See <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/112/display/redirect> ------------------------------------------ [...truncated 5593 lines...] /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:195: in add_ext_s resp_type, resp_data, resp_msgid, resp_ctrls = self.result3(msgid,all=1,timeout=self.timeout) <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:514: in result3 resp_ctrl_classes=resp_ctrl_classes <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:521: in result4 ldap_result = self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop) <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <lib389.DirSrv object at 0x7f8e2c634bd0> func = <built-in method result4 of LDAP object at 0x7f8e2dad7710> args = (15, 1, -1, 0, 0, 0), kwargs = {}, diagnostic_message_success = None e = INSUFFICIENT_ACCESS({'\''info'\'': "Insufficient '\''add'\'' privilege to the '\''userPassword'\'' attribute", '\''desc'\'': '\''Insufficient access'\''},) def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % ( repr(self), self._uri, '\''.'\''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try: > result = func(*args,**kwargs) E INSUFFICIENT_ACCESS: {'\''info'\'': "Insufficient '\''add'\'' privilege to the '\''userPassword'\'' attribute", '\''desc'\'': '\''Insufficient access'\''} /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: INSUFFICIENT_ACCESS ----------------------------- Captured stderr call ----------------------------- INFO:lib389.utils:Account should be inactivated since the subtree is configured INFO:lib389.utils:add_users: Pass all of these as parameters suffix, subtree, userid and nousrs ______________________________ test_modify_entry _______________________________ topo_m4 = <lib389.topologies.TopologyMain object at 0x7f8e284b6050> test_entry = None def test_modify_entry(topo_m4, test_entry): """Check that entries are replicated after modify operation :id: 36764053-622c-43c2-a132-d7a3ab7d9aaa :setup: Four masters replication setup, an entry :steps: 1. Modify the entry on master1 - add attribute 2. Wait for replication to happen 3. Check entry on all other masters 4. Modify the entry on master1 - replace attribute 5. Wait for replication to happen 6. Check entry on all other masters 7. Modify the entry on master1 - delete attribute 8. Wait for replication to happen 9. Check entry on all other masters :expectedresults: 1. Attribute should be successfully added 2. Some time should pass 3. The change should be present on all masters 4. Attribute should be successfully replaced 5. Some time should pass 6. The change should be present on all masters 4. Attribute should be successfully deleted 8. Some time should pass 9. The change should be present on all masters """ log.info('\''Modifying entry {} - add operation'\''.format(TEST_ENTRY_DN)) test_user = UserAccount(topo_m4.ms["master1"], TEST_ENTRY_DN) test_user.add('\''mail'\'', '\''{}@redhat.com'\''.format(TEST_ENTRY_NAME)) time.sleep(1) > all_user = topo_m4.all_get_dsldapobject(TEST_ENTRY_DN, UserAccount) E AttributeError: '\''TopologyMain'\'' object has no attribute '\''all_get_dsldapobject'\'' <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/replication/acceptance_test.py>:133: AttributeError ---------------------------- Captured stderr setup ----------------------------- INFO:dirsrvtests.tests.suites.replication.acceptance_test:Adding entry uid=mmrepl_test,dc=example,dc=com INFO:dirsrvtests.tests.suites.replication.acceptance_test:Deleting entry uid=mmrepl_test,dc=example,dc=com ----------------------------- Captured stderr call ----------------------------- INFO:dirsrvtests.tests.suites.replication.acceptance_test:Modifying entry uid=mmrepl_test,dc=example,dc=com - add operation ______________________________ test_basic_feature ______________________________ topology_st = <lib389.topologies.TopologyMain object at 0x7f8e2c2a49d0> def test_basic_feature(topology_st): """Check basic SASL functionality for PLAIN mechanism :id: 75ddc6fa-aa5a-4025-9c71-1abad20c91fc :setup: Standalone instance :steps: 1. Stop the instance 2. Clean up confdir from previous cert and key files 3. Create RSA files: CA, key and cert 4. Start the instance 5. Create RSA entry 6. Set nsslapd-secureport to 636 and nsslapd-security to '\''on'\'' 7. Restart the instance 8. Create a user 9. Check we can bind 10. Check that PLAIN is listed in supported mechs 11. Set up Plain SASL credentials 12. Try to open a connection without TLS 13. Try to open a connection with TLS 14. Try to open a connection with a wrong password :expectedresults: 1. The instance should stop 2. Confdir should be clean 3. RSA files should be created 4. The instance should start 5. RSA entry should be created 6. nsslapd-secureport and nsslapd-security should be set successfully 7. The instance should be restarted 8. User should be created 9. Bind should be successful 10. PLAIN should be listed in supported mechs 11. Plain SASL should be successfully set 12. AUTH_UNKNOWN exception should be raised 13. The connection should open 14. INVALID_CREDENTIALS exception should be raised """ standalone = topology_st.standalone # SETUP TLS standalone.stop() # Prepare SSL but don'\''t enable it. for f in ('\''key3.db'\'', '\''cert8.db'\'', '\''key4.db'\'', '\''cert9.db'\'', '\''secmod.db'\'', '\''pkcs11.txt'\''): try: os.remove("%s/%s" % (standalone.confdir, f)) except: pass assert(standalone.nss_ssl.reinit() is True) assert(standalone.nss_ssl.create_rsa_ca() is True) assert(standalone.nss_ssl.create_rsa_key_and_cert() is True) # Start again standalone.start() standalone.rsa.create() # Set the secure port and nsslapd-security # Could this fail with selinux? standalone.config.set('\''nsslapd-secureport'\'', str(DEFAULT_SECURE_PORT)) standalone.config.set('\''nsslapd-security'\'', '\''on'\'') # Do we need to restart to allow starttls? standalone.restart() # Create a user sas = ServiceAccounts(standalone, DEFAULT_SUFFIX) sas._basedn = DEFAULT_SUFFIX sa = sas.create(properties={'\''cn'\'': '\''testaccount'\'', '\''userPassword'\'': '\''password'\''}) # Check we can bind. This will raise exceptions if it fails. sa.bind('\''password'\'') # Check that PLAIN is listed in supported mechns. assert(standalone.rootdse.supports_sasl_plain()) # The sasl parameters don'\''t change, so set them up now. # Do we need the sasl map dn:? auth_tokens = PlainSASL("dn:%s" % sa.dn, '\''password'\'') # Check that it fails without TLS with pytest.raises(ldap.AUTH_UNKNOWN): standalone.openConnection(saslmethod='\''PLAIN'\'', sasltoken=auth_tokens, starttls=False, connOnly=True) # We *have* to use REQCERT NEVER here because python ldap fails cert verification for .... some reason that even # I can not solve. I think it'\''s leaking state across connections in start_tls_s? # Check that it works with TLS conn = standalone.openConnection(saslmethod='\''PLAIN'\'', sasltoken=auth_tokens, starttls=True, connOnly=True, > certdir=standalone.get_cert_dir(), reqcert=ldap.OPT_X_TLS_NEVER) <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/389-ds-base/dirsrvtests/tests/suites/sasl/plain_test.py>:106: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:540: in openConnection server.open(*args, **kwargs) <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:1081: in open self.start_tls_s() <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162: in inner return f(*args, **kwargs) /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:609: in start_tls_s return self._ldap_call(self._l.start_tls_s) <http://vm-166.abc.idm.lab.eng.brq.redhat.com:8080/job/NIGHTLY/ws/source/lib389/lib389/__init__.py>:162: in inner return f(*args, **kwargs) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ self = <lib389.DirSrv object at 0x7f8e2bb0a790> func = <built-in method start_tls_s of LDAP object at 0x7f8e2dad7c60>, args = () kwargs = {}, diagnostic_message_success = None e = CONNECT_ERROR({'\''info'\'': '\''TLS error -8174:security library: bad database.'\'', '\''desc'\'': '\''Connect error'\''},) def _ldap_call(self,func,*args,**kwargs): """ Wrapper method mainly for serializing calls into OpenLDAP libs and trace logs """ self._ldap_object_lock.acquire() if __debug__: if self._trace_level>=1: self._trace_file.write('\''*** %s %s - %s\n%s\n'\'' % ( repr(self), self._uri, '\''.'\''.join((self.__class__.__name__,func.__name__)), pprint.pformat((args,kwargs)) )) if self._trace_level>=9: traceback.print_stack(limit=self._trace_stack_limit,file=self._trace_file) diagnostic_message_success = None try: try: > result = func(*args,**kwargs) E CONNECT_ERROR: {'\''info'\'': '\''TLS error -8174:security library: bad database.'\'', '\''desc'\'': '\''Connect error'\''} /usr/lib64/python2.7/site-packages/ldap/ldapobject.py:106: CONNECT_ERROR ---------------------------- Captured stdout setup ----------------------------- OK group dirsrv exists OK user dirsrv exists ---------------------------- Captured stderr setup ----------------------------- INFO:lib389.topologies:Instance with parameters {'\''ldap-port'\'': 38901, '\''suffix'\'': '\''dc=example,dc=com'\'', '\''krb5_realm'\'': None, '\''deployed-dir'\'': '\''/usr'\'', '\''inst-backupdir'\'': '\''/tmp'\'', '\''hostname'\'': '\''localhost'\'', '\''server-id'\'': '\''standalone1'\'', '\''root-pw'\'': '\''password'\'', '\''root-dn'\'': '\''cn=Directory Manager'\'', '\''group-id'\'': None, '\''InstScriptsEnabled'\'': None, '\''user-id'\'': None, '\''ldap-secureport'\'': None} was created. ----------------------------- Captured stderr call ----------------------------- Generating key. This may take a few moments... Generating key. This may take a few moments... ============= 13 failed, 631 passed, 1 skipped in 8822.00 seconds ==============' + '[' 1 -ne 0 ']' + echo CI Tests 'FAILED!' CI Tests FAILED! + MSG=FAILED + RC=1 + sudo /usr/sbin/sendmail mreynolds@xxxxxxxxxx firstyear@xxxxxxxxxx + sudo rm -rf /var/tmp/slapd.vg.113129 /var/tmp/slapd.vg.113241 /var/tmp/slapd.vg.131058 /var/tmp/slapd.vg.85839 + exit 1 Build step 'Execute shell' marked build as failure [locks-and-latches] Releasing all the locks [locks-and-latches] All the locks released _______________________________________________ 389-devel mailing list -- 389-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to 389-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx