Skip to content

Tests: cache_credentials = true not working #8020

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
shridhargadekar wants to merge 1 commit into from
Closed

Tests: cache_credentials = true not working #8020

shridhargadekar wants to merge 1 commit into from

Conversation

@shridhargadekar
Copy link
Contributor

@shridhargadekar shridhargadekar commented Jul 4, 2025

Tests for cache_credentials = true not working in sssd, with specified PAM configuration in /etc/pam.d/system-auth and /etc/pam.d/password-auth

verifies #7968

gemini-code-assist[bot]
gemini-code-assist bot reviewed Jul 4, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

The pull request adds a new test to verify that cache_credentials = true works correctly with a custom PAM configuration when the provider is offline. The test logic is sound and covers the intended scenario. My review focuses on improving the maintainability and clarity of the new test by suggesting a more descriptive name for the test function and updating its docstring to be accurate and complete.

@shridhargadekar shridhargadekar marked this pull request as ready for review July 4, 2025 13:44
@thalman thalman self-assigned this Jul 4, 2025
thalman
thalman requested changes Jul 4, 2025
View reviewed changes
@shridhargadekar shridhargadekar force-pushed the offline branch 2 times, most recently from e4a75f7 to f8fe707 Compare July 7, 2025 08:26
@shridhargadekar shridhargadekar requested a review from thalman July 7, 2025 08:26
thalman
thalman approved these changes Jul 7, 2025
View reviewed changes
Copy link
Contributor

@thalman thalman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the effort.

sumit-bose
sumit-bose reviewed Jul 7, 2025
View reviewed changes
sumit-bose
sumit-bose approved these changes Jul 7, 2025
View reviewed changes
Copy link
Contributor

@sumit-bose sumit-bose left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi,

thank you for the update, ACK.

Please note, this patch can only be committed if #7995 is committed, otherwise CI will always fail.

bye,
Sumit

@alexey-tikhonov alexey-tikhonov mentioned this pull request Jul 7, 2025
Closed
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 7, 2025
edited
Loading

Please note, this patch can only be committed if #7995 is committed, otherwise CI will always fail.

#7995 was merged. Re-running CI.

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 7, 2025

@shridhargadekar, please rebase.

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 8, 2025
edited
Loading 

tests/test_authentication.py::test_authentication__user_login_with_modified_PAM_stack_provider_is_offline[root-ssh] (ipa) PASSED [ 14%]
tests/test_authentication.py::test_authentication__user_login_with_modified_PAM_stack_provider_is_offline[root-su] (ipa) PASSED [ 14%]
tests/test_authentication.py::test_authentication__user_login_with_modified_PAM_stack_provider_is_offline[sssd-ssh] (ipa) PASSED [ 14%]
tests/test_authentication.py::test_authentication__user_login_with_modified_PAM_stack_provider_is_offline[sssd-su] (ipa) PASSED [ 14%]

Failing tests seems to be unrelated to this PR.

@alexey-tikhonov alexey-tikhonov added Ready to push Ready to push and removed Ready to push Ready to push labels Jul 8, 2025
@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 10, 2025

Conflict in sssd-2-9.
@shridhargadekar, please open explicit backport PR.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jul 16, 2025
View reviewed changes
@shridhargadekar
Copy link
Contributor Author

shridhargadekar commented Jul 16, 2025

@sumit-bose latest changes are reverting PAM configuration to original state. Let me check with authselect way as well

@shridhargadekar
Copy link
Contributor Author

shridhargadekar commented Jul 16, 2025

Looks like previously failing tests are passing now.

@shridhargadekar
Copy link
Contributor Author

shridhargadekar commented Jul 22, 2025

Three test cases that are failing here, could not be related to this PR. Those test cases are running before current PR test cases.

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 24, 2025

Is this intentional:

pam_file = client.fs.read("/etc/pam.d/system-auth")
...
client.fs.write("/etc/pam.d/system-auth", pam_file)
client.fs.write("/etc/pam.d/password-auth", pam_file)

-- so that "password-auth" == "system-auth" after the test?

@sumit-bose , @thalman , are you fine with the recent updates?

@shridhargadekar shridhargadekar force-pushed the offline branch 3 times, most recently from a413452 to d4d21a2 Compare July 24, 2025 13:52
@shridhargadekar
Copy link
Contributor Author

shridhargadekar commented Jul 24, 2025

As Sumit suggested earlier, implementing authselect utility to back-up and restore the PAM stack.

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 25, 2025

@shridhargadekar, is this ready?

@shridhargadekar
Copy link
Contributor Author

shridhargadekar commented Jul 25, 2025

@alexey-tikhonov Yes, it's ready.

sumit-bose
sumit-bose reviewed Jul 25, 2025
View reviewed changes
@shridhargadekar
Tests: cache_credentials = true not working
7baaec5 
Tests for cache_credentials = true not working in sssd, with specified PAM
configuration in /etc/pam.d/system-auth and /etc/pam.d/password-auth

verifies SSSD#7968
@sumit-bose
Copy link
Contributor

sumit-bose commented Jul 29, 2025

Hi,

I'm still fine withthe current version of the test, CI failures do not look related.

bye,
Sumit

@alexey-tikhonov
Copy link
Member

alexey-tikhonov commented Jul 31, 2025

Pushed PR: #8020

  • master
    • 9856b6d - Tests: cache_credentials = true not working
  • sssd-2-11
    • 61a5ab6 - Tests: cache_credentials = true not working

@shridhargadekar shridhargadekar mentioned this pull request Nov 28, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sumit-bose sumit-bose sumit-bose approved these changes

@thalman thalman thalman approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@thalman thalman

@sumit-bose sumit-bose

Labels

backport-to-sssd-2-11 Pushed Tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@shridhargadekar @alexey-tikhonov @sumit-bose @thalman