3 ## This work is part of OpenLDAP Software <http://www.openldap.org/>.
5 ## Copyright 1998-2010 The OpenLDAP Foundation.
6 ## All rights reserved.
8 ## Redistribution and use in source and binary forms, with or without
9 ## modification, are permitted only as authorized by the OpenLDAP
12 ## A copy of this license is available in the file LICENSE in the
13 ## top-level directory of the distribution or, alternatively, at
14 ## <http://www.OpenLDAP.org/license.html>.
16 echo "running defines.sh"
17 . $SRCDIR/scripts/defines.sh
19 if test $MEMBEROF = memberofno; then
20 echo "Memberof overlay not available, test skipped"
24 mkdir -p $TESTDIR $DBDIR1 $TESTDIR/confdir
26 $SLAPPASSWD -g -n >$CONFIGPWF
27 echo "rootpw `$SLAPPASSWD -T $CONFIGPWF`" >$TESTDIR/configpw.conf
29 echo "Starting slapd on TCP/IP port $PORT1..."
30 . $CONFFILTER $BACKEND $MONITORDB < $NAKEDCONF > $CONF1
31 $SLAPD -f $CONF1 -F $TESTDIR/confdir -h $URI1 -d $LVL $TIMING > $LOG1 2>&1 &
33 if test $WAIT != 0 ; then
40 for i in 0 1 2 3 4 5; do
41 $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \
42 'objectclass=*' > /dev/null 2>&1
44 if test $RC = 0 ; then
47 echo "Waiting 5 seconds for slapd to start..."
50 if test $RC != 0 ; then
51 echo "ldapsearch failed ($RC)!"
52 test $KILLSERVERS != no && kill -HUP $KILLPIDS
56 cat /dev/null > $TESTOUT
58 if [ "$MEMBEROF" = memberofmod ]; then
59 echo "Inserting memberof overlay on provider..."
60 $LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
61 dn: cn=module,cn=config
62 objectClass: olcModuleList
64 olcModulePath: ../servers/slapd/overlays
65 olcModuleLoad: memberof.la
68 if test $RC != 0 ; then
69 echo "ldapadd failed for moduleLoad ($RC)!"
70 test $KILLSERVERS != no && kill -HUP $KILLPIDS
75 bdbInclude="# " nullExclude=""
77 bdb | hdb) bdbInclude="" ;;
78 null) nullExclude="# " ;;
81 echo "Running ldapadd to build slapd config database..."
82 $LDAPADD -h $LOCALHOST -p $PORT1 -D 'cn=config' -w `cat $CONFIGPWF` \
83 >> $TESTOUT 2>&1 <<EOF
84 dn: cn=symas group example,cn=schema,cn=config
85 objectClass: olcSchemaConfig
86 cn: symas group example
87 olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.1
88 NAME 'memberA' SUP distinguishedName )
89 olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.2
90 NAME 'memberOfA' SUP distinguishedName )
91 olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.3
92 NAME 'memberB' SUP distinguishedName )
93 olcAttributeTypes: ( 1.3.6.1.4.1.4754.31.1.4
94 NAME 'memberOfB' SUP distinguishedName )
95 olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.1
96 NAME 'groupA' SUP top STRUCTURAL MUST cn MAY memberA )
97 olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.2
98 NAME 'groupMemberA' SUP top AUXILIARY MAY memberOfA )
99 olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.3
100 NAME 'groupB' SUP top STRUCTURAL MUST cn MAY memberB )
101 olcObjectClasses: ( 1.3.6.1.4.1.4754.31.2.4
102 NAME 'groupMemberB' SUP top AUXILIARY MAY memberOfB )
104 dn: olcDatabase={1}$BACKEND,cn=config
105 objectClass: olcDatabaseConfig
106 ${nullExclude}objectClass: olc${BACKEND}Config
107 olcDatabase: {1}$BACKEND
109 olcRootDN: cn=Manager,$BASEDN
112 ${nullExclude}olcDbDirectory: $TESTDIR/db.1.a/
113 ${bdbInclude}olcDbCacheSize: 1000
114 ${bdbInclude}olcDbIndex: objectClass eq
115 ${bdbInclude}olcDbIndex: cn pres,eq,sub
116 ${bdbInclude}olcDbIndex: uid pres,eq,sub
117 ${bdbInclude}olcDbIndex: sn pres,eq,sub
118 ${bdbInclude}olcDbMode: 384"
120 dn: olcOverlay={0}memberof,olcDatabase={1}$BACKEND,cn=config
121 objectClass: olcOverlayConfig
122 objectClass: olcMemberOf
123 olcOverlay: {0}memberof
124 olcMemberOfRefInt: TRUE
125 olcMemberOfGroupOC: groupOfNames
126 olcMemberOfMemberAD: member
127 olcMemberOfMemberOfAD: memberOf
129 dn: olcOverlay={1}memberof,olcDatabase={1}$BACKEND,cn=config
130 objectClass: olcOverlayConfig
131 objectClass: olcMemberOf
132 olcOverlay: {1}memberof
133 olcMemberOfRefInt: TRUE
134 olcMemberOfGroupOC: groupA
135 olcMemberOfMemberAD: memberA
136 olcMemberOfMemberOfAD: memberOfA
138 dn: olcOverlay={2}memberof,olcDatabase={1}$BACKEND,cn=config
139 objectClass: olcOverlayConfig
140 objectClass: olcMemberOf
141 olcOverlay: {2}memberof
142 olcMemberOfRefInt: TRUE
143 olcMemberOfGroupOC: groupB
144 olcMemberOfMemberAD: memberB
145 olcMemberOfMemberOfAD: memberOfB
149 if test $RC != 0 ; then
150 echo "ldapadd failed ($RC)!"
151 test $KILLSERVERS != no && kill -HUP $KILLPIDS
155 echo "Running ldapadd to build slapd database..."
156 $LDAPADD -h $LOCALHOST -p $PORT1 \
157 -D "cn=Manager,$BASEDN" -w secret \
158 >> $TESTOUT 2>&1 << EOF
160 objectClass: organization
161 objectClass: dcObject
165 dn: ou=People,$BASEDN
166 objectClass: organizationalUnit
169 dn: ou=Groups,$BASEDN
170 objectClass: organizationalUnit
173 dn: cn=Roger Rabbit,ou=People,$BASEDN
174 objectClass: inetOrgPerson
178 dn: cn=Baby Herman,ou=People,$BASEDN
179 objectClass: inetOrgPerson
183 dn: cn=Cartoonia,ou=Groups,$BASEDN
184 objectClass: groupOfNames
186 member: cn=Roger Rabbit,ou=People,$BASEDN
187 member: cn=Baby Herman,ou=People,$BASEDN
190 if test $RC != 0 ; then
191 echo "ldapadd failed ($RC)!"
192 test $KILLSERVERS != no && kill -HUP $KILLPIDS
196 echo "Search the entire database..."
197 echo "# Search the entire database..." >> $SEARCHOUT
198 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
199 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
201 if test $RC != 0 ; then
202 echo "ldapsearch failed ($RC)!"
203 test $KILLSERVERS != no && kill -HUP $KILLPIDS
207 echo "Running ldapmodify to add a member..."
208 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
209 -D "cn=Manager,$BASEDN" -w secret \
210 >> $TESTOUT 2>&1 << EOF
211 dn: cn=Jessica Rabbit,ou=People,$BASEDN
213 objectClass: inetOrgPerson
217 dn: cn=Cartoonia,ou=Groups,$BASEDN
220 member: cn=Jessica Rabbit,ou=People,$BASEDN
223 echo "Re-search the entire database..."
224 echo "# Re-search the entire database after adding Jessica Rabbit and Cartoonia..." >> $SEARCHOUT
225 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
226 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
228 if test $RC != 0 ; then
229 echo "ldapsearch failed ($RC)!"
230 test $KILLSERVERS != no && kill -HUP $KILLPIDS
234 echo "Running ldapmodify to rename a member..."
235 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
236 -D "cn=Manager,$BASEDN" -w secret \
237 >> $TESTOUT 2>&1 << EOF
238 dn: cn=Baby Herman,ou=People,$BASEDN
240 newrdn: cn=Baby Herman Jr
244 echo "Re-search the entire database..."
245 echo "# Re-search the entire database after renaming Baby Herman..." >> $SEARCHOUT
246 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
247 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
249 if test $RC != 0 ; then
250 echo "ldapsearch failed ($RC)!"
251 test $KILLSERVERS != no && kill -HUP $KILLPIDS
255 echo "Running ldapmodify to rename a group..."
256 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
257 -D "cn=Manager,$BASEDN" -w secret \
258 >> $TESTOUT 2>&1 << EOF
259 dn: cn=Cartoonia,ou=Groups,$BASEDN
265 echo "Re-search the entire database..."
266 echo "# Re-search the entire database after renaming Cartoonia..." >> $SEARCHOUT
267 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
268 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
270 if test $RC != 0 ; then
271 echo "ldapsearch failed ($RC)!"
272 test $KILLSERVERS != no && kill -HUP $KILLPIDS
276 echo "Running ldapmodify to add self..."
277 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
278 -D "cn=Manager,$BASEDN" -w secret \
279 >> $TESTOUT 2>&1 << EOF
280 dn: cn=Toon Town,ou=Groups,$BASEDN
283 member: cn=Toon Town,ou=Groups,$BASEDN
286 echo "Re-search the entire database..."
287 echo "# Re-search the entire database after adding Toon Town to self..." >> $SEARCHOUT
288 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
289 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
291 if test $RC != 0 ; then
292 echo "ldapsearch failed ($RC)!"
293 test $KILLSERVERS != no && kill -HUP $KILLPIDS
297 echo "Running ldapdelete to remove a member..."
298 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
299 -D "cn=Manager,$BASEDN" -w secret \
300 >> $TESTOUT 2>&1 << EOF
301 dn: cn=Baby Herman Jr,ou=People,$BASEDN
305 echo "Re-search the entire database..."
306 echo "# Re-search the entire database after deleting Baby Herman..." >> $SEARCHOUT
307 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
308 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
310 if test $RC != 0 ; then
311 echo "ldapsearch failed ($RC)!"
312 test $KILLSERVERS != no && kill -HUP $KILLPIDS
316 echo "Running ldapdelete to remove a group..."
317 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
318 -D "cn=Manager,$BASEDN" -w secret \
319 >> $TESTOUT 2>&1 << EOF
320 dn: cn=Toon Town,ou=Groups,$BASEDN
324 echo "Re-search the entire database..."
325 echo "# Re-search the entire database after deleting Toon Town..." >> $SEARCHOUT
326 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
327 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
329 if test $RC != 0 ; then
330 echo "ldapsearch failed ($RC)!"
331 test $KILLSERVERS != no && kill -HUP $KILLPIDS
335 echo "Adding groups with MAY member type schemas..."
336 $LDAPMODIFY -h $LOCALHOST -p $PORT1 \
337 -D "cn=Manager,$BASEDN" -w secret \
338 >> $TESTOUT 2>&1 <<EOF
339 dn: cn=Roger Rabbit,ou=People,$BASEDN
342 dn: cn=Jessica Rabbit,ou=People,$BASEDN
345 dn: cn=person1,ou=People,$BASEDN
348 objectClass: groupMemberA
349 objectClass: groupMemberB
353 dn: cn=person2,ou=People,$BASEDN
356 objectClass: groupMemberA
357 objectClass: groupMemberB
361 dn: cn=group1,ou=Groups,$BASEDN
365 memberA: cn=person1,ou=People,$BASEDN
366 memberA: cn=person2,ou=People,$BASEDN
368 dn: cn=group2,ou=Groups,$BASEDN
372 memberB: cn=person1,ou=People,$BASEDN
373 memberB: cn=person2,ou=People,$BASEDN
375 dn: cn=group1,ou=Groups,$BASEDN
381 echo "Re-search the entire database..."
382 echo "# Re-search the entire database after adding groups with MAY member type schemas..." >> $SEARCHOUT
383 $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \
384 '(objectClass=*)' '*' memberOf >> $SEARCHOUT 2>&1
386 if test $RC != 0 ; then
387 echo "ldapsearch failed ($RC)!"
388 test $KILLSERVERS != no && kill -HUP $KILLPIDS
392 test $KILLSERVERS != no && kill -HUP $KILLPIDS
396 echo "Filtering ldapsearch results..."
397 $LDIFFILTER < $SEARCHOUT > $SEARCHFLT
398 echo "Filtering original ldif used to create database..."
399 $LDIFFILTER < $LDIF > $LDIFFLT
400 echo "Comparing filter output..."
401 $CMP $SEARCHFLT $LDIFFLT > $CMPOUT
403 if test $? != 0 ; then
404 echo "Comparison failed"
408 echo ">>>>> Test succeeded"
410 test $KILLSERVERS != no && wait