From Fedora Project Wiki

m (Update date)
m (Updated bug numbers provided by sgallagh)
(32 intermediate revisions by 9 users not shown)
Line 16: Line 16:


The following cast of characters will be available testing, workarounds, bug fixes, and general discussion...
The following cast of characters will be available testing, workarounds, bug fixes, and general discussion...
* Development - [[User:sgallagh|Stephen Gallagher]], [[User:simo|Simo Sorce]]
* Development - [[User:sgallagh|Stephen Gallagher]], [[User:simo|Simo Sorce]], [[User:tmraz|Tomas Mraz]]
* Quality Assurance - [[User:jgalipea]], [[User:zmraz]], [[User:mmalik]]
* Quality Assurance - [[User:jgalipea]], [[User:zmraz]], [[User:gowrishankar]]
* Design - [[User:duffy|Máirín Duffy]]


== What's needed to test ==
== What's needed to test ==
* A system with a network connection
* A system with a network connection
* [[Releases/Rawhide|Rawhide]] (tips on installing Rawhide below), or a [http://alt.fedoraproject.org/pub/alt/nightly-composes/desktop/ nightly live image] with {{package|sssd}} installed
* [[Releases/Branched|Fedora 13 (Branched)]] (tips on installing Branched below) with at least {{package|sssd|sssd-1.1.0-2.fc13}} and {{package|authconfig|authconfig-6.1.2-1.fc13}} installed, or a [http://jlaska.fedorapeople.org/sssd/ SSSD live image]


== How to test? ==
== How to test? ==
Before executing the test cases, you need to install and configure sssd. The necessary steps are outlined on the [http://fedorahosted.org/sssd/wiki/Fedora_11_Test_Day/Installation SSSD installation page].  If you are using the Test Day live image, the installation steps will be completed for you.


=== '''Update your machine''' ===
=== '''Update your machine''' ===


See the instructions on the [[Releases/Rawhide|Rawhide]] page on the various ways in which you can install or update to Rawhide. Or:
See the instructions on the [[Releases/Branched|Branched]] page on the various ways in which you can install or update to the Branched release.  Be sure you are testing with at least [https://admin.fedoraproject.org/updates/authconfig-6.1.2-1.fc13 authconfig-6.1.2-1.fc13] and [https://admin.fedoraproject.org/updates/sssd-1.1.0-2.fc13 sssd-1.1.0-2.fc13].  To install the latest {{package|authconfig}}, type: <code> yum --enablerepo=updates-testing update authconfig sssd</code>


=== '''Live image''' ===
=== '''Live image''' ===


Optionally, you may download a non-destructive Rawhide live image for your architecture. Tips on using a live image are available at [[FedoraLiveCD]].  Live images can be found [http://alt.fedoraproject.org/pub/alt/nightly-composes/desktop/ here]. Make sure to install the {{package|sssd}} package after booting the live image.
Optionally, you may download a non-destructive Rawhide live image for your architecture. Tips on using a live image are available at [[FedoraLiveCD]].  Live images with the latest {{package|authconfig}} and {{package|sssd}} packages can be found [http://jlaska.fedorapeople.org/sssd/ here].


=== Test ===
=== Test ===
Line 44: Line 43:
* [[QA:Testcase_SSSD_LDAP_Identity_and_Kerberos_Authentication]]
* [[QA:Testcase_SSSD_LDAP_Identity_and_Kerberos_Authentication]]


If you do not have a local LDAP or kerberos server, an LDAP and kerberos server are provided for the test day.
{{admon/tip|Don't have an LDAP or kerberos server?|If you do not have a local LDAP or kerberos server to test with, you can still participate.  An LDAP and kerberos server are provided during the test day.  However, if you are visiting this page well after the test day, the following information may no longer apply.
* Public Certificate URL - http://jlaska.fedorapeople.org/sssd/cacert.asc
* Public Certificate URL - http://jlaska.fedorapeople.org/sssd/cacert.asc
* Available user accounts: <code>sssdtest10001</code> ... <code>sssdtest10100</code>
* Available user accounts: <code>sssdtest10001</code> ... <code>sssdtest10100</code>
Line 50: Line 49:
* LDAP server information
* LDAP server information
** Default user password: <code>sssdtest</code>
** Default user password: <code>sssdtest</code>
** <code>ldap_uri = ldap://publictest9.fedoraproject.org</code>
** <code>ldap_uri {{=}} ldap://publictest9.fedoraproject.org</code>
** <code>ldap_search_base = dc=fedoraproject,dc=org</code>
** <code>ldap_search_base {{=}} dc{{=}}fedoraproject,dc{{=}}org</code>
* Kerberos server information
* Kerberos server information
** Default user password: <code>sssdkrb5</code>
** Default user password: <code>sssdkrb5</code>
** <code>krb5_realm = SSSD.FEDORAPROJECT.ORG</code>
** <code>krb5_realm {{=}} SSSD.FEDORAPROJECT.ORG</code>
** <code>krb5_kdcip = publictest9.fedoraproject.org:88</code>
** <code>krb5_kdcip {{=}} publictest9.fedoraproject.org:88</code>
** <code>krb5_kpasswd = publictest9.fedoraproject.org:749</code>
** <code>krb5_kpasswd {{=}} publictest9.fedoraproject.org:749</code>
}}


 
=== Report your Results ===
<!--
Run the following tests:
# Preparing firstboot, reboot {{command|rm -f /etc/sysconfig/firstboot && chkconfig firstboot on}}
# In the user config, select ''network'' to start authconfig-gtk
# Login to the desktop (or console)
# Run several commands (getent, ssh $USER@localhost ...)
# Unplug network and login again
# Run several commands (getent, ssh $USER@localhost ...)
-->
 
== Report your Results ==


If you have problems with any of the tests, report a bug to [https://fedorahosted.org/sssd/report Trac]. If you are unsure about exactly how to file the report, just ask on IRC and we will help you. Once you have completed the tests, add your results to the Results table below, following the example results from James Laska as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, if your system worked correctly, simply enter the word <code>PASS</code>. If you had trouble, enter the word  <code>FAIL</code>, with a link to the bug report for the failure. If you could not perform one test (for example, you cannot perform the more advanced tests because the basic one fails, or you cannot perform the private LDAP test as you do not have access to an LDAP server), enter the word N/A. In the comments column, you can enter any short, additional information about your testing environment.
If you have problems with any of the tests, report a bug to [https://fedorahosted.org/sssd/report Trac]. If you are unsure about exactly how to file the report, just ask on IRC and we will help you. Once you have completed the tests, add your results to the Results table below, following the example results from James Laska as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, if your system worked correctly, simply enter the word <code>PASS</code>. If you had trouble, enter the word  <code>FAIL</code>, with a link to the bug report for the failure. If you could not perform one test (for example, you cannot perform the more advanced tests because the basic one fails, or you cannot perform the private LDAP test as you do not have access to an LDAP server), enter the word N/A. In the comments column, you can enter any short, additional information about your testing environment.


== Test Results ==
{|
{|
! User  
! User  
Line 80: Line 70:
! [[QA:Testcase_SSSD_LDAP_Identity_and_Kerberos_Authentication|LDAP/Kerberos]]
! [[QA:Testcase_SSSD_LDAP_Identity_and_Kerberos_Authentication|LDAP/Kerberos]]
! Comments
! Comments
|-
| [[User:Sample User|Sample User]]
| {{result|none}}
| {{result|pass}}
| {{result|warn}} <ref>Test pass, but also encountered {{bz|54321}}</ref>
| {{result|fail}} <ref>{{bz|12345}}</ref>
| <references/>
|-
|-
| [[User:James Laska|jlaska]]
| [[User:James Laska|jlaska]]
| {{result|pass}}
| {{result|pass}}
| {{result|fail}} <ref> Need to fix test case instructions, <code>ldaps://</code> didn't work without certificate</ref> <ref>{{bz|578219}} - Configuring ldaps:// + cacert does not run cacert_rehash on downloaded certificate</ref><ref>Workaround for bug#578219 - change to tty2 and manually run {{command|cacert_rehash /etc/openldap/cacerts}}, then restart sssd</ref> <ref>{{bz|578303}} - SSSD users cannot log in through GDM</ref>
| {{result|warn}} <ref>{{bz|578311}} - authconfig doesn't remember "[X] Use TLS to encrypt connection" setting</ref>
| {{result|none}}
| <references/>
|-
| [[User:liam|liam]]
| {{result|fail}}<ref>Get "unknow error" box when change password{{bz|578124}}</ref>
| {{result|none}}
| {{result|none}}
| {{result|none}}
| <references/>
|-
| [[User:Gowrishankar Rajaiyan|shanks]]
| {{result|pass}}
| {{result|fail}}<ref> requires a signed certificate in /etc/openldap/cacerts</ref>
| {{result|pass}}
| {{result|warn}}<ref> Unable to change password. "System is offline, password change not possible. passwd: Authentication token manipulation error" message displayed.</ref>
| <references/>
|-
| [[User:duffy|duffy]]
| {{result|none}}
| {{result|warn}} <ref>{{bz|578231}} - Add checkbox 'Allow authentication via self-signed certificates'</ref>
| {{result|none}}
| {{result|none}}
| <references/>
|-
| [[User:sgallagh|Stephen Gallagher]]
| {{result|warn}} <ref>There were issues with the livecd related to setting up local users. After installing the livecd on disk, everything worked as expected.</ref> <ref>{{bz|577263}}  - Changing authentication providers crashes authconfig</ref>
| {{result|none}}
| {{result|none}}
| {{result|none}}
| <references/>
|-
| [[User:delhage|Lars Delhage]]
| {{result|pass}}
| {{result|none}}
| {{result|none}}
| {{result|warn}} <ref>Make sure your network users use UID:s > 1000, or change min_id in /etc/sssd/sssd.conf. Works fine otherwise.</ref><ref>Couldn't test password changes, because kpasswd service was not available on the server</ref>
| <references/>
|-
| [[User:sbose|Sumit Bose]]
| {{result|none}}
| {{result|none}}
| {{result|pass}} <ref>Used console login instead of GDM.</ref>
| {{result|pass}} <ref>Used console login instead of GDM. Couldn't test password changes, because kpasswd service was not available on the server</ref>
| <references/>
|-
| [[User:rhe|He Rui]]
| {{result|pass}}
| {{result|pass}}
| {{result|warn}} <ref>Test pass, but also encountered {{bz|54321}}</ref>
| {{result|fail}}<ref>couldn't update ICEauthority file /home/sssdtest10005/.ICEauthority. There is a problem with the configuration server.
| {{result|fail}} <ref>{{bz|12345}}</ref>
(/usr/libexec/gconf-sanity-check-2 exited with status 256)
</ref>
| {{result|fail}}
| {{result|fail}}
| <references/>
|-
| [[User:orion|orion]]
| {{result|none}}
| {{result|none}}
| {{result|none}} <ref>{{bz|578325}} - authconfig uses sss for automount</ref>  
| {{result|none}}
| <references/>
| <references/>
|-
|-

Revision as of 15:31, 8 April 2010

DATE TIME WHERE
Tuesday March 30, 2010 ALL DAY #fedora-test-day (webirc)

What to test?

Today's installment of Fedora Test Day will focus on SSSD by default

If you come to this page after the test day is completed, your testing is still valuable, and you can use the information on this page to test with your system and provide feedback.

Who's available

The following cast of characters will be available testing, workarounds, bug fixes, and general discussion...

What's needed to test

How to test?

Update your machine

See the instructions on the Branched page on the various ways in which you can install or update to the Branched release. Be sure you are testing with at least authconfig-6.1.2-1.fc13 and sssd-1.1.0-2.fc13. To install the latest Package-x-generic-16.pngauthconfig, type: yum --enablerepo=updates-testing update authconfig sssd

Live image

Optionally, you may download a non-destructive Rawhide live image for your architecture. Tips on using a live image are available at FedoraLiveCD. Live images with the latest Package-x-generic-16.pngauthconfig and Package-x-generic-16.pngsssd packages can be found here.

Test

When ready, please follow each of these test cases:

Idea.png
Don't have an LDAP or kerberos server?
If you do not have a local LDAP or kerberos server to test with, you can still participate. An LDAP and kerberos server are provided during the test day. However, if you are visiting this page well after the test day, the following information may no longer apply.
  • Public Certificate URL - http://jlaska.fedorapeople.org/sssd/cacert.asc
  • Available user accounts: sssdtest10001 ... sssdtest10100
  • Available groups: sssdgroup20001 ... sssdgroup20100
  • LDAP server information
    • Default user password: sssdtest
    • ldap_uri = ldap://publictest9.fedoraproject.org
    • ldap_search_base = dc=fedoraproject,dc=org
  • Kerberos server information
    • Default user password: sssdkrb5
    • krb5_realm = SSSD.FEDORAPROJECT.ORG
    • krb5_kdcip = publictest9.fedoraproject.org:88
    • krb5_kpasswd = publictest9.fedoraproject.org:749

Report your Results

If you have problems with any of the tests, report a bug to Trac. If you are unsure about exactly how to file the report, just ask on IRC and we will help you. Once you have completed the tests, add your results to the Results table below, following the example results from James Laska as a template. The first column should be your name with a link to your User page in the Wiki if you have one. For each test case, if your system worked correctly, simply enter the word PASS. If you had trouble, enter the word FAIL, with a link to the bug report for the failure. If you could not perform one test (for example, you cannot perform the more advanced tests because the basic one fails, or you cannot perform the private LDAP test as you do not have access to an LDAP server), enter the word N/A. In the comments column, you can enter any short, additional information about your testing environment.

Test Results

User local/local LDAP/LDAP LDAP/LDAP TLS LDAP/Kerberos Comments
Sample User
none
Pass pass
Warning warn
[1]
Fail fail
[2]
  1. Test pass, but also encountered RHBZ #54321
  2. RHBZ #12345
jlaska
Pass pass
Fail fail
[1] [2][3] [4]
Warning warn
[5]
none
  1. Need to fix test case instructions, ldaps:// didn't work without certificate
  2. RHBZ #578219 - Configuring ldaps:// + cacert does not run cacert_rehash on downloaded certificate
  3. Workaround for bug#578219 - change to tty2 and manually run cacert_rehash /etc/openldap/cacerts, then restart sssd
  4. RHBZ #578303 - SSSD users cannot log in through GDM
  5. RHBZ #578311 - authconfig doesn't remember "[X] Use TLS to encrypt connection" setting
liam
Fail fail
[1]
none
none
none
  1. Get "unknow error" box when change passwordRHBZ #578124
shanks
Pass pass
Fail fail
[1]
Pass pass
Warning warn
[2]
  1. requires a signed certificate in /etc/openldap/cacerts
  2. Unable to change password. "System is offline, password change not possible. passwd: Authentication token manipulation error" message displayed.
duffy
none
Warning warn
[1]
none
none
  1. RHBZ #578231 - Add checkbox 'Allow authentication via self-signed certificates'
Stephen Gallagher
Warning warn
[1] [2]
none
none
none
  1. There were issues with the livecd related to setting up local users. After installing the livecd on disk, everything worked as expected.
  2. RHBZ #577263 - Changing authentication providers crashes authconfig
Lars Delhage
Pass pass
none
none
Warning warn
[1][2]
  1. Make sure your network users use UID:s > 1000, or change min_id in /etc/sssd/sssd.conf. Works fine otherwise.
  2. Couldn't test password changes, because kpasswd service was not available on the server
Sumit Bose
none
none
Pass pass
[1]
Pass pass
[2]
  1. Used console login instead of GDM.
  2. Used console login instead of GDM. Couldn't test password changes, because kpasswd service was not available on the server
He Rui
Pass pass
Fail fail
[1]
Fail fail
Fail fail
  1. couldn't update ICEauthority file /home/sssdtest10005/.ICEauthority. There is a problem with the configuration server. (/usr/libexec/gconf-sanity-check-2 exited with status 256)
orion
none
none
none
[1]
none
  1. RHBZ #578325 - authconfig uses sss for automount
User local/local LDAP/LDAP LDAP/LDAP TLS LDAP/Kerberos Comments