1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
#!/bin/bash
. $(dirname $0)/../../include.rc
. $(dirname $0)/../../volume.rc
check_mounted () {
df | grep $1 | wc -l
}
CHECK_MOUNT_TIMEOUT=7
TEST glusterd
TEST $CLI volume create $V0 $H0:$B0/$V0
# Set auth.allow to dummy hostname so it *doesn't* include ourselves.
TEST $CLI volume set $V0 auth.allow example.org
TEST $CLI volume start $V0
# "System getspec" will include the username and password if the request comes
# from a server (which we are). Unfortunately, this will cause authentication
# to succeed in auth.login regardless of whether auth.addr is working properly
# or not, which is useless to us. To get a proper test, strip out those lines.
$CLI system getspec $V0 | sed -e /username/d -e /password/d > fubar.vol
# This mount should fail because auth.allow doesn't include us.
TEST $GFS -f fubar.vol $M0
EXPECT_WITHIN $CHECK_MOUNT_TIMEOUT 0 check_mounted $M0
# Add tests when only username is present, but not password
# "System getspec" will include the username and password if the request comes
# from a server (which we are). Unfortunately, this will cause authentication
# to succeed in auth.login regardless of whether auth.addr is working properly
# or not, which is useless to us. To get a proper test, strip out those lines.
$CLI system getspec $V0 | sed -e /password/d > fubar.vol
# This mount should fail because auth.allow doesn't include our password.
TEST $GFS -f fubar.vol $M0
# If we had DONT_EXPECT_WITHIN we could use that, but we don't.
EXPECT_WITHIN $CHECK_MOUNT_TIMEOUT 0 check_mounted $M0
# Now, add a test for login failure when server doesn't have the password entry
# Add tests when only username is present, but not password
# "System getspec" will include the username and password if the request comes
# from a server (which we are). Unfortunately, this will cause authentication
# to succeed in auth.login regardless of whether auth.addr is working properly
# or not, which is useless to us. To get a proper test, strip out those lines.
$CLI system getspec $V0 > fubar.vol
TEST $CLI volume stop $V0
sed -i -e '/password /d' /var/lib/glusterd/vols/$V0/$V0.*$V0.vol
TEST $CLI volume start $V0
# This mount should fail because auth.allow doesn't include our password.
TEST $GFS -f fubar.vol $M0
EXPECT_WITHIN $CHECK_MOUNT_TIMEOUT 0 check_mounted $M0
# Set auth.allow to include us. This mount should therefore succeed.
TEST $CLI volume set $V0 auth.allow $H0
$CLI system getspec $V0 | sed -e /password/d > fubar.vol
TEST $GFS -f fubar.vol $M0
EXPECT_WITHIN $CHECK_MOUNT_TIMEOUT 1 check_mounted $M0
EXPECT_WITHIN $UMOUNT_TIMEOUT "Y" force_umount $M0
# Set auth.reject to include us. This mount should therefore fail.
TEST $CLI volume stop $V0
TEST $CLI volume set $V0 auth.allow "\*"
TEST $CLI volume set $V0 auth.reject $H0
TEST $CLI volume start $V0
# Do this, so login module is not in picture
$CLI system getspec $V0 | sed -e /password/d > fubar.vol
TEST $GFS -f fubar.vol $M0
EXPECT_WITHIN $CHECK_MOUNT_TIMEOUT 0 check_mounted $M0
cleanup
|
