Test Day:2009-04-30 SSSD

From FedoraProject

Jump to: navigation, search
DATE TIME WHERE
Thu April 30, 2009 From 12:00 to 21:00 UTC (8am -> 5pm EDT) #fedora-qa)

Contents

[edit] What to test?

Today's installment of Fedora Test Day will focus on:

If you come to this page after the test day, your testing of SSSD is still valuable, and you can use the information on this page to test SSSD in your setup and provide feedback. The provided LDAP server may no longer be available, so the steps to test against a private LDAP server should be followed in this case.

[edit] Who's available

The following cast of characters will be available for testing, workarounds, bug fixes, and general discussion ...

[edit] Prerequisites for Test Day

FIXME - subject to change when the LiveCD appears.

[edit] Update your machine

See the instructions on the Rawhide page on the various ways in which you can install or update to Rawhide. Or:

[edit] Live Image

Optionally, you may download a non-destructive rawhide live image for your architecture. Tips on using a live image are available at FedoraLiveCD.

Architecture MD5SUM
i386 022137eeb466410221a3339519a867c7
x86_64 68db3894c1d47dba2ae73330fbd5e409

Creating a LiveUSB of this rawhide image requires the latest version of syslinux, which is currently available in Rawhide and in the latest Windows liveusb-creator. Users of F10 and below can upgrade to the latest syslinux package using

yum --enablerepo=rawhide update syslinux

[edit] How to test?

Before proceeding to the test cases themselves, you need to install and configure sssd. The necessary steps are outlined on the Installation page. If you are using the Test Day live image, the installation steps will be completed for you.

When done, please follow each of these test cases:

[edit] NSS (User identity)

[edit] PAM (User authentication)

[edit] Report your Results

If you have problems with any of the tests, report a bug to Trac. If you are unsure about exactly how to file the report, just ask on IRC and we will help you. Once you have completed the tests, add your results to the Results table below, following the example results from Stephen Gallagher as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, if your system worked correctly, simply enter the word PASS. If you had trouble, enter the word FAIL, as a link to the bug report for the failure. If you could not perform one test (for example, you cannot perform the more advanced tests because the basic one fails, or you cannot perform the private LDAP test as you do not have access to an LDAP server), enter the word N/A. In the comments column, you can enter any short, additional information about your testing environment.

[edit] NSS Tests

User Native Local Legacy Local Remote LDAP Remote Private LDAP Comments
Stephen Gallagher PASS PASS PASS PASS Tests performed on x86_64 LiveCD
Michal Nowak PASS PASS PASS N/A HW
Zbysek MRAZ PASS PASS PASS -
Robert M Williams PASS PASS PASS - LiveCD in VM
James Laska PASS [1] PASS PASS INPROGRESS
  1. 498462 - Cryptic error message when creating a user account, where account name already exists
Simo Sorce PASS PASS PASS - Tests performed on x86_64 LiveCD
Sumit Bose PASS PASS PASS - Tests performed on i386 LiveCD
User Native Local Legacy Local Remote LDAP Remote Private LDAP Comments

[edit] PAM Tests

User Native Local Legacy Local Native LDAP Legacy LDAP Native Private LDAP Legacy Private LDAP Comments
Stephen Gallagher PASS WARN [1] FAIL PASS FAIL PASS Tests performed on x86_64 LiveCD
  1. LiveCD removed pam_cracklib.so from system-auth. Once re-added, the test PASS
Michal Nowak PASS PASS PASS PASS N/A N/A HW
Simo Sorce PASS PASS [1] WARN [2][3] PASS[4] N/A N/A Tests performed on x86_64 LiveCD
  1. See ref 1 from sgallagh
  2. Need to set "TLS_REQCERT never" in /etc/openldap/ldap.conf
  3. Fails offline auth, sssd_pam segfaults
  4. Might be a bit slow to auth when OFFLINE, be patient
James Laska PASS WARN [1]

[2]

PASS [3] FAIL [4] - -
  1. ticket#35 - [sssd[nss]] [nss_cmd_getpwuid_callback] (0): No matching domain found for [4999], fail!
  2. ticket#36 - service sssd stop - results in sssd dead but pid file exists
  3. See ref#1 from User:sgallagh
  4. Unable to pass step#7 using Test Day live image
Sumit Bose PASS WARN [1] PASS [2] - - -
  1. instead of adding pam_cracklib, you can remove the pam_unix option 'use_authtok' to make passwd work
  2. add CA cert [1] to /etc/openldap/cacerts
User Native Local Legacy Local Native LDAP Legacy LDAP Native Private LDAP Legacy Private LDAP Comments