|
|
|
@ -1,4 +1,4 @@ |
|
|
|
|
import ../make-test.nix ({pkgs, ...}: { |
|
|
|
|
import ../make-test-python.nix ({pkgs, ...}: { |
|
|
|
|
name = "kerberos_server-heimdal"; |
|
|
|
|
machine = { config, libs, pkgs, ...}: |
|
|
|
|
{ services.kerberos_server = |
|
|
|
@ -23,31 +23,20 @@ import ../make-test.nix ({pkgs, ...}: { |
|
|
|
|
}; |
|
|
|
|
|
|
|
|
|
testScript = '' |
|
|
|
|
$machine->start; |
|
|
|
|
machine.succeed( |
|
|
|
|
"kadmin -l init --realm-max-ticket-life='8 day' --realm-max-renewable-life='10 day' FOO.BAR", |
|
|
|
|
"systemctl restart kadmind.service kdc.service", |
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
$machine->succeed( |
|
|
|
|
"kadmin -l init --realm-max-ticket-life='8 day' \\ |
|
|
|
|
--realm-max-renewable-life='10 day' FOO.BAR" |
|
|
|
|
); |
|
|
|
|
for unit in ["kadmind", "kdc", "kpasswdd"]: |
|
|
|
|
machine.wait_for_unit(f"{unit}.service") |
|
|
|
|
|
|
|
|
|
$machine->succeed("systemctl restart kadmind.service kdc.service"); |
|
|
|
|
$machine->waitForUnit("kadmind.service"); |
|
|
|
|
$machine->waitForUnit("kdc.service"); |
|
|
|
|
$machine->waitForUnit("kpasswdd.service"); |
|
|
|
|
|
|
|
|
|
$machine->succeed( |
|
|
|
|
"kadmin -l add --password=admin_pw --use-defaults admin" |
|
|
|
|
); |
|
|
|
|
$machine->succeed( |
|
|
|
|
"kadmin -l ext_keytab --keytab=admin.keytab admin" |
|
|
|
|
); |
|
|
|
|
$machine->succeed( |
|
|
|
|
"kadmin -p admin -K admin.keytab add --password=alice_pw --use-defaults \\ |
|
|
|
|
alice" |
|
|
|
|
); |
|
|
|
|
$machine->succeed( |
|
|
|
|
"kadmin -l ext_keytab --keytab=alice.keytab alice" |
|
|
|
|
); |
|
|
|
|
$machine->succeed("kinit -kt alice.keytab alice"); |
|
|
|
|
machine.succeed( |
|
|
|
|
"kadmin -l add --password=admin_pw --use-defaults admin", |
|
|
|
|
"kadmin -l ext_keytab --keytab=admin.keytab admin", |
|
|
|
|
"kadmin -p admin -K admin.keytab add --password=alice_pw --use-defaults alice", |
|
|
|
|
"kadmin -l ext_keytab --keytab=alice.keytab alice", |
|
|
|
|
"kinit -kt alice.keytab alice", |
|
|
|
|
) |
|
|
|
|
''; |
|
|
|
|
}) |
|
|
|
|