compare(realm, ['-r18'], srcdump_r18)
77 dump_compare(realm, ['-r13'], srcdump_r13)
78 dump_compare(realm, ['-b7'], srcdump_b7)
79 dump_compare(realm, ['-ov'], srcdump_ov)
81 def load_dump_check_compare(realm, opt, srcfile):
82 realm.run([kdb5_util, 'destroy', '-f'])
83 realm.run([kdb5_util, 'load'] + opt + [srcfile])
84 out = realm.run([kadminl, 'getprincs'])
85 if 'user@' not in out:
86 fail('Loaded dumpfile missing user principal')
87 out = realm.run([kadminl, 'getprinc', 'nokeys'])
88 if 'Number of keys: 0' not in out:
89 fail('Loading dumpfile did not process zero-key principal')
90 out = realm.run([kadminl, 'getpols'])
91 if 'testpol' not in out:
92 fail('Loaded dumpfile missing test policy')
93 dump_compare(realm, opt, srcfile)
95 # Load each format of dump, check it, re-dump it, and compare.
96 load_dump_check_compare(realm, ['-r18'], srcdump_r18)
97 load_dump_check_compare(realm, ['-r13'], srcdump_r13)
98 load_dump_check_compare(realm, ['-b7'], srcdump_b7)
100 # Loading the last (-b7 format) dump won't have loaded the
101 # per-principal kadm data. Load that incrementally with -ov.
102 out = realm.run([kadminl, 'getprinc', 'user'])
103 if 'Policy: [none]' not in out:
104 fail('Loaded b7 dump unexpectedly contains user policy reference')
105 realm.run([kdb5_util, 'load', '-update', '-ov', srcdump_ov])
106 out = realm.run([kadminl, 'getprinc', 'user'])
107 if 'Policy: testpol' not in out:
108 fail('Loading ov dump did not add user policy reference')
110 success('Dump/load tests')