qa/832

   1 #!/bin/sh
   2 # PCP QA Test No. 832
   3 # Exercise enforced-authentication modes for pmcd.
   4 #
   5 # Copyright (c) 2013 Red Hat.
   6 #
   7
   8 seq=`basename $0`
   9 echo "QA output created by $seq"
  10
  11 # get standard environment, filters and checks
  12 . ./common.product
  13 . ./common.filter
  14 . ./common.check
  15
  16 _get_libpcp_config
  17 $unix_domain_sockets || _notrun "No unix domain socket support available"
  18 $authentication || _notrun "No authentication support available"
  19 for helper in pluginviewer; do
  20     which $helper >/dev/null 2>&1 || _notrun "SASL $helper tool unavailable"
  21 done
  22 pluginviewer -c | grep 'Plugin "plain"' >/dev/null 2>&1
  23 test $? -eq 0 || _notrun 'No client support for plain authentication'
  24 pluginviewer -s | grep 'Plugin "plain"' >/dev/null 2>&1
  25 test $? -eq 0 || _notrun 'No server support for plain authentication'
  26
  27 export PCP_CONSOLE=none
  28
  29 cleanup()
  30 {
  31     # restore any modified pmcd configuration files
  32     _restore_config $PCP_PMCDOPTIONS_PATH
  33     _restore_config $PCP_SASLCONF_DIR/pmcd.conf
  34
  35     $sudo $PCP_RC_DIR/pcp restart 2>&1 | _filter_pcp_stop | _filter_pcp_start
  36     _wait_for_pmcd
  37     _wait_for_pmlogger
  38
  39     rm -rf $tmp.*
  40 }
  41
  42 status=1        # failure is the default!
  43 $sudo rm -rf $tmp.* $seq.full
  44 trap "cleanup; exit \$status" 0 1 2 3 15
  45
  46 # Handle these spurious lines from deep inside SASL code ...
  47 #
  48 # [Mon Mar  2 17:58:40] pmcd_wait(16622) Alert: Parameter Error in ../plugins/plugin_common.c near line 357
  49 #
  50 _filter()
  51 {
  52     sed \
  53         -e 's/\[[^]]*] .* Alert: Parameter Error .* line [0-9][0-9]*//' \
  54         -e '/^[         ]*$/d' \
  55     # end
  56 }
  57
  58 # real QA test starts here
  59 _save_config $PCP_SASLCONF_DIR/pmcd.conf
  60 echo 'mech_list: plain' > $tmp.sasl
  61 $sudo cp $tmp.sasl $PCP_SASLCONF_DIR/pmcd.conf
  62
  63 _save_config $PCP_PMCDOPTIONS_PATH
  64 cat <<End-Of-File >$tmp.options
  65 # Dummy lines added by PCP QA test $seq
  66 #
  67 -S
  68 End-Of-File
  69 $sudo cp $tmp.options $PCP_PMCDOPTIONS_PATH
  70
  71 echo "Start pmcd with modified \$PCP_PMCDOPTIONS_PATH (pmcd.options)" | tee -a $seq.full
  72 cat $PCP_PMCDOPTIONS_PATH >>$seq.full
  73 $sudo $PCP_RC_DIR/pmcd stop 2>&1 | tee -a $seq.full >$tmp.out
  74 $sudo $PCP_RC_DIR/pmcd start 2>&1 | tee -a $seq.full >$tmp.out
  75 _wait_for_pmcd 10 unix: 2>&1 | tee -a $seq.full | _filter
  76 grep -i 'starting pmcd' $tmp.out \
  77 | _filter \
  78 | sed -e "s/$$/MYPID/" \
  79 | _filter_pcp_start
  80
  81 # should now be running in enforced-credentials mode, check it out.
  82 # unix domain access should always succeed - no matter how binaries
  83 # were configured/built
  84
  85 echo "testing secure mode access via unix domain socket (PASS)"
  86 pmstore -h unix: sample.write_me 1      # store PDU
  87 pmprobe -h unix: -v sample.write_me     # fetch PDU
  88 pminfo -th unix: sample.write_me        # text PDU
  89 pminfo -dh unix: sample.write_me        # desc PDU
  90 echo
  91
  92 echo "testing secure mode access attempt via inet socket (FAIL)"
  93 pmstore -h localhost sample.write_me 2  2>&1 | _filter
  94 pmprobe -h localhost -v sample.write_me 2>&1 | _filter
  95 pminfo -th localhost sample.write_me    2>&1 | _filter
  96 pminfo -dh localhost sample.write_me    2>&1 | _filter
  97 echo
  98
  99 # success, all done
 100 status=0
 101 exit