aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu tests ldap)
  #:use-module (gnu tests)
  #:use-module (gnu system)
  #:use-module (gnu system nss)
  #:use-module (gnu system vm)
  #:use-module (gnu services)
  #:use-module (gnu services authentication)
  #:use-module (gnu services networking)
  #:use-module (gnu packages base)
  #:use-module (gnu packages openldap)
  #:use-module (guix gexp)
  #:use-module (guix store)
  #:export (%test-ldap))

(define %ldap-os
  (let ((simple
         (simple-operating-system
          (service dhcp-client-service-type)
          (service nslcd-service-type))))
    (operating-system
      (inherit simple)
      (name-service-switch
       (let ((services (list (name-service (name "db"))
                             (name-service (name "files"))
                             (name-service (name "ldap")))))
         (name-service-switch
          (inherit %mdns-host-lookup-nss)
          (password services)
          (shadow   services)
          (group    services)
          (netgroup services)
          (gshadow  services)))))))

(define (run-ldap-test)
  "Run tests in %LDAP-OS."
  (define os
    (marionette-operating-system
     %ldap-os
     #:imported-modules '((gnu services herd)
                          (guix combinators))))

  (define vm
    (virtual-machine
     (operating-system os)
     (memory-size 1024)))

  (define test
    (with-imported-modules '((gnu build marionette))
      #~(begin
          (use-modules (srfi srfi-11) (srfi srfi-64)
                       (gnu build marionette))

          (define marionette
            (make-marionette (list #$vm)))

          (test-runner-current (system-test-runner #$output))
          (test-begin "ldap")

          ;; Set up LDAP directory server
          (test-assert "LDAP server instance running"
            (marionette-eval
             '(begin
                (with-output-to-file "instance.inf"
                  (lambda ()
                    (display "[general]
config_version = 2

\n[slapd]
root_password = SECRET_PASS
user = root
group = root

\n[backend-userroot]
sample_entries = yes
suffix = dc=example,dc=com")))
                (and
                 ;; Create instance
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dscreate")
                                     "-v" "from-file" "instance.inf"))
                 ;; Start instance
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dsctl")
                                 "localhost" "start"))
                 ;; Create user account
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dsidm")
                                 "-b" "dc=example,dc=com"
                                 "localhost" "user" "create"
                                 "--uid" "eva" "--cn" "Eva Lu Ator"
                                 "--displayName" "Eva Lu Ator"
                                 "--uidNumber" "1234" "--gidNumber" "2345"
                                 "--homeDirectory" "/home/eva"))))
             marionette))

          (test-assert "Manager can bind to LDAP server instance"
            (marionette-eval
             '(zero? (system* #$(file-append openldap "/bin/ldapwhoami")
                              "-H" "ldap://localhost" "-D"
                              "cn=Directory Manager" "-w" "SECRET_PASS"))
             marionette))

          ;; Wait for nslcd to be up and running.
          (test-assert "nslcd service running"
            (marionette-eval
             '(begin
                (use-modules (gnu services herd))
                (match (start-service 'nslcd)
                  (#f #f)
                  (('service response-parts ...)
                   (match (assq-ref response-parts 'running)
                     ((pid) pid)))))
             marionette))

          (test-assert "nslcd produces a log file"
            (marionette-eval
             '(file-exists? "/var/log/nslcd")
             marionette))

          (test-assert "Can query LDAP user accounts"
            (marionette-eval
             '(begin
                ;; TODO: This shouldn't be necessary, but unfortunately it
                ;; really is needed to discover LDAP accounts with "id".
                (setenv "LD_LIBRARY_PATH"
                        #$(file-append nss-pam-ldapd "/lib"))
                (zero? (system* #$(file-append coreutils "/bin/id") "eva")))
             marionette))

          (test-assert "Can become LDAP user"
            (marionette-eval
             '(zero? (system* "/run/privileged/bin/su" "eva" "-c"
                              #$(file-append coreutils "/bin/true")))
             marionette))

          (test-end))))

  (gexp->derivation "ldap-test" test))

(define %test-ldap
  (system-test
   (name "ldap")
   (description "Run an LDAP directory server and authenticate against it.")
   (value (run-ldap-test))))
generated by cgit
singularity.scm, gnu/tests/ssh.scm, gnu/tests/telephony.scm, gnu/tests/version-control.scm, gnu/tests/virtualization.scm, gnu/tests/web.scm: Remove (mkdir #$output) (chdir #$output) and pass #$output as argument to 'system-test-runner'. Ludovic Courtès 2021-09-25tests: Adjust to SRFI-64 as found in Guile 3.0.7....In Guile 3.0.7, 'test-runner-current' is set to #f upon 'test-end'. Consequently, the previous strategy, where we'd call 'test-runner-current' after 'test-end', no longer works. Instead, set the test runner in each test right before 'test-begin'. * gnu/build/marionette.scm (system-test-runner): New procedure. * gnu/tests/audio.scm (run-mpd-test): Replace (exit (= ...)) idiom by (test-runner-current (system-test-runner)). * gnu/tests/base.scm (run-basic-test) (run-cleanup-test, run-mcron-test, run-nss-mdns-test): Likewise. * gnu/tests/ci.scm (run-laminar-test): Likewise. * gnu/tests/cups.scm (run-cups-test): Likewise. * gnu/tests/databases.scm (run-memcached-test) (run-postgresql-test, run-mysql-test): Likewise. * gnu/tests/desktop.scm (run-elogind-test): Likewise. * gnu/tests/dict.scm (run-dicod-test): Likewise. * gnu/tests/docker.scm (run-docker-test): Likewise. (run-docker-system-test): Likewise. * gnu/tests/file-sharing.scm (run-transmission-daemon-test): Likewise. * gnu/tests/ganeti.scm (run-ganeti-test): Likewise. * gnu/tests/guix.scm (run-guix-build-coordinator-test): Likewise. (run-guix-data-service-test): Likewise. * gnu/tests/ldap.scm (run-ldap-test): Likewise. * gnu/tests/linux-modules.scm (run-loadable-kernel-modules-test-base): Likewise. * gnu/tests/mail.scm (run-opensmtpd-test) (run-exim-test, run-dovecot-test, run-getmail-test): Likewise. * gnu/tests/messaging.scm (run-xmpp-test) (run-bitlbee-test, run-quassel-test): Likewise. * gnu/tests/monitoring.scm (run-prometheus-node-exporter-server-test) (run-zabbix-server-test): Likewise. * gnu/tests/networking.scm (run-inetd-test, run-openvswitch-test) (run-dhcpd-test, run-tor-test, run-iptables-test, run-ipfs-test): Likewise. * gnu/tests/nfs.scm (run-nfs-test) (run-nfs-server-test, run-nfs-root-fs-test): Likewise. * gnu/tests/package-management.scm (run-nix-test): Likewise. * gnu/tests/reconfigure.scm (run-switch-to-system-test) (run-upgrade-services-test, run-install-bootloader-test): Likewise. * gnu/tests/rsync.scm (run-rsync-test): Likewise. * gnu/tests/security-token.scm (run-pcscd-test): Likewise. * gnu/tests/singularity.scm (run-singularity-test): Likewise. * gnu/tests/ssh.scm (run-ssh-test): Likewise. * gnu/tests/telephony.scm (run-jami-test): Likewise. * gnu/tests/version-control.scm (run-cgit-test): Likewise. (run-git-http-test, run-gitolite-test, run-gitile-test): Likewise. * gnu/tests/virtualization.scm (run-libvirt-test, run-childhurd-test): Likewise. * gnu/tests/web.scm (run-webserver-test, run-php-fpm-test) (run-hpcguix-web-server-test, run-tailon-test, run-patchwork-test): Likewise. Ludovic Courtès 2021-04-12tests: docker: Increase VM building memory size to 1024MiB....This fixes the following error when running the "docker-system" test: In ice-9/ftw.scm: 553:30 1 (_ #<directory stream db6660>) In unknown file: 0 (readdir #<directory stream db6660>) ERROR: In procedure readdir: In procedure readdir: Cannot allocate memory * gnu/tests/docker.scm (%test-docker-system): Bump image building VM memory size to 1024 MiB. Mathieu Othacehe 2021-02-25tests: docker-system: Increase VM memory....* gnu/tests/docker.scm (run-docker-system-test)[vm]: Increase 'memory-size'. Ludovic Courtès 2020-11-06tests: docker-system: Increase VM memory....The test was failing with ENOSPC. * gnu/tests/docker.scm (run-docker-system-test)[vm]: Increase 'memory-size'. (%test-docker-system): Change 'locale-libcs' for the OS passed to 'system-docker-image'. Ludovic Courtès 2020-07-17tests: docker-system: Use guile-3.0....This helps find the (json) module in the virtual machine. * gnu/tests/docker.scm (build-tarball&run-docker-test, run-docker-system-test): Replace guile-2.2 with guile-3.0. Jakub Kądziołka 2020-03-09tests: docker-system: Increase memory requirement....The system image would no longer fit in memory, starting from commit 8c7eb58453870f380a077c7cfd8dafa97bb8e13f. * gnu/tests/docker.scm (run-docker-system-test): Set 'memory-size' to 3500. Ludovic Courtès 2019-11-09tests: Update references to the now-deprecated 'guile-json' variable....* gnu/tests/docker.scm (build-tarball&run-docker-test): Refer to 'guile-json-3' instead of 'guile-json'. * gnu/tests/singularity.scm (build-tarball&run-singularity-test): Likewise. Ludovic Courtès 2019-08-27pack: Create /tmp in Docker images....Fixes <https://bugs.gnu.org/37161>. * guix/scripts/pack.scm (docker-image)[build]: Add a 'directory' entry for "/tmp" to DIRECTIVES. * tests/pack.scm ("docker-image + localstatedir"): Test the presence of /tmp. * gnu/tests/docker.scm (run-docker-test)["Load docker image and run it"]: Test the presence and permission bits of "/tmp". Ludovic Courtès 2019-07-04pack: 'docker' backend records the profile's search paths....* guix/docker.scm (config): Add #:environment parameter and honor it. (build-docker-image): Likewise, and pass it to 'config'. * guix/scripts/pack.scm (docker-image): Import (guix profiles) and (guix search-paths). Call 'profile-search-paths' and pass #:environment to 'build-docker-image'. * gnu/tests/docker.scm (run-docker-test)["Load docker image and run it"]: Add example that expects (json) to be available. * gnu/tests/docker.scm (build-tarball&run-docker-test): Replace %BOOTSTRAP-GUILE by GUILE-2.2 and GUILE-JSON in the environment. Ludovic Courtès 2019-06-07pack: Add '--entry-point'....* guix/scripts/pack.scm (self-contained-tarball): Add #:entry-point and warn when it's true. (squashfs-image): Add #:entry-point and honor it. (docker-image): Add #:entry-point and honor it. (%options, show-help): Add '--entry-point'. (guix-pack): Honor '--entry-point' and pass #:entry-point to BUILD-IMAGE. * gnu/tests/docker.scm (run-docker-test): Test 'docker run' with the default entry point. (build-tarball&run-docker-test): Pass #:entry-point to 'docker-image'. * doc/guix.texi (Invoking guix pack): Document it. * gnu/tests/singularity.scm (run-singularity-test)["singularity run"]: New test. (build-tarball&run-singularity-test): Pass #:entry-point to 'squashfs-image'. Ludovic Courtès 2019-05-15vm: 'system-docker-image' provides an entry point....This simplifies use of images created with 'guix system docker-image'. * gnu/system/vm.scm (system-docker-image)[boot-program]: New variable. [os]: Add it to the GC roots. [build]: Pass #:entry-point to 'build-docker-image'. * gnu/tests/docker.scm (run-docker-system-test): New procedure. (%test-docker-system): New variable. * doc/guix.texi (Invoking guix system): Remove GUIX_NEW_SYSTEM hack and '--entrypoint' from the example. Mention 'docker create', 'docker start', and 'docker exec'. Ludovic Courtès 2019-01-18tests: docker: Use "package" instead of "dummy-package"....* gnu/tests/docker.scm (build-tarball&run-docker-test): Use "package" instead of "dummy-package". Danny Milosavljevic 2019-01-15tests: docker: Run a guest guile inside the docker container....* gnu/tests/docker.scm (run-docker-test): Add parameters. Load and run docker container. Check response of guest guile. (build-tarball&run-docker-test): New procedure. (%test-docker): Use it. [description]: Modify. Danny Milosavljevic 2019-01-11tests: Nitpick on Docker test....This is a followup to 7d8a4eeacc534c8742e0b22d855aa73e5ab66b7f. * gnu/local.mk (GNU_SYSTEM_MODULES): Add gnu/tests/docker.scm. * gnu/tests/docker.scm: Update copyright line. Ludovic Courtès 2019-01-10tests: docker: Fix test....* gnu/tests/docker.scm (run-docker-test): Set memory and disk size. (%docker-os): Add elogind service. Danny Milosavljevic 2019-01-10tests: Add Docker system test....* gnu/tests/docker.scm: New file. Danny Milosavljevic