-
Notifications
You must be signed in to change notification settings - Fork 266
/
openldap_to_389ds.pm
72 lines (60 loc) · 2.78 KB
/
openldap_to_389ds.pm
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
# Copyright 2021 SUSE LLC
# SPDX-License-Identifier: GPL-2.0-or-later
#
# Summary: The openldap_to_ds tool will attempt to automatically migrate
# custom schema, backens, some overlays from openldap to 389ds.
#
# Maintainer: QE YaST and Migration (QE Yam) <qe-yam at suse de>
use base 'consoletest';
use testapi;
use serial_terminal 'select_serial_terminal';
use strict;
use warnings;
use utils;
use Utils::Systemd qw(systemctl);
use version_utils;
use Utils::Logging 'tar_and_upload_log';
sub run {
my ($self) = @_;
my $password = $testapi::password;
select_serial_terminal;
# Install 389-ds
zypper_call("in 389-ds");
zypper_call('info 389-ds');
# Prepare data file for migration
assert_script_run("cd test");
assert_script_run "sed -i 's/^root_password.*/root_password = $password/' ./instance.inf";
assert_script_run("dscreate from-file ./instance.inf", timeout => 180);
assert_script_run("echo '127.0.0.1 susetest' >> /etc/hosts");
assert_script_run "dsctl localhost status";
# Check migration tools
tar_and_upload_log('./slapd.d', 'slapd.d.tar.bz2');
upload_logs("./db.ldif", timeout => 100);
upload_logs("./slapd.conf", timeout => 100);
assert_script_run "openldap_to_ds -v --confirm localhost ./slapd.d ./db.ldif > ldap2dslog";
upload_logs("./ldap2dslog", timeout => 100);
assert_script_run "ldapmodify -H ldap://localhost -x -D 'cn=Directory Manager' -w $password -f aci.ldif";
# Check refint and unique plugins status
my $out = script_output "dsconf localhost plugin attr-uniq list";
my @cn = split('\n', $out);
validate_script_output("dsconf localhost plugin attr-uniq show $cn[-1]", sub { m/nsslapd-pluginEnabled: on/ });
validate_script_output("dsconf localhost plugin referential-integrity show", sub { m/nsslapd-pluginEnabled: on/ });
# Manual fix memberof plugin
assert_script_run "dsconf localhost plugin memberof show";
assert_script_run "systemctl restart dirsrv\@localhost";
assert_script_run "dsconf localhost plugin memberof fixup dc=ldapdom,dc=net -f '(objectClass=*)'";
validate_script_output("dsconf localhost plugin memberof show", sub { m/nsslapd-pluginEnabled: on/ });
# Restart sssd make sure re-detect backend
systemctl("restart sssd");
systemctl("status sssd");
# check memeberof plugin
validate_script_output_retry("ldapsearch -H ldap://localhost -b 'dc=ldapdom,dc=net' -s sub -x -D 'cn=Directory Manager' -w $password memberof", sub { m/memberof:.*group1/ }, retry => 5, delay => 60);
validate_script_output('getent passwd testuser1\@ldapdom', sub { m/testuser1.*testuser1/ });
}
sub post_fail_hook {
my ($self) = @_;
select_console 'log-console';
tar_and_upload_log('/var/log/dirsrv', '/tmp/ds389.tar.bz2');
$self->SUPER::post_fail_hook;
}
1;