| #!/bin/bash |
| |
| # Licensed to the Apache Software Foundation (ASF) under one |
| # or more contributor license agreements. See the NOTICE file |
| # distributed with this work for additional information |
| # regarding copyright ownership. The ASF licenses this file |
| # to you under the Apache License, Version 2.0 (the |
| # "License"); you may not use this file except in compliance |
| # with the License. You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, |
| # software distributed under the License is distributed on an |
| # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| # KIND, either express or implied. See the License for the |
| # specific language governing permissions and limitations |
| # under the License. |
| |
| # |
| # Script to test Debian installer within Docker container. |
| # |
| |
| NAME="apacheds-${project.version}" |
| DIRNAME="${NAME}" |
| SERVICE_NAME="${NAME}-default" |
| |
| wait_for_apacheds() { |
| timeout 60 sh -c "while ! nc -z localhost 10389; do sleep 1; done" |
| } |
| |
| # stop execution if any command fails (i.e. exits with status code > 0) |
| set -e |
| |
| # trace commands |
| set -x |
| |
| # install required tools |
| apt-get -qq update |
| apt-get -qq -y install ldap-utils netcat procps |
| command -v java >/dev/null 2>&1 || apt-get -qq -y install default-jre-headless |
| java -version |
| |
| # assert no duplicate files (DIRSERVER-2197) |
| test $(dpkg -c /apacheds.deb | sort | uniq -cd | wc -l) -eq 0 |
| |
| # install |
| dpkg -i /apacheds.deb |
| |
| # assert installed |
| dpkg -l | grep apacheds |
| |
| # assert files and directories exist |
| test -f /opt/${DIRNAME}/LICENSE |
| test -f /opt/${DIRNAME}/NOTICE |
| test -d /var/lib/${DIRNAME}/default |
| |
| # assert not running: output and exit status |
| service ${SERVICE_NAME} status | grep "ApacheDS - default is not running" |
| service ${SERVICE_NAME} status || test $? -ne 0 |
| |
| # start |
| service ${SERVICE_NAME} start |
| wait_for_apacheds |
| |
| # assert running: output and exit status |
| service ${SERVICE_NAME} status | grep "ApacheDS - default is running" |
| service ${SERVICE_NAME} status && test $? -eq 0 |
| |
| # search |
| ldapsearch -h localhost -p 10389 -x -D "uid=admin,ou=system" -w secret -s base -b "dc=example,dc=com" |
| |
| # configure SASL auth |
| ldapmodify -h localhost -p 10389 -x -D "uid=admin,ou=system" -w secret -f /config.ldif |
| service ${SERVICE_NAME} restart |
| wait_for_apacheds |
| ldapmodify -h localhost -p 10389 -x -D "uid=admin,ou=system" -w secret -f /data.ldif |
| |
| # test SASL auth and confidentiality |
| ldapwhoami -h localhost -p 10389 -Y DIGEST-MD5 -N -O "minssf=128" -U user.1 -R example.com -w secret |& tee /tmp/ldapwhoami.log |
| grep "SASL/DIGEST-MD5 authentication started" /tmp/ldapwhoami.log |
| grep "SASL username: user.1" /tmp/ldapwhoami.log |
| grep "SASL SSF: 128" /tmp/ldapwhoami.log |
| grep "SASL data security layer installed." /tmp/ldapwhoami.log |
| ldapsearch -h localhost -p 10389 -Y DIGEST-MD5 -N -O "minssf=128" -U user.1 -R example.com -w secret -s sub -b "ou=users,ou=system" |
| |
| # repair (stop before and start after) |
| service ${SERVICE_NAME} stop |
| service ${SERVICE_NAME} repair |
| wait_for_apacheds |
| service ${SERVICE_NAME} status | grep "ApacheDS - default is running" |
| service ${SERVICE_NAME} status && test $? -eq 0 |
| |
| # restart and search a few times |
| for i in 1 2 3 |
| do |
| service ${SERVICE_NAME} restart |
| wait_for_apacheds |
| ldapsearch -h localhost -p 10389 -x -D "uid=admin,ou=system" -w secret -s base -b "dc=example,dc=com" |
| done |
| |
| # stop |
| service ${SERVICE_NAME} stop |
| |
| # assert not running: output and exit status |
| service ${SERVICE_NAME} status | grep "ApacheDS - default is not running" |
| service ${SERVICE_NAME} status || test $? -ne 0 |
| |
| # assert password warning in log |
| grep ".*WARN.*admin password.*security breach.*" /var/lib/${DIRNAME}/default/log/apacheds.log |
| # assert no error in log |
| grep ".*ERROR.*" /var/lib/${DIRNAME}/default/log/apacheds.log && false |
| |
| # Handle OpenJ9 class sharing |
| rm -rf /opt/${DIRNAME}/javasharedresources |
| |
| # uninstall |
| dpkg -P apacheds |
| |
| # assert the backup file was created |
| test -f /var/lib/${DIRNAME}*.tgz |
| tar -tf /var/lib/${DIRNAME}*.tgz >> /dev/null |
| |
| # assert files and directory no more exist |
| test ! -e /opt/${DIRNAME} |
| test ! -e /var/lib/${DIRNAME}/default |
| |
| # SUCCESS |
| echo "SUCCESS" |
| |