diff --git a/tools/cib_shadow.c b/tools/cib_shadow.c index 6aa2b3a9ca..04d8e3e4e3 100644 --- a/tools/cib_shadow.c +++ b/tools/cib_shadow.c @@ -1,630 +1,630 @@ /* * Copyright (C) 2004 Andrew Beekhof * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public * License as published by the Free Software Foundation; either * version 2 of the License, or (at your option) any later version. * * This software is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include int exit_code = pcmk_ok; GMainLoop *mainloop = NULL; const char *host = NULL; void usage(const char *cmd, int exit_status); int command_options = cib_sync_call; const char *cib_action = NULL; cib_t *real_cib = NULL; int dump_data_element(int depth, char **buffer, int *max, int *offset, const char *prefix, xmlNode * data, gboolean formatted); void print_xml_diff(FILE * where, xmlNode * diff); static int force_flag = 0; static int batch_flag = 0; static int print_spaces(char *buffer, int depth, int max) { int lpc = 0; int spaces = 2 * depth; max--; /* <= so that we always print 1 space - prevents problems with syslog */ for (lpc = 0; lpc <= spaces && lpc < max; lpc++) { if (sprintf(buffer + lpc, "%c", ' ') < 1) { return -1; } } return lpc; } static char * get_shadow_prompt(const char *name) { return g_strdup_printf("shadow[%.40s] # ", name); } static void shadow_setup(char *name, gboolean do_switch) { const char *prompt = getenv("PS1"); const char *shell = getenv("SHELL"); char *new_prompt = get_shadow_prompt(name); printf("Setting up shadow instance\n"); if (safe_str_eq(new_prompt, prompt)) { /* nothing to do */ goto done; } else if (batch_flag == FALSE && shell != NULL) { setenv("PS1", new_prompt, 1); setenv("CIB_shadow", name, 1); printf("Type Ctrl-D to exit the crm_shadow shell\n"); if (strstr(shell, "bash")) { execl(shell, shell, "--norc", "--noprofile", NULL); } else { execl(shell, shell, "--noprofile", NULL); } } else if (do_switch) { printf("To switch to the named shadow instance, paste the following into your shell:\n"); } else { printf ("A new shadow instance was created. To begin using it paste the following into your shell:\n"); } printf(" CIB_shadow=%s ; export CIB_shadow\n", name); done: free(new_prompt); } static void shadow_teardown(char *name) { const char *prompt = getenv("PS1"); char *our_prompt = get_shadow_prompt(name); if (prompt != NULL && strstr(prompt, our_prompt)) { printf("Now type Ctrl-D to exit the crm_shadow shell\n"); } else { printf ("Please remember to unset the CIB_shadow variable by pasting the following into your shell:\n"); printf(" unset CIB_shadow\n"); } free(our_prompt); } /* *INDENT-OFF* */ static struct crm_option long_options[] = { /* Top-level Options */ {"help", 0, 0, '?', "\t\tThis text"}, {"version", 0, 0, '$', "\t\tVersion information" }, {"verbose", 0, 0, 'V', "\t\tIncrease debug output"}, {"-spacer-", 1, 0, '-', "\nQueries:"}, {"which", no_argument, NULL, 'w', "\t\tIndicate the active shadow copy"}, {"display", no_argument, NULL, 'p', "\t\tDisplay the contents of the active shadow copy"}, {"edit", no_argument, NULL, 'E', "\t\tEdit the contents of the active shadow copy with your favorite $EDITOR"}, {"diff", no_argument, NULL, 'd', "\t\tDisplay the changes in the active shadow copy\n"}, {"file", no_argument, NULL, 'F', "\t\tDisplay the location of the active shadow copy file\n"}, {"-spacer-", 1, 0, '-', "\nCommands:"}, {"create", required_argument, NULL, 'c', "\tCreate the named shadow copy of the active cluster configuration"}, {"create-empty", required_argument, NULL, 'e', "Create the named shadow copy with an empty cluster configuration. Optional: --validate-with"}, {"commit", required_argument, NULL, 'C', "\tUpload the contents of the named shadow copy to the cluster"}, {"delete", required_argument, NULL, 'D', "\tDelete the contents of the named shadow copy"}, {"reset", required_argument, NULL, 'r', "\tRecreate the named shadow copy from the active cluster configuration"}, {"switch", required_argument, NULL, 's', "\t(Advanced) Switch to the named shadow copy"}, {"-spacer-", 1, 0, '-', "\nAdditional Options:"}, {"force", no_argument, NULL, 'f', "\t\t(Advanced) Force the action to be performed"}, {"batch", no_argument, NULL, 'b', "\t\t(Advanced) Don't spawn a new shell" }, {"all", no_argument, NULL, 'a', "\t\t(Advanced) Upload the entire CIB, including status, with --commit" }, {"validate-with", required_argument, NULL, 'v', "(Advanced) Create an older configuration version" }, {"-spacer-", 1, 0, '-', "\nExamples:", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', "Create a blank shadow configuration:", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', " crm_shadow --create-empty myShadow", pcmk_option_example}, {"-spacer-", 1, 0, '-', "Create a shadow configuration from the running cluster:", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', " crm_shadow --create myShadow", pcmk_option_example}, {"-spacer-", 1, 0, '-', "Display the current shadow configuration:", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', " crm_shadow --display", pcmk_option_example}, {"-spacer-", 1, 0, '-', "Discard the current shadow configuration (named myShadow):", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', " crm_shadow --delete myShadow", pcmk_option_example}, {"-spacer-", 1, 0, '-', "Upload the current shadow configuration (named myShadow) to the running cluster:", pcmk_option_paragraph}, {"-spacer-", 1, 0, '-', " crm_shadow --commit myShadow", pcmk_option_example}, {0, 0, 0, 0} }; /* *INDENT-ON* */ int main(int argc, char **argv) { int rc = 0; int flag; int argerr = 0; static int command = '?'; const char *validation = NULL; char *shadow = NULL; char *shadow_file = NULL; gboolean full_upload = FALSE; gboolean dangerous_cmd = FALSE; struct stat buf; int option_index = 0; crm_log_cli_init("crm_shadow"); crm_set_options(NULL, "(query|command) [modifiers]", long_options, "Perform configuration changes in a sandbox before updating the live cluster." "\n\nSets up an environment in which configuration tools (cibadmin, crm_resource, etc) work" " offline instead of against a live cluster, allowing changes to be previewed and tested" " for side-effects.\n"); if (argc < 2) { crm_help('?', EX_USAGE); } while (1) { flag = crm_get_option(argc, argv, &option_index); if (flag == -1 || flag == 0) break; switch (flag) { case 'a': full_upload = TRUE; break; case 'd': case 'E': case 'p': case 'w': case 'F': command = flag; free(shadow); shadow = NULL; { const char *env = getenv("CIB_shadow"); if(env) { shadow = strdup(env); } else { fprintf(stderr, "No active shadow configuration defined\n"); crm_exit(ENOENT); } } break; case 'v': validation = optarg; break; case 'e': case 'c': case 's': case 'r': command = flag; free(shadow); shadow = strdup(optarg); break; case 'C': case 'D': command = flag; dangerous_cmd = TRUE; free(shadow); shadow = strdup(optarg); break; case 'V': command_options = command_options | cib_verbose; crm_bump_log_level(argc, argv); break; case '$': case '?': crm_help(flag, EX_OK); break; case 'f': command_options |= cib_quorum_override; force_flag = 1; break; case 'b': batch_flag = 1; break; default: printf("Argument code 0%o (%c)" " is not (?yet?) supported\n", flag, flag); ++argerr; break; } } if (optind < argc) { printf("non-option ARGV-elements: "); while (optind < argc) printf("%s ", argv[optind++]); printf("\n"); crm_help('?', EX_USAGE); } if (optind > argc) { ++argerr; } if (argerr) { crm_help('?', EX_USAGE); } if (command == 'w') { /* which shadow instance is active? */ const char *local = getenv("CIB_shadow"); if (local == NULL) { fprintf(stderr, "No shadow instance provided\n"); rc = -ENXIO; goto done; } fprintf(stdout, "%s\n", local); rc = 0; goto done; } if (shadow == NULL) { fprintf(stderr, "No shadow instance provided\n"); fflush(stderr); rc = -EINVAL; goto done; } else if (command != 's' && command != 'c') { const char *local = getenv("CIB_shadow"); if (local != NULL && safe_str_neq(local, shadow) && force_flag == FALSE) { fprintf(stderr, "The supplied shadow instance (%s) is not the same as the active one (%s).\n" " To prevent accidental destruction of the cluster," " the --force flag is required in order to proceed.\n", shadow, local); fflush(stderr); rc = EX_USAGE; goto done; } } if (dangerous_cmd && force_flag == FALSE) { fprintf(stderr, "The supplied command is considered dangerous." " To prevent accidental destruction of the cluster," " the --force flag is required in order to proceed.\n"); fflush(stderr); rc = EX_USAGE; goto done; } shadow_file = get_shadow_file(shadow); if (command == 'D') { /* delete the file */ rc = stat(shadow_file, &buf); if (rc == 0) { rc = unlink(shadow_file); if (rc != 0) { fprintf(stderr, "Could not remove shadow instance '%s': %s\n", shadow, strerror(errno)); goto done; } } shadow_teardown(shadow); goto done; } else if (command == 'F') { printf("%s\n", shadow_file); rc = 0; goto done; } if (command == 'd' || command == 'r' || command == 'c' || command == 'C') { real_cib = cib_new_no_shadow(); rc = real_cib->cmds->signon(real_cib, crm_system_name, cib_command); if (rc != pcmk_ok) { fprintf(stderr, "Signon to CIB failed: %s\n", pcmk_strerror(rc)); goto done; } } rc = stat(shadow_file, &buf); if (command == 'e' || command == 'c') { if (rc == 0 && force_flag == FALSE) { fprintf(stderr, "A shadow instance '%s' already exists.\n" " To prevent accidental destruction of the cluster," " the --force flag is required in order to proceed.\n", shadow); rc = -ENOTUNIQ; goto done; } } else if (rc != 0) { fprintf(stderr, "Could not access shadow instance '%s': %s\n", shadow, strerror(errno)); rc = -ENXIO; goto done; } rc = pcmk_ok; if (command == 'c' || command == 'e' || command == 'r') { xmlNode *output = NULL; /* create a shadow instance based on the current cluster config */ if (command == 'c' || command == 'r') { rc = real_cib->cmds->query(real_cib, NULL, &output, command_options); if (rc != pcmk_ok) { fprintf(stderr, "Could not connect to the CIB: %s\n", pcmk_strerror(rc)); goto done; } } else { - output = createEmptyCib(1); + output = createEmptyCib(0); if(validation) { crm_xml_add(output, XML_ATTR_VALIDATION, validation); } printf("Created new %s configuration\n", crm_element_value(output, XML_ATTR_VALIDATION)); } rc = write_xml_file(output, shadow_file, FALSE); free_xml(output); if (rc < 0) { fprintf(stderr, "Could not %s the shadow instance '%s': %s\n", command == 'r' ? "reset" : "create", shadow, strerror(errno)); goto done; } shadow_setup(shadow, FALSE); rc = pcmk_ok; } else if (command == 'E') { const char *err = NULL; char *editor = getenv("EDITOR"); if (editor == NULL) { fprintf(stderr, "No value for $EDITOR defined\n"); rc = -EINVAL; goto done; } execlp(editor, "--", shadow_file, NULL); err = strerror(errno); fprintf(stderr, "Could not invoke $EDITOR (%s %s): %s\n", editor, shadow_file, err); rc = -EINVAL; goto done; } else if (command == 's') { shadow_setup(shadow, TRUE); rc = 0; goto done; } else if (command == 'P') { /* display the current contents */ char *output_s = NULL; xmlNode *output = filename2xml(shadow_file); output_s = dump_xml_formatted(output); printf("%s", output_s); free(output_s); free_xml(output); } else if (command == 'd') { /* diff against cluster */ xmlNode *diff = NULL; xmlNode *old_config = NULL; xmlNode *new_config = filename2xml(shadow_file); rc = real_cib->cmds->query(real_cib, NULL, &old_config, command_options); if (rc != pcmk_ok) { fprintf(stderr, "Could not query the CIB: %s\n", pcmk_strerror(rc)); goto done; } diff = diff_xml_object(old_config, new_config, FALSE); if (diff != NULL) { print_xml_diff(stdout, diff); rc = 1; goto done; } rc = 0; goto done; } else if (command == 'C') { /* commit to the cluster */ xmlNode *input = filename2xml(shadow_file); if (full_upload) { rc = real_cib->cmds->replace(real_cib, NULL, input, command_options); } else { xmlNode *config = first_named_child(input, XML_CIB_TAG_CONFIGURATION); rc = real_cib->cmds->replace(real_cib, XML_CIB_TAG_CONFIGURATION, config, command_options); } if (rc != pcmk_ok) { fprintf(stderr, "Could not commit shadow instance '%s' to the CIB: %s\n", shadow, pcmk_strerror(rc)); return rc; } shadow_teardown(shadow); free_xml(input); } done: free(shadow_file); free(shadow); return crm_exit(rc); } #define bhead(buffer, offset) ((*buffer) + (*offset)) #define bremain(max, offset) ((*max) - (*offset)) #define update_buffer_head(len) do { \ int total = (*offset) + len + 1; \ if(total >= (*max)) { /* too late */ \ (*buffer) = EOS; return -1; \ } else if(((*max) - total) < 256) { \ (*max) *= 10; \ *buffer = realloc(*buffer, (*max)); \ } \ (*offset) += len; \ } while(0) int dump_data_element(int depth, char **buffer, int *max, int *offset, const char *prefix, xmlNode * data, gboolean formatted) { int printed = 0; int has_children = 0; xmlNode *child = NULL; const char *name = NULL; CRM_CHECK(data != NULL, return 0); name = crm_element_name(data); CRM_CHECK(name != NULL, return 0); CRM_CHECK(buffer != NULL && *buffer != NULL, return 0); crm_trace("Dumping %s...", name); if (prefix) { printed = snprintf(bhead(buffer, offset), bremain(max, offset), "%s", prefix); update_buffer_head(printed); } if (formatted) { printed = print_spaces(bhead(buffer, offset), depth, bremain(max, offset)); update_buffer_head(printed); } printed = snprintf(bhead(buffer, offset), bremain(max, offset), "<%s", name); update_buffer_head(printed); if (data) { xmlAttrPtr xIter = NULL; for (xIter = data->properties; xIter; xIter = xIter->next) { const char *prop_name = (const char *)xIter->name; const char *prop_value = crm_element_value(data, prop_name); crm_trace("Dumping <%s %s=\"%s\"...", name, prop_name, prop_value); printed = snprintf(bhead(buffer, offset), bremain(max, offset), " %s=\"%s\"", prop_name, prop_value); update_buffer_head(printed); } } has_children = xml_has_children(data); printed = snprintf(bhead(buffer, offset), bremain(max, offset), "%s>%s", has_children == 0 ? "/" : "", formatted ? "\n" : ""); update_buffer_head(printed); if (has_children == 0) { return 0; } for (child = __xml_first_child(data); child != NULL; child = __xml_next(child)) { if (dump_data_element(depth + 1, buffer, max, offset, prefix, child, formatted) < 0) { return -1; } } if (prefix) { printed = snprintf(bhead(buffer, offset), bremain(max, offset), "%s", prefix); update_buffer_head(printed); } if (formatted) { printed = print_spaces(bhead(buffer, offset), depth, bremain(max, offset)); update_buffer_head(printed); } printed = snprintf(bhead(buffer, offset), bremain(max, offset), "%s", name, formatted ? "\n" : ""); update_buffer_head(printed); crm_trace("Dumped %s...", name); return has_children; } void print_xml_diff(FILE * where, xmlNode * diff) { char *buffer = NULL; xmlNode *child = NULL; int max = 1024, len = 0; gboolean is_first = TRUE; xmlNode *added = find_xml_node(diff, "diff-added", FALSE); xmlNode *removed = find_xml_node(diff, "diff-removed", FALSE); is_first = TRUE; for (child = __xml_first_child(removed); child != NULL; child = __xml_next(child)) { len = 0; max = 1024; free(buffer); buffer = calloc(1, max); if (is_first) { is_first = FALSE; } else { fprintf(where, " --- \n"); } CRM_CHECK(dump_data_element(0, &buffer, &max, &len, "-", child, TRUE) >= 0, continue); fprintf(where, "%s", buffer); } is_first = TRUE; for (child = __xml_first_child(added); child != NULL; child = __xml_next(child)) { len = 0; max = 1024; free(buffer); buffer = calloc(1, max); if (is_first) { is_first = FALSE; } else { fprintf(where, " +++ \n"); } CRM_CHECK(dump_data_element(0, &buffer, &max, &len, "+", child, TRUE) >= 0, continue); fprintf(where, "%s", buffer); } } diff --git a/tools/regression.acls.exp b/tools/regression.acls.exp index f9850528f0..c6a76729fe 100644 --- a/tools/regression.acls.exp +++ b/tools/regression.acls.exp @@ -1,1468 +1,1731 @@ +Created new pacemaker-1.3 configuration Setting up shadow instance A new shadow instance was created. To begin using it paste the following into your shell: CIB_shadow=tools-regression ; export CIB_shadow =#=#=#= Begin test: Configure some ACLs =#=#=#= =#=#=#= Current cib after: Configure some ACLs =#=#=#= - + =#=#=#= End test: Configure some ACLs - OK (0) =#=#=#= * Passed: cibadmin - Configure some ACLs =#=#=#= Begin test: Enable ACLs =#=#=#= =#=#=#= Current cib after: Enable ACLs =#=#=#= - + =#=#=#= End test: Enable ACLs - OK (0) =#=#=#= * Passed: crm_attribute - Enable ACLs =#=#=#= Begin test: Set cluster option =#=#=#= =#=#=#= Current cib after: Set cluster option =#=#=#= - + =#=#=#= End test: Set cluster option - OK (0) =#=#=#= * Passed: crm_attribute - Set cluster option +=#=#=#= Begin test: New ACL =#=#=#= +=#=#=#= Current cib after: New ACL =#=#=#= + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +=#=#=#= End test: New ACL - OK (0) =#=#=#= +* Passed: cibadmin - New ACL +=#=#=#= Begin test: Another ACL =#=#=#= +=#=#=#= Current cib after: Another ACL =#=#=#= + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +=#=#=#= End test: Another ACL - OK (0) =#=#=#= +* Passed: cibadmin - Another ACL +=#=#=#= Begin test: Updated ACL =#=#=#= +=#=#=#= Current cib after: Updated ACL =#=#=#= + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +=#=#=#= End test: Updated ACL - OK (0) =#=#=#= +* Passed: cibadmin - Updated ACL + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + =#=#=#= Begin test: unknownguy: Query configuration =#=#=#= Call failed: Permission denied =#=#=#= Current cib after: unknownguy: Query configuration =#=#=#= - + + + + + + + + =#=#=#= End test: unknownguy: Query configuration - Permission denied (13) =#=#=#= * Passed: cibadmin - unknownguy: Query configuration =#=#=#= Begin test: unknownguy: Set enable-acl =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: unknownguy: Set enable-acl =#=#=#= - + + + + + + + + =#=#=#= End test: unknownguy: Set enable-acl - Permission denied (13) =#=#=#= * Passed: crm_attribute - unknownguy: Set enable-acl =#=#=#= Begin test: unknownguy: Set stonith-enabled =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: unknownguy: Set stonith-enabled =#=#=#= - + + + + + + + + =#=#=#= End test: unknownguy: Set stonith-enabled - Permission denied (13) =#=#=#= * Passed: crm_attribute - unknownguy: Set stonith-enabled =#=#=#= Begin test: unknownguy: Create a resource =#=#=#= Call failed: Permission denied =#=#=#= Current cib after: unknownguy: Create a resource =#=#=#= - + + + + + + + + =#=#=#= End test: unknownguy: Create a resource - Permission denied (13) =#=#=#= * Passed: cibadmin - unknownguy: Create a resource =#=#=#= Begin test: l33t-haxor: Query configuration =#=#=#= Call failed: Permission denied =#=#=#= Current cib after: l33t-haxor: Query configuration =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Query configuration - Permission denied (13) =#=#=#= * Passed: cibadmin - l33t-haxor: Query configuration =#=#=#= Begin test: l33t-haxor: Set enable-acl =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: l33t-haxor: Set enable-acl =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Set enable-acl - Permission denied (13) =#=#=#= * Passed: crm_attribute - l33t-haxor: Set enable-acl =#=#=#= Begin test: l33t-haxor: Set stonith-enabled =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: l33t-haxor: Set stonith-enabled =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Set stonith-enabled - Permission denied (13) =#=#=#= * Passed: crm_attribute - l33t-haxor: Set stonith-enabled =#=#=#= Begin test: l33t-haxor: Create a resource =#=#=#= Call failed: Permission denied =#=#=#= Current cib after: l33t-haxor: Create a resource =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Create a resource - Permission denied (13) =#=#=#= * Passed: cibadmin - l33t-haxor: Create a resource =#=#=#= Begin test: niceguy: Query configuration =#=#=#= - + + + + + + + + =#=#=#= Current cib after: niceguy: Query configuration =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Query configuration - OK (0) =#=#=#= * Passed: cibadmin - niceguy: Query configuration =#=#=#= Begin test: niceguy: Set enable-acl =#=#=#= Error performing operation: Permission denied Error setting enable-acl=false (section=crm_config, set=): Permission denied =#=#=#= Current cib after: niceguy: Set enable-acl =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Set enable-acl - Permission denied (13) =#=#=#= * Passed: crm_attribute - niceguy: Set enable-acl =#=#=#= Begin test: niceguy: Set stonith-enabled =#=#=#= =#=#=#= Current cib after: niceguy: Set stonith-enabled =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Set stonith-enabled - OK (0) =#=#=#= * Passed: crm_attribute - niceguy: Set stonith-enabled =#=#=#= Begin test: niceguy: Create a resource =#=#=#= Call failed: Permission denied =#=#=#= Current cib after: niceguy: Create a resource =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Create a resource - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Create a resource =#=#=#= Begin test: root: Query configuration =#=#=#= - + + + + + + + + =#=#=#= Current cib after: root: Query configuration =#=#=#= - + + + + + + + + =#=#=#= End test: root: Query configuration - OK (0) =#=#=#= * Passed: cibadmin - root: Query configuration =#=#=#= Begin test: root: Set stonith-enabled =#=#=#= =#=#=#= Current cib after: root: Set stonith-enabled =#=#=#= - + + + + + + + + =#=#=#= End test: root: Set stonith-enabled - OK (0) =#=#=#= * Passed: crm_attribute - root: Set stonith-enabled =#=#=#= Begin test: root: Create a resource =#=#=#= =#=#=#= Current cib after: root: Create a resource =#=#=#= - + + + + + + + + =#=#=#= End test: root: Create a resource - OK (0) =#=#=#= * Passed: cibadmin - root: Create a resource =#=#=#= Begin test: l33t-haxor: Create a resource meta attribute =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: l33t-haxor: Create a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Create a resource meta attribute - Permission denied (13) =#=#=#= * Passed: crm_resource - l33t-haxor: Create a resource meta attribute =#=#=#= Begin test: l33t-haxor: Query a resource meta attribute =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: l33t-haxor: Query a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Query a resource meta attribute - Permission denied (13) =#=#=#= * Passed: crm_resource - l33t-haxor: Query a resource meta attribute =#=#=#= Begin test: l33t-haxor: Remove a resource meta attribute =#=#=#= Error performing operation: Permission denied =#=#=#= Current cib after: l33t-haxor: Remove a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: l33t-haxor: Remove a resource meta attribute - Permission denied (13) =#=#=#= * Passed: crm_resource - l33t-haxor: Remove a resource meta attribute =#=#=#= Begin test: niceguy: Create a resource meta attribute =#=#=#= =#=#=#= Current cib after: niceguy: Create a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Create a resource meta attribute - OK (0) =#=#=#= * Passed: crm_resource - niceguy: Create a resource meta attribute =#=#=#= Begin test: niceguy: Query a resource meta attribute =#=#=#= Stopped =#=#=#= Current cib after: niceguy: Query a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Query a resource meta attribute - OK (0) =#=#=#= * Passed: crm_resource - niceguy: Query a resource meta attribute =#=#=#= Begin test: niceguy: Remove a resource meta attribute =#=#=#= Deleted dummy option: id=dummy-meta_attributes-target-role name=target-role =#=#=#= Current cib after: niceguy: Remove a resource meta attribute =#=#=#= - + + + + + + + + =#=#=#= End test: niceguy: Remove a resource meta attribute - OK (0) =#=#=#= * Passed: crm_resource - niceguy: Remove a resource meta attribute =#=#=#= Begin test: niceguy: Create a resource meta attribute =#=#=#= =#=#=#= Current cib after: niceguy: Create a resource meta attribute =#=#=#= - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=#=#=#= End test: niceguy: Create a resource meta attribute - OK (0) =#=#=#= -* Passed: crm_resource - niceguy: Create a resource meta attribute -=#=#=#= Begin test: New ACL =#=#=#= -=#=#=#= Current cib after: New ACL =#=#=#= - + + + + + -=#=#=#= End test: New ACL - OK (0) =#=#=#= -* Passed: cibadmin - New ACL +=#=#=#= End test: niceguy: Create a resource meta attribute - OK (0) =#=#=#= +* Passed: crm_resource - niceguy: Create a resource meta attribute =#=#=#= Begin test: badidea: Query configuration - implied deny =#=#=#= =#=#=#= Current cib after: badidea: Query configuration - implied deny =#=#=#= - + + + + + =#=#=#= End test: badidea: Query configuration - implied deny - OK (0) =#=#=#= * Passed: cibadmin - badidea: Query configuration - implied deny -=#=#=#= Begin test: Updated ACL =#=#=#= -=#=#=#= Current cib after: Updated ACL =#=#=#= - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -=#=#=#= End test: Updated ACL - OK (0) =#=#=#= -* Passed: cibadmin - Updated ACL -=#=#=#= Begin test: badidea: Query configuration - explicit deny =#=#=#= +=#=#=#= Begin test: betteridea: Query configuration - explicit deny =#=#=#= -=#=#=#= Current cib after: badidea: Query configuration - explicit deny =#=#=#= - +=#=#=#= Current cib after: betteridea: Query configuration - explicit deny =#=#=#= + - + + + + -=#=#=#= End test: badidea: Query configuration - explicit deny - OK (0) =#=#=#= -* Passed: cibadmin - badidea: Query configuration - explicit deny - +=#=#=#= End test: betteridea: Query configuration - explicit deny - OK (0) =#=#=#= +* Passed: cibadmin - betteridea: Query configuration - explicit deny + =#=#=#= Begin test: niceguy: Replace - remove acls =#=#=#= __xml_acl_check: 400 access denied to /cib/configuration/acls: default Call failed: Permission denied =#=#=#= Current cib after: niceguy: Replace - remove acls =#=#=#= - + - + + + + =#=#=#= End test: niceguy: Replace - remove acls - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Replace - remove acls - + - + + + + =#=#=#= Begin test: niceguy: Replace - create resource =#=#=#= __xml_acl_check: 400 access denied to /cib/configuration/resources/primitive[@id='dummy2']: default __xml_acl_post_process: Cannot add new node primitive at /cib/configuration/resources/primitive[@id='dummy2'] Call failed: Permission denied =#=#=#= Current cib after: niceguy: Replace - create resource =#=#=#= - + - + + + + =#=#=#= End test: niceguy: Replace - create resource - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Replace - create resource - + - + + + + =#=#=#= Begin test: niceguy: Replace - modify attribute =#=#=#= __xml_acl_check: 400 access denied to /cib/configuration/crm_config/cluster_property_set[@id='cib-bootstrap-options']/nvpair[@id='cib-bootstrap-options-enable-acl'][@value]: default Call failed: Permission denied =#=#=#= Current cib after: niceguy: Replace - modify attribute =#=#=#= - + - + + + + =#=#=#= End test: niceguy: Replace - modify attribute - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Replace - modify attribute - + - + + + + =#=#=#= Begin test: niceguy: Replace - delete attribute =#=#=#= __xml_acl_check: 400 access denied to /cib/configuration/crm_config/cluster_property_set[@id='cib-bootstrap-options']/nvpair[@id='cib-bootstrap-options-enable-acl']: default Call failed: Permission denied =#=#=#= Current cib after: niceguy: Replace - delete attribute =#=#=#= - + - + + + + =#=#=#= End test: niceguy: Replace - delete attribute - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Replace - delete attribute - + - + + + + =#=#=#= Begin test: niceguy: Replace - create attribute =#=#=#= __xml_acl_check: 400 access denied to /cib/configuration/resources/primitive[@id='dummy'][@description]: default Call failed: Permission denied =#=#=#= Current cib after: niceguy: Replace - create attribute =#=#=#= - + - + + + + =#=#=#= End test: niceguy: Replace - create attribute - Permission denied (13) =#=#=#= * Passed: cibadmin - niceguy: Replace - create attribute diff --git a/tools/regression.sh b/tools/regression.sh index 8c436e959b..52dbdf187e 100755 --- a/tools/regression.sh +++ b/tools/regression.sh @@ -1,589 +1,602 @@ #!/bin/bash : ${shadow=tools-regression} test_home=`dirname $0` num_errors=0 num_passed=0 GREP_OPTIONS= verbose=0 tests="dates tools acls" function test_assert() { target=$1; shift cib=$1; shift app=`echo "$cmd" | sed 's/\ .*//'` printf "* Running: $app - $desc\n" 1>&2 printf "=#=#=#= Begin test: $desc =#=#=#=\n" eval $VALGRIND_CMD $cmd 2>&1 rc=$? if [ x$cib != x0 ]; then printf "=#=#=#= Current cib after: $desc =#=#=#=\n" CIB_user=root cibadmin -Q fi printf "=#=#=#= End test: $desc - `crm_error $rc` ($rc) =#=#=#=\n" if [ $rc -ne $target ]; then num_errors=`expr $num_errors + 1` printf "* Failed (rc=%.3d): %-14s - %s\n" $rc $app "$desc" printf "* Failed (rc=%.3d): %-14s - %s\n" $rc $app "$desc (`which $app`)" 1>&2 return exit 1 else printf "* Passed: %-14s - %s\n" $app "$desc" num_passed=`expr $num_passed + 1` fi } function usage() { echo "Usage: ./regression.sh [-s(ave)] [-x] [-v(erbose)]" exit $1 } done=0 do_save=0 VALGRIND_CMD= while test "$done" = "0"; do case "$1" in -t) tests=$2; shift; shift;; -V|--verbose) verbose=1; shift;; -v|--valgrind) export G_SLICE=always-malloc VALGRIND_CMD="valgrind -q --gen-suppressions=all --show-reachable=no --leak-check=full --trace-children=no --time-stamp=yes --num-callers=20 --suppressions=/usr/share/pacemaker/tests/valgrind-pcmk.suppressions" shift;; -x) set -x; shift;; -s) do_save=1; shift;; -p) PATH="$2:$PATH"; export PATH; shift 1;; -?) usage 0;; -*) echo "unknown option: $1"; usage 1;; *) done=1;; esac done if [ "x$VALGRIND_CMD" = "x" -a -x $test_home/crm_simulate ]; then xml_home=`dirname ${test_home}` echo "Using local binaries from: $test_home, schemas from $xml_home" export PATH="$test_home:$PATH" export PCMK_schema_directory=${xml_home}/xml fi function test_tools() { export CIB_shadow_dir=$test_home $VALGRIND_CMD crm_shadow --batch --force --create-empty $shadow 2>&1 export CIB_shadow=$shadow desc="Validate CIB" cmd="cibadmin -Q" test_assert 0 desc="Configure something before erasing" cmd="crm_attribute -n cluster-delay -v 60s" test_assert 0 desc="Require --force for CIB erasure" cmd="cibadmin -E" test_assert 22 desc="Allow CIB erasure with --force" cmd="cibadmin -E --force" test_assert 0 desc="Query CIB" cmd="cibadmin -Q > /tmp/$$.existing.xml" test_assert 0 desc="Set cluster option" cmd="crm_attribute -n cluster-delay -v 60s" test_assert 0 desc="Query new cluster option" cmd="cibadmin -Q -o crm_config | grep cib-bootstrap-options-cluster-delay" test_assert 0 desc="Query cluster options" cmd="cibadmin -Q -o crm_config > /tmp/$$.opt.xml" test_assert 0 desc="Set no-quorum policy" cmd="crm_attribute -n no-quorum-policy -v ignore" test_assert 0 desc="Delete nvpair" cmd="cibadmin -D -o crm_config --xml-text ''" test_assert 0 desc="Create operaton should fail" cmd="cibadmin -C -o crm_config --xml-file /tmp/$$.opt.xml" test_assert 76 desc="Modify cluster options section" cmd="cibadmin -M -o crm_config --xml-file /tmp/$$.opt.xml" test_assert 0 desc="Query updated cluster option" cmd="cibadmin -Q -o crm_config | grep cib-bootstrap-options-cluster-delay" test_assert 0 desc="Set duplicate cluster option" cmd="crm_attribute -n cluster-delay -v 40s -s duplicate" test_assert 0 desc="Setting multiply defined cluster option should fail" cmd="crm_attribute -n cluster-delay -v 30s" test_assert 76 desc="Set cluster option with -s" cmd="crm_attribute -n cluster-delay -v 30s -s duplicate" test_assert 0 desc="Delete cluster option with -i" cmd="crm_attribute -n cluster-delay -D -i cib-bootstrap-options-cluster-delay" test_assert 0 desc="Create node1 and bring it online" cmd="crm_simulate --live-check --in-place --node-up=node1" test_assert 0 desc="Create node attribute" cmd="crm_attribute -n ram -v 1024M -U node1 -t nodes" test_assert 0 desc="Query new node attribute" cmd="cibadmin -Q -o nodes | grep node1-ram" test_assert 0 desc="Digest calculation" cmd="cibadmin -Q | cibadmin -5 -p 2>&1 > /dev/null" test_assert 0 # This update will fail because it has version numbers desc="Replace operation should fail" cmd="cibadmin -R --xml-file /tmp/$$.existing.xml" test_assert 205 desc="Default standby value" cmd="crm_standby -N node1 -G" test_assert 0 desc="Set standby status" cmd="crm_standby -N node1 -v true" test_assert 0 desc="Query standby value" cmd="crm_standby -N node1 -G" test_assert 0 desc="Delete standby value" cmd="crm_standby -N node1 -D" test_assert 0 desc="Create a resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 0 desc="Create a resource meta attribute" cmd="crm_resource -r dummy --meta -p is-managed -v false" test_assert 0 desc="Query a resource meta attribute" cmd="crm_resource -r dummy --meta -g is-managed" test_assert 0 desc="Remove a resource meta attribute" cmd="crm_resource -r dummy --meta -d is-managed" test_assert 0 desc="Create a resource attribute" cmd="crm_resource -r dummy -p delay -v 10s" test_assert 0 desc="List the configured resources" cmd="crm_resource -L" test_assert 0 desc="Set a resource's fail-count" cmd="crm_failcount -r dummy -v 10 -N node1" test_assert 0 desc="Require a destination when migrating a resource that is stopped" cmd="crm_resource -r dummy -M" test_assert 22 desc="Don't support migration to non-existant locations" cmd="crm_resource -r dummy -M -N i.dont.exist" test_assert 6 desc="Create a fencing resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 0 desc="Bring resources online" cmd="crm_simulate --live-check --in-place -S" test_assert 0 desc="Try to move a resource to its existing location" cmd="crm_resource -r dummy --move --host node1" test_assert 22 desc="Move a resource from its existing location" cmd="crm_resource -r dummy --move" test_assert 0 desc="Clear out constraints generated by --move" cmd="crm_resource -r dummy --clear" test_assert 0 desc="Default ticket granted state" cmd="crm_ticket -t ticketA -G granted -d false" test_assert 0 desc="Set ticket granted state" cmd="crm_ticket -t ticketA -r --force" test_assert 0 desc="Query ticket granted state" cmd="crm_ticket -t ticketA -G granted" test_assert 0 desc="Delete ticket granted state" cmd="crm_ticket -t ticketA -D granted --force" test_assert 0 desc="Make a ticket standby" cmd="crm_ticket -t ticketA -s" test_assert 0 desc="Query ticket standby state" cmd="crm_ticket -t ticketA -G standby" test_assert 0 desc="Activate a ticket" cmd="crm_ticket -t ticketA -a" test_assert 0 desc="Delete ticket standby state" cmd="crm_ticket -t ticketA -D standby" test_assert 0 desc="Ban a resource on unknown node" cmd="crm_resource -r dummy -B -N host1" test_assert 6 desc="Create two more nodes and bring them online" cmd="crm_simulate --live-check --in-place --node-up=node2 --node-up=node3" test_assert 0 desc="Ban dummy from node1" cmd="crm_resource -r dummy -B -N node1" test_assert 0 desc="Ban dummy from node2" cmd="crm_resource -r dummy -B -N node2" test_assert 0 desc="Relocate resources due to ban" cmd="crm_simulate --live-check --in-place -S" test_assert 0 desc="Move dummy to node1" cmd="crm_resource -r dummy -M -N node1" test_assert 0 desc="Clear implicit constraints for dummy on node2" cmd="crm_resource -r dummy -U -N node2" test_assert 0 } function test_dates() { for y in 06 07 08 09 10 11 12 13 14 15 16 17 18; do desc="20$y-W01-7" cmd="iso8601 -d '20$y-W01-7 00Z'" test_assert 0 0 desc="20$y-W01-7 - round-trip" cmd="iso8601 -d '20$y-W01-7 00Z' -W -E '20$y-W01-7 00:00:00Z'" test_assert 0 0 desc="20$y-W01-1" cmd="iso8601 -d '20$y-W01-1 00Z'" test_assert 0 0 desc="20$y-W01-1 - round-trip" cmd="iso8601 -d '20$y-W01-1 00Z' -W -E '20$y-W01-1 00:00:00Z'" test_assert 0 0 done desc="2009-W53-07" cmd="iso8601 -d '2009-W53-7 00:00:00Z' -W -E '2009-W53-7 00:00:00Z'" test_assert 0 0 desc="2009-01-31 + 1 Month" cmd="iso8601 -d '2009-01-31 00:00:00Z' -D P1M -E '2009-02-28 00:00:00Z'" test_assert 0 0 desc="2009-01-31 + 2 Months" cmd="iso8601 -d '2009-01-31 00:00:00Z' -D P2M -E '2009-03-31 00:00:00Z'" test_assert 0 0 desc="2009-01-31 + 3 Months" cmd="iso8601 -d '2009-01-31 00:00:00Z' -D P3M -E '2009-04-30 00:00:00Z'" test_assert 0 0 desc="2009-03-31 - 1 Month" cmd="iso8601 -d '2009-03-31 00:00:00Z' -D P-1M -E '2009-02-28 00:00:00Z'" test_assert 0 0 } +function test_acl_loop() { -function test_acls() { - export CIB_shadow_dir=$test_home - $VALGRIND_CMD crm_shadow --batch --force --create-empty $shadow 2>&1 - export CIB_shadow=$shadow - - cat</tmp/$$.acls.xml - - - - - - - - - - - - - -EOF - - desc="Configure some ACLs" - cmd="cibadmin -M -o acls --xml-file /tmp/$$.acls.xml" - test_assert 0 - - desc="Enable ACLs" - cmd="crm_attribute -n enable-acl -v true" - test_assert 0 - - desc="Set cluster option" - cmd="crm_attribute -n no-quorum-policy -v ignore" - test_assert 0 + CIB_user=root cibadmin --replace --xml-text '' + CIB_user=root cibadmin -Q export CIB_user=unknownguy desc="$CIB_user: Query configuration" cmd="cibadmin -Q" test_assert 13 desc="$CIB_user: Set enable-acl" cmd="crm_attribute -n enable-acl -v false" test_assert 13 desc="$CIB_user: Set stonith-enabled" cmd="crm_attribute -n stonith-enabled -v false" test_assert 13 desc="$CIB_user: Create a resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 13 export CIB_user=l33t-haxor desc="$CIB_user: Query configuration" cmd="cibadmin -Q" test_assert 13 desc="$CIB_user: Set enable-acl" cmd="crm_attribute -n enable-acl -v false" test_assert 13 desc="$CIB_user: Set stonith-enabled" cmd="crm_attribute -n stonith-enabled -v false" test_assert 13 desc="$CIB_user: Create a resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 13 export CIB_user=niceguy desc="$CIB_user: Query configuration" cmd="cibadmin -Q" test_assert 0 desc="$CIB_user: Set enable-acl" cmd="crm_attribute -n enable-acl -v false" test_assert 13 desc="$CIB_user: Set stonith-enabled" cmd="crm_attribute -n stonith-enabled -v false" test_assert 0 desc="$CIB_user: Create a resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 13 export CIB_user=root desc="$CIB_user: Query configuration" cmd="cibadmin -Q" test_assert 0 desc="$CIB_user: Set stonith-enabled" cmd="crm_attribute -n stonith-enabled -v true" test_assert 0 desc="$CIB_user: Create a resource" cmd="cibadmin -C -o resources --xml-text ''" test_assert 0 export CIB_user=l33t-haxor desc="$CIB_user: Create a resource meta attribute" cmd="crm_resource -r dummy --meta -p target-role -v Stopped" test_assert 13 desc="$CIB_user: Query a resource meta attribute" cmd="crm_resource -r dummy --meta -g target-role" test_assert 13 desc="$CIB_user: Remove a resource meta attribute" cmd="crm_resource -r dummy --meta -d target-role" test_assert 13 export CIB_user=niceguy desc="$CIB_user: Create a resource meta attribute" cmd="crm_resource -r dummy --meta -p target-role -v Stopped" test_assert 0 desc="$CIB_user: Query a resource meta attribute" cmd="crm_resource -r dummy --meta -g target-role" test_assert 0 desc="$CIB_user: Remove a resource meta attribute" cmd="crm_resource -r dummy --meta -d target-role" test_assert 0 desc="$CIB_user: Create a resource meta attribute" cmd="crm_resource -r dummy --meta -p target-role -v Started" test_assert 0 - export CIB_user=root - desc="New ACL" - cmd="cibadmin --create -o acls --xml-text ''" - test_assert 0 - + sed -i 's/epoch=\"9/epoch=\"10/g' ${CIB_shadow_dir}/shadow.${CIB_shadow} export CIB_user=badidea desc="$CIB_user: Query configuration - implied deny" cmd="cibadmin -Q" test_assert 0 - export CIB_user=root - desc="Updated ACL" - cmd="cibadmin --replace -o acls --xml-text ''" - test_assert 0 - - export CIB_user=badidea + sed -i 's/epoch=\"10/epoch=\"11/g' ${CIB_shadow_dir}/shadow.${CIB_shadow} + export CIB_user=betteridea desc="$CIB_user: Query configuration - explicit deny" cmd="cibadmin -Q" test_assert 0 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --delete --xml-text '' sed -i 's/epoch=.12/epoch=\"11/g' /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql export CIB_user=niceguy # Make sure we're rejecting things for the right reasons export PCMK_trace_functions=__xml_acl_check,__xml_acl_post_process desc="$CIB_user: Replace - remove acls" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml -V" test_assert 13 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -C -o resources --xml-text '' sed -i 's/epoch=.12/epoch=\"11/g' /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - create resource" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml -V" test_assert 13 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" crm_attribute -n enable-acl -v false sed -i 's/epoch=.12/epoch=\"11/g' /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - modify attribute" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml -V" test_assert 13 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --replace --xml-text '' sed -i 's/epoch=.12/epoch=\"11/g' /tmp/$$.haxor.xml sed -i 's/num_updates=.1/num_updates=\"0/g' /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - delete attribute" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml -V" test_assert 13 CIB_user=root cibadmin -Q > /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin --modify --xml-text '' sed -i 's/epoch=.12/epoch=\"11/g' /tmp/$$.haxor.xml CIB_user=root CIB_file=/tmp/$$.haxor.xml CIB_shadow="" cibadmin -Ql desc="$CIB_user: Replace - create attribute" cmd="cibadmin --replace --xml-file /tmp/$$.haxor.xml -V" test_assert 13 rm -rf /tmp/$$.haxor.xml } +function test_acls() { + export CIB_shadow_dir=$test_home + $VALGRIND_CMD crm_shadow --batch --force --create-empty $shadow --validate-with pacemaker-1.3 2>&1 + export CIB_shadow=$shadow + + cat</tmp/$$.acls.xml + + + + + + + + + + + + + +EOF + + desc="Configure some ACLs" + cmd="cibadmin -M -o acls --xml-file /tmp/$$.acls.xml" + test_assert 0 + + desc="Enable ACLs" + cmd="crm_attribute -n enable-acl -v true" + test_assert 0 + + desc="Set cluster option" + cmd="crm_attribute -n no-quorum-policy -v ignore" + test_assert 0 + + desc="New ACL" + cmd="cibadmin --create -o acls --xml-text ''" + test_assert 0 + + desc="Another ACL" + cmd="cibadmin --create -o acls --xml-text ''" + test_assert 0 + + desc="Updated ACL" + cmd="cibadmin --replace -o acls --xml-text ''" + test_assert 0 + + sed -i 's/epoch=\"6/epoch=\"3/g' ${CIB_shadow_dir}/shadow.${CIB_shadow} + + test_acl_loop +} + for t in $tests; do echo "Testing $t" test_$t > $test_home/regression.$t.out sed -i -e 's/cib-last-written.*>/>/'\ -e 's/ last-run=\"[0-9]*\"//' \ - -e 's/crm_feature_set="[^"]*"//'\ - -e 's/validate-with="[^"]*"//'\ + -e 's/crm_feature_set="[^"]*" //'\ + -e 's/validate-with="[^"]*" //'\ -e 's/.*__xml_acl_check/__xml_acl_check/g'\ -e 's/.*__xml_acl_post_process/__xml_acl_post_process/g'\ -e 's/ last-rc-change=\"[0-9]*\"//' $test_home/regression.$t.out if [ $do_save = 1 ]; then cp $test_home/regression.$t.out $test_home/regression.$t.exp fi done failed=0 echo -e "\n\nResults" for t in $tests; do if [ $do_save = 1 ]; then cp $test_home/regression.$t.out $test_home/regression.$t.exp fi if [ $verbose = 1 ]; then diff -u $test_home/regression.$t.exp $test_home/regression.$t.out else diff -wu $test_home/regression.$t.exp $test_home/regression.$t.out fi if [ $? != 0 ]; then failed=1 fi done echo -e "\n\nSummary" for t in $tests; do grep -e "^*" $test_home/regression.$t.out done if [ $num_errors != 0 ]; then echo $num_errors tests failed exit 1 elif [ $failed = 1 ]; then echo $num_passed tests passed but diff failed exit 2 else echo $num_passed tests passed exit 0 fi