Make script to check test environment

This changes the in_testenv.sh script into testenv.sh which has more
checks and a few functions to configure the test environment.

6 files changed, 196 insertions, 74 deletions

diff --git a/tests/Makefile.am b/tests/Makefile.am
index 0e42417..53293a6 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -34,7 +34,7 @@ check_PROGRAMS = test_dict test_set test_tio test_expr test_getpeercred \
                  test_cfg test_myldap test_common test_clock test_tio_timeout \
                  lookup_netgroup lookup_shadow
 
-EXTRA_DIST = nslcd-test.conf usernames.txt in_testenv.sh test_myldap.sh \
+EXTRA_DIST = nslcd-test.conf usernames.txt testenv.sh test_myldap.sh \
              test_nsscmds.sh  test_pamcmds.sh test_pamcmds.expect \
              test_manpages.sh \
              test_pycompile.sh test_pylint.sh pylint.rc test_pynslcd_cache.py
diff --git a/tests/in_testenv.sh b/tests/in_testenv.sh
deleted file mode 100755
index 5137140..0000000
--- a/tests/in_testenv.sh
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/bin/sh
-
-# in_testenv.sh - script to check whether we are running in test environment
-#
-# Copyright (C) 2011 Arthur de Jong
-#
-# This library is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 2.1 of the License, or (at your option) any later version.
-#
-# This library is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public
-# License along with this library; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301 USA
-
-# This script expects to be run in an environment where nss-pam-ldapd
-# is deployed with an LDAP server with the proper content (and nslcd running).
-# It's probably best to run this in an environment without nscd (this breaks
-# the services tests).
-
-# check if LDAP is configured correctly
-cfgfile="/etc/nslcd.conf"
-if [ -r "$cfgfile" ]
-then
-  :
-else
-  echo "$0: $cfgfile: not found"
-  exit 77
-fi
-
-uri=`sed -n 's/^uri *//p' "$cfgfile" | head -n 1`
-base="dc=test,dc=tld"
-
-# try to fetch the base DN (fail with exit 77 to indicate problem)
-ldapsearch -b "$base" -s base -x -H "$uri" > /dev/null 2>&1 || {
-  echo "$0: LDAP server $uri not available for $base"
-  exit 77
-}
-
-# basic check to see if nslcd is running
-if [ -S /var/run/nslcd/socket ] && \
-   [ -f /var/run/nslcd/nslcd.pid ] && \
-   kill -s 0 `cat /var/run/nslcd/nslcd.pid` > /dev/null 2>&1
-then
-  :
-else
-  echo "$0: nslcd not running"
-  exit 77
-fi
-
-# TODO: check if nscd is running
-
-# TODO: check if /etc/nsswitch.conf is correct
-
-echo "$0: using LDAP server $uri"
diff --git a/tests/test_nsscmds.sh b/tests/test_nsscmds.sh
index ec09a0c..cf997fc 100755
--- a/tests/test_nsscmds.sh
+++ b/tests/test_nsscmds.sh
@@ -30,11 +30,14 @@ set -e
 srcdir="${srcdir-`dirname "$0"`}"
 
 # ensure that we are running in the test environment
-. "$srcdir/in_testenv.sh"
+"$srcdir/testenv.sh" check || exit 77
 
 # preload our own NSS module
-LD_PRELOAD="$srcdir/../nss/nss_ldap.so"
-export LD_PRELOAD
+if [ -e "$srcdir/../nss/nss_ldap.so" ]
+then
+  LD_PRELOAD="$srcdir/../nss/nss_ldap.so"
+  export LD_PRELOAD
+fi
 
 # the total number of errors
 FAIL=0
diff --git a/tests/test_pamcmds.expect b/tests/test_pamcmds.expect
index cfd5c8f..567da54 100644
--- a/tests/test_pamcmds.expect
+++ b/tests/test_pamcmds.expect
@@ -2,7 +2,7 @@
 
 # test_pamcmds.expect - test script to check output of PAM commands
 #
-# Copyright (C) 2011 Arthur de Jong
+# Copyright (C) 2011, 2012, 2013 Arthur de Jong
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -58,13 +58,12 @@ if { [exec id -u] != "0" } {
   exit 77
 }
 # ensure that we are running in the test environment
-spawn $env(srcdir)/in_testenv.sh
-expect {
-  "in_testenv.sh: using LDAP server" { expect eof }
-  eof {
-    send_user "test_pamcmds.expect: not running in test environment\n"
-    exit 77
-  }
+spawn $env(srcdir)/testenv.sh check
+expect eof
+catch wait result
+if { [lindex $result 3] } {
+  send_user "test_pamcmds.expect: not running in test environment\n"
+  exit 77
 }
 
 # ensure that a correct password is set
diff --git a/tests/test_pamcmds.sh b/tests/test_pamcmds.sh
index a50205c..76d825f 100755
--- a/tests/test_pamcmds.sh
+++ b/tests/test_pamcmds.sh
@@ -25,7 +25,7 @@ set -e
 srcdir="${srcdir-`dirname "$0"`}"
 
 # ensure that we are running in the test environment
-. "$srcdir/in_testenv.sh"
+"$srcdir/testenv.sh" check || exit 77
 
 # check if we have expect installed
 EXPECT="$(which expect 2> /dev/null || true)"
diff --git a/tests/testenv.sh b/tests/testenv.sh
new file mode 100755
index 0000000..4f94c11
--- /dev/null
+++ b/tests/testenv.sh
@@ -0,0 +1,181 @@
+#!/bin/sh
+
+# testenv.sh - script to check test environment
+#
+# Copyright (C) 2011, 2013 Arthur de Jong
+#
+# This library is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 2.1 of the License, or (at your option) any later version.
+#
+# This library is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public
+# License along with this library; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+# 02110-1301 USA
+
+set -e
+
+# get the script name
+script="`basename "$0"`"
+
+# find source directory (used for finding auxiliary files)
+srcdir="${srcdir-`dirname "$0"`}"
+
+# location of nslcd configuration file
+nslcd_cfg="${nslcd_cfg-/etc/nslcd.conf}"
+
+# find the names of services that are configured to use LDAP
+nss_list_configured()
+{
+  sed -n 's/^[ \t]*\([a-z]*\)[ \t]*:.*[ \t]ldap.*$/\1/p' /etc/nsswitch.conf \
+    | xargs
+}
+
+# check whether the name is configure to do lookups through LDAP
+nss_is_enabled()
+{
+  name="$1"
+  grep '^[ \t]*'$name'[ \t]*:.*ldap.*' /etc/nsswitch.conf > /dev/null
+}
+
+# check to see if name is configured to do lookups through
+# LDAP and enable if not
+nss_enable()
+{
+  name="$1"
+  if nss_is_enabled "$name"
+  then
+   :
+  else
+    echo "$script: /etc/nsswitch.conf: enable LDAP lookups for $name" >&2
+    if grep -q '^[ \t]*'$name'[ \t]*:' /etc/nsswitch.conf
+    then
+      # modify an existing entry by just adding ldap to the end
+      sed -i 's/^\([ \t]*'$name'[ \t]*:.*[^ \t]\)[ \t]*$/\1 ldap/' /etc/nsswitch.conf
+    else
+      # append a new line
+      printf '%-15s ldap\n' $name':' >> /etc/nsswitch.conf
+    fi
+    # invalidate nscd cache
+    nscd -i "$name" > /dev/null 2>&1 || true
+  fi
+  # we're done
+  return 0
+}
+
+# check nsswitch.conf
+check_nsswitch() {
+  required="${1:-passwd group}"
+  if [ -r /etc/nsswitch.conf ]
+  then
+    :
+  else
+    echo "$script: ERROR: /etc/nsswitch.conf: not found" >&2
+    return 1
+  fi
+  enabled=`nss_list_configured`
+  if [ -z "$enabled" ]
+  then
+    echo "$script: ERROR: /etc/nsswitch.conf: no LDAP maps configured" >&2
+    return 1
+  fi
+  for x in $required
+  do
+    if nss_is_enabled "$x"
+    then
+      :
+    else
+      echo "$script: ERROR: /etc/nsswitch.conf: $x not using ldap" >&2
+      return 1
+    fi
+  done
+  echo "$script: nsswitch.conf configured for $enabled"
+  return 0
+}
+
+# check PAM stack
+check_pam() {
+  # TODO: implement some tests
+  return 0
+}
+
+# check whether the LDAP server is available
+check_ldap_server() {
+  if [ -r "$nslcd_cfg" ]
+  then
+    :
+  else
+    echo "$script: ERROR: $nslcd_cfg: not found"
+    return 1
+  fi
+  uri=`sed -n 's/^uri *//p' "$nslcd_cfg" | head -n 1`
+  base="dc=test,dc=tld"
+  # try to fetch the base DN
+  ldapsearch -b "$base" -s base -x -H "$uri" > /dev/null 2>&1 || {
+    echo "$script: ERROR: LDAP server $uri not available for $base"
+    return 1
+  }
+  echo "$script: using LDAP server $uri"
+  return 0
+}
+
+# check nslcd.conf file for presence and correct configuration
+check_nslcd_conf() {
+  # check if file is present
+  [ -r "$nslcd_cfg" ] || {
+    echo "$script: ERROR: $nslcd_cfg: not found" >&2
+    return 1
+  }
+  # TODO: more tests...
+  return 0
+}
+
+# basic check to see if nslcd is running
+check_nslcd_running() {
+  if [ -r /var/run/nslcd/socket ] && \
+     [ -f /var/run/nslcd/nslcd.pid ] && \
+     kill -0 `cat /var/run/nslcd/nslcd.pid` > /dev/null 2>&1
+  then
+    echo "$script: nslcd running (pid `cat /var/run/nslcd/nslcd.pid`)" >&2
+    return 0
+  fi
+  echo "$script: ERROR: nslcd not running" >&2
+  return 1
+}
+
+case "$1" in
+  nss_enable)
+    shift
+    while [ $# -gt 0 ]
+    do
+      nss_enable "$1"
+      shift
+    done
+    exit 0
+    ;;
+  check)
+    res=0
+    check_nsswitch || res=1
+    check_pam || res=1
+    check_ldap_server || res=1
+    check_nslcd_conf || res=1
+    check_nslcd_running || res=1
+    [ $res -eq 0 ] && echo "$script: test environment OK"  || true
+    exit $res
+    ;;
+  check_nss)
+    shift
+    check_nsswitch "$*" || exit 1
+    exit 0
+    ;;
+  *)
+    echo "Usage: $0 {nss_enable|check|check_nss}" >&2
+    exit 1
+    ;;
+esac