aboutsummaryrefslogtreecommitdiff
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2019 Ricardo Wurmus <rekado@elephly.net>
;;;
;;; This file is part of GNU Guix.
;;;
;;; GNU Guix is free software; you can redistribute it and/or modify it
;;; under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 3 of the License, or (at
;;; your option) any later version.
;;;
;;; GNU Guix is distributed in the hope that it will be useful, but
;;; WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with GNU Guix.  If not, see <http://www.gnu.org/licenses/>.

(define-module (gnu tests ldap)
  #:use-module (gnu tests)
  #:use-module (gnu system)
  #:use-module (gnu system nss)
  #:use-module (gnu system vm)
  #:use-module (gnu services)
  #:use-module (gnu services authentication)
  #:use-module (gnu services networking)
  #:use-module (gnu packages base)
  #:use-module (gnu packages openldap)
  #:use-module (guix gexp)
  #:use-module (guix store)
  #:export (%test-ldap))

(define %ldap-os
  (let ((simple
         (simple-operating-system
          (service dhcp-client-service-type)
          (service nslcd-service-type))))
    (operating-system
      (inherit simple)
      (name-service-switch
       (let ((services (list (name-service (name "db"))
                             (name-service (name "files"))
                             (name-service (name "ldap")))))
         (name-service-switch
          (inherit %mdns-host-lookup-nss)
          (password services)
          (shadow   services)
          (group    services)
          (netgroup services)
          (gshadow  services)))))))

(define (run-ldap-test)
  "Run tests in %LDAP-OS."
  (define os
    (marionette-operating-system
     %ldap-os
     #:imported-modules '((gnu services herd)
                          (guix combinators))))

  (define vm
    (virtual-machine
     (operating-system os)
     (memory-size 1024)))

  (define test
    (with-imported-modules '((gnu build marionette))
      #~(begin
          (use-modules (srfi srfi-11) (srfi srfi-64)
                       (gnu build marionette))

          (define marionette
            (make-marionette (list #$vm)))

          (test-runner-current (system-test-runner #$output))
          (test-begin "ldap")

          ;; Set up LDAP directory server
          (test-assert "LDAP server instance running"
            (marionette-eval
             '(begin
                (with-output-to-file "instance.inf"
                  (lambda ()
                    (display "[general]
config_version = 2

\n[slapd]
root_password = SECRET_PASS
user = root
group = root

\n[backend-userroot]
sample_entries = yes
suffix = dc=example,dc=com")))
                (and
                 ;; Create instance
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dscreate")
                                     "-v" "from-file" "instance.inf"))
                 ;; Start instance
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dsctl")
                                 "localhost" "start"))
                 ;; Create user account
                 (zero? (system* #$(file-append 389-ds-base "/sbin/dsidm")
                                 "-b" "dc=example,dc=com"
                                 "localhost" "user" "create"
                                 "--uid" "eva" "--cn" "Eva Lu Ator"
                                 "--displayName" "Eva Lu Ator"
                                 "--uidNumber" "1234" "--gidNumber" "2345"
                                 "--homeDirectory" "/home/eva"))))
             marionette))

          (test-assert "Manager can bind to LDAP server instance"
            (marionette-eval
             '(zero? (system* #$(file-append openldap "/bin/ldapwhoami")
                              "-H" "ldap://localhost" "-D"
                              "cn=Directory Manager" "-w" "SECRET_PASS"))
             marionette))

          ;; Wait for nslcd to be up and running.
          (test-assert "nslcd service running"
            (marionette-eval
             '(begin
                (use-modules (gnu services herd))
                (match (start-service 'nslcd)
                  (#f #f)
                  (('service response-parts ...)
                   (match (assq-ref response-parts 'running)
                     ((pid) pid)))))
             marionette))

          (test-assert "nslcd produces a log file"
            (marionette-eval
             '(file-exists? "/var/log/nslcd")
             marionette))

          (test-assert "Can query LDAP user accounts"
            (marionette-eval
             '(begin
                ;; TODO: This shouldn't be necessary, but unfortunately it
                ;; really is needed to discover LDAP accounts with "id".
                (setenv "LD_LIBRARY_PATH"
                        #$(file-append nss-pam-ldapd "/lib"))
                (zero? (system* #$(file-append coreutils "/bin/id") "eva")))
             marionette))

          (test-assert "Can become LDAP user"
            (marionette-eval
             '(zero? (system* "/run/privileged/bin/su" "eva" "-c"
                              #$(file-append coreutils "/bin/true")))
             marionette))

          (test-end))))

  (gexp->derivation "ldap-test" test))

(define %test-ldap
  (system-test
   (name "ldap")
   (description "Run an LDAP directory server and authenticate against it.")
   (value (run-ldap-test))))
generated by cgit
s. Mathieu Othacehe 2019-01-17installer: Add services page....Add a page to select services, for now only desktop environments choice is available. * gnu/installer.scm (steps): Add services step. * gnu/installer/newt.scm (newt-installer): Add services-page field. * gnu/installer/newt/services.scm: New file. * gnu/installer/record.scm (installer): Add services-page field. * gnu/installer/services.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add new files. * po/guix/POTFILES.in: Add new files. Mathieu Othacehe 2019-01-17installer: Do not ask for keyboard model....Suppose that the keyboard model is "pc105". * gnu/installer.scm (apply-keymap): Remove model ... * gnu/installer/newt/keymap.scm (run-keymap-page): passed here. (run-model-page): remove procedure * gnu/installer/record.scm (installer): Edit keymap-page prototype in comment. * gnu/installer/keymap.scm (default-keyboard-model): New exported parameter. Mathieu Othacehe 2019-01-17installer: Add configuration formatter....* gnu/installer.scm (installer-steps): Add configuration-formatter procedures. * gnu/installer/final.scm: New file. * gnu/installer/locale.scm (locale->configuration): New exported procedure. * gnu/installer/newt.scm (newt-installer): Add final page. * gnu/installer/newt/final.scm: New file. * gnu/installer/record.scm (installer): Add final-page field. * gnu/installer/timezone.scm (posix-tz->configuration): New exported procedure. * gnu/installer/steps.scm (installer-step): Rename configuration-proc field to configuration-formatter. (%installer-configuration-file): New exported parameter, (%installer-target-dir): ditto, (%configuration-file-width): ditto, (format-configuration): new exported procedure, (configuration->file): new exported procedure. Mathieu Othacehe 2019-01-17installer: Move everything to the build side....* gnu/installer.scm: Rename to ... * gnu/installer/record.scm: ... this. * gnu/installer/build-installer.scm: Move everything to the build side and rename to gnu/installer.scm. * gnu/installer/newt.scm: Remove all the gexps and add depencies to newt modules as this code will only be used on the build side by now. * gnu/local.mk (GNU_SYSTEM_MODULES): Adapt it, (dist_installer_DATA): New rule to install installer's aux-files. * gnu/system/install.scm (%installation-services): Use only 'installer-program' from (gnu installer). The installer is now choosen on the build side. * guix/self.scm (*system-modules*): Restore previous behaviour and add all installer files to #:extra-files field of the scheme-node. * po/guix/POTFILES.in: Adapt it. Mathieu Othacehe 2019-01-17installer: newt: Locate the logo within local-file....* gnu/installer/newt.scm (logo): Remove it, (welcome-page): Use a relative path to locate the logo. Mathieu Othacehe 2019-01-17installer: newt: Use scheme-modules* instead of scheme-modules....* gnu/installer/newt.scm (modules): Use scheme-modules*. Mathieu Othacehe 2019-01-17gnu: Add graphical installer support....* configure.ac: Require that guile-newt is available. * gnu/installer.scm: New file. * gnu/installer/aux-files/logo.txt: New file. * gnu/installer/build-installer.scm: New file. * gnu/installer/connman.scm: New file. * gnu/installer/keymap.scm: New file. * gnu/installer/locale.scm: New file. * gnu/installer/newt.scm: New file. * gnu/installer/newt/ethernet.scm: New file. * gnu/installer/newt/hostname.scm: New file. * gnu/installer/newt/keymap.scm: New file. * gnu/installer/newt/locale.scm: New file. * gnu/installer/newt/menu.scm: New file. * gnu/installer/newt/network.scm: New file. * gnu/installer/newt/page.scm: New file. * gnu/installer/newt/timezone.scm: New file. * gnu/installer/newt/user.scm: New file. * gnu/installer/newt/utils.scm: New file. * gnu/installer/newt/welcome.scm: New file. * gnu/installer/newt/wifi.scm: New file. * gnu/installer/steps.scm: New file. * gnu/installer/timezone.scm: New file. * gnu/installer/utils.scm: New file. * gnu/local.mk (GNU_SYSTEM_MODULES): Add previous files. * gnu/system.scm: Export %root-account. * gnu/system/install.scm (%installation-services): Use kmscon instead of linux VT for all tty. (installation-os)[users]: Add the graphical installer as shell of the root account. [packages]: Add font related packages. * po/guix/POTFILES.in: Add installer files. Mathieu Othacehe