From: Pierangelo Masarati Date: Thu, 15 Dec 2005 17:34:43 +0000 (+0000) Subject: everything works without any need for changes in syncrepl code; only modifications... X-Git-Tag: OPENLDAP_REL_ENG_2_4_BP~595 X-Git-Url: https://git.sur5r.net/?a=commitdiff_plain;h=5395a9443274252942e216b6373f6f7c8a7975e5;p=openldap everything works without any need for changes in syncrepl code; only modifications when the remote consumer is down fail, but I'll track that later (back to work...) --- diff --git a/tests/data/slapd-repl-slave-remote.conf b/tests/data/slapd-repl-slave-remote.conf new file mode 100644 index 0000000000..1f2badf626 --- /dev/null +++ b/tests/data/slapd-repl-slave-remote.conf @@ -0,0 +1,76 @@ +# slave slapd config -- for testing of replication +# $OpenLDAP$ +## This work is part of OpenLDAP Software . +## +## Copyright 1998-2005 The OpenLDAP Foundation. +## All rights reserved. +## +## Redistribution and use in source and binary forms, with or without +## modification, are permitted only as authorized by the OpenLDAP +## Public License. +## +## A copy of this license is available in the file LICENSE in the +## top-level directory of the distribution or, alternatively, at +## . + +include @SCHEMADIR@/core.schema +include @SCHEMADIR@/cosine.schema +include @SCHEMADIR@/inetorgperson.schema +include @SCHEMADIR@/openldap.schema +include @SCHEMADIR@/nis.schema +# +pidfile @TESTDIR@/slapd.2.pid +argsfile @TESTDIR@/slapd.2.args + +#mod#modulepath ../servers/slapd/back-@BACKEND@/ +#mod#moduleload back_@BACKEND@.la +#monitormod#modulepath ../servers/slapd/back-monitor/ +#monitormod#moduleload back_monitor.la +#ldapmod#modulepath ../servers/slapd/back-ldap/ +#ldapmod#moduleload back_ldap.la + +#ldapyes#overlay chain +#ldapyes#chain-uri @URI1@ +#ldapyes#chain-idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self +#ldapmod#overlay chain +#ldapmod#chain-uri @URI1@ +#ldapmod#chain-idassert-bind bindmethod=simple binddn="cn=Manager,dc=example,dc=com" credentials=secret mode=self + +####################################################################### +# database definitions +####################################################################### + +access to * + by * read + +database @BACKEND@ +#ldbm#cachesize 0 +suffix "dc=example,dc=com" +directory @TESTDIR@/db.2.a +rootdn "cn=Replica,dc=example,dc=com" +rootpw secret +# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply +# whithout the need to write the UpdateDN before starting replication +updatedn "cn=Monitor" +updateref @URI1@ +#bdb#index objectClass eq +#bdb#index cn,sn,uid pres,eq,sub +#bdb#index entryUUID pres,eq +#hdb#index objectClass eq +#hdb#index cn,sn,uid pres,eq,sub +#hdb#index entryUUID pres,eq + +# Need to strip hasSubordinates from internal searches otherwise +# syncrepl will try to delete it, since syncprov is not sending +# it because it's generated +access to dn.subtree="dc=example,dc=com" attrs=hasSubordinates + by dn.exact="cn=Monitor" none + by * read + +access to dn.subtree="dc=example,dc=com" + by dn.exact="cn=Monitor" write + by * read + +#monitor#database monitor +#monitor#rootdn "cn=Monitor" +#monitor#rootpw monitor diff --git a/tests/data/slapd-syncrepl-slave-persist-ldap.conf b/tests/data/slapd-syncrepl-slave-persist-ldap.conf index e3beda58bd..f94fcd7c33 100644 --- a/tests/data/slapd-syncrepl-slave-persist-ldap.conf +++ b/tests/data/slapd-syncrepl-slave-persist-ldap.conf @@ -36,15 +36,21 @@ argsfile @TESTDIR@/slapd.3.args ####################################################################### database ldap -#restrict all +restrict all suffix "dc=example,dc=com" -rootdn "cn=Replica,dc=example,dc=com" +rootdn "cn=Whoever" uri @URI2@ + +# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply +# whithout the need to write the UpdateDN before starting replication acl-bind bindmethod=simple - binddn="cn=Replica,dc=example,dc=com" - credentials=secret + binddn="cn=Monitor" + credentials=monitor # Don't change syncrepl spec yet + +# HACK: use the RootDN of the monitor database as UpdateDN so ACLs apply +# whithout the need to write the UpdateDN before starting replication syncrepl rid=1 provider=@URI1@ binddn="cn=Manager,dc=example,dc=com" diff --git a/tests/scripts/defines.sh b/tests/scripts/defines.sh index 0f45229c48..035d9e71dd 100755 --- a/tests/scripts/defines.sh +++ b/tests/scripts/defines.sh @@ -104,6 +104,7 @@ GLUELDAPCONF=$DATADIR/slapd-glue-ldap.conf ACICONF=$DATADIR/slapd-aci.conf VALSORTCONF=$DATADIR/slapd-valsort.conf DYNLISTCONF=$DATADIR/slapd-dynlist.conf +RSLAVECONF=$DATADIR/slapd-repl-slave-remote.conf PLSRSLAVECONF=$DATADIR/slapd-syncrepl-slave-persist-ldap.conf CONF1=$TESTDIR/slapd.1.conf diff --git a/tests/scripts/test045-syncreplication-proxied b/tests/scripts/test045-syncreplication-proxied index 6d2be1e1fb..85bd1622bd 100755 --- a/tests/scripts/test045-syncreplication-proxied +++ b/tests/scripts/test045-syncreplication-proxied @@ -36,6 +36,11 @@ if test $SYNCPROV = syncprovno; then exit 0 fi +if test $MONITORDB = no; then + echo "Monitor backend not available, test skipped" + exit 0 +fi + mkdir -p $TESTDIR $DBDIR1 $DBDIR2 # @@ -63,7 +68,7 @@ sleep 1 echo "Using ldapsearch to check that master slapd is running..." for i in 0 1 2 3 4 5; do $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > /dev/null 2>&1 + '(objectClass=*)' > /dev/null 2>&1 RC=$? if test $RC = 0 ; then break @@ -89,7 +94,7 @@ if test $RC != 0 ; then fi echo "Starting slave slapd on TCP/IP port $PORT2..." -. $CONFFILTER $BACKEND $MONITORDB < $SLAVECONF > $CONF2 +. $CONFFILTER $BACKEND $MONITORDB < $RSLAVECONF > $CONF2 $SLAPD -f $CONF2 -h $URI2 -d $LVL $TIMING > $LOG2 2>&1 & SLAVEPID=$! if test $WAIT != 0 ; then @@ -103,7 +108,7 @@ sleep 1 echo "Using ldapsearch to check that slave slapd is running..." for i in 0 1 2 3 4 5; do $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > /dev/null 2>&1 + '(objectClass=*)' > /dev/null 2>&1 RC=$? if test $RC = 0 ; then break @@ -133,7 +138,7 @@ sleep 1 echo "Using ldapsearch to check that proxy slapd is running..." for i in 0 1 2 3 4 5; do $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT3 \ - 'objectclass=*' > /dev/null 2>&1 + '(objectClass=*)' > /dev/null 2>&1 RC=$? if test $RC = 0 ; then break @@ -164,7 +169,7 @@ sleep 15 # first check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -175,7 +180,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then @@ -215,7 +220,7 @@ sleep 1 echo "Using ldapsearch to check that master slapd is running..." for i in 0 1 2 3 4 5; do $LDAPSEARCH -s base -b "$MONITOR" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > /dev/null 2>&1 + '(objectClass=*)' > /dev/null 2>&1 RC=$? if test $RC = 0 ; then break @@ -323,7 +328,7 @@ sleep 15 # second check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -334,7 +339,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then @@ -373,9 +378,16 @@ dn: cn=James T. Kirk, ou=Retired, ou=People, dc=example,dc=com changetype: add objectclass: OpenLDAPperson sn: Kirk -uid: jkirk +uid: jtk cn: James T. Kirk +dn: cn=Tiberius J. Hooker, ou=Retired, ou=People, dc=example,dc=com +changetype: add +objectclass: OpenLDAPperson +sn: Hooker +uid: tjh +cn: Tiberius J. Hooker + EOMODS echo "Restarting proxy..." @@ -394,7 +406,7 @@ sleep 25 # third check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -405,7 +417,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then @@ -454,7 +466,7 @@ fi # fourth check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -465,7 +477,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then @@ -518,7 +530,7 @@ sleep 25 # fifth check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -529,7 +541,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then @@ -556,7 +568,7 @@ fi # # Modifications known to fail # - +echo "(DEVEL) Performing modifications that are known to fail..." $LDAPMODIFY -v -D "$MANAGERDN" -h $LOCALHOST -p $PORT1 -w $PASSWD > \ $TESTOUT 2>&1 << EOMODS # First, back out previous change @@ -565,7 +577,7 @@ changetype: modify delete: drink drink: Mad Dog 20/20 -# From now on, place modifications that are known to fail +# From now on, perform modifications that are known to fail dn: cn=All Staff,ou=Groups,dc=example,dc=com changetype: modify delete: description @@ -585,7 +597,7 @@ sleep 15 # sixth check #echo "Using ldapsearch to read all the entries from the master..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT1 \ - 'objectclass=*' > $MASTEROUT 2>&1 + '(objectClass=*)' > $MASTEROUT 2>&1 RC=$? if test $RC != 0 ; then @@ -596,7 +608,7 @@ fi #echo "Using ldapsearch to read all the entries from the slave..." $LDAPSEARCH -S "" -b "$BASEDN" -h $LOCALHOST -p $PORT2 \ - 'objectclass=*' > $SLAVEOUT 2>&1 + '(objectClass=*)' > $SLAVEOUT 2>&1 RC=$? if test $RC != 0 ; then