1from k5test import * 2 3realm = K5Realm(create_host=False) 4 5mark('Fallback to primary KDC') 6 7# Create a replica database and start a KDC. 8conf_rep = {'dbmodules': {'db': {'database_name': '$testdir/db.replica2'}}, 9 'realms': {'$realm': {'kdc_listen': '$port9', 10 'kdc_tcp_listen': '$port9'}}} 11replica = realm.special_env('replica', True, kdc_conf=conf_rep) 12dumpfile = os.path.join(realm.testdir, 'dump') 13realm.run([kdb5_util, 'dump', dumpfile]) 14realm.run([kdb5_util, 'load', dumpfile], env=replica) 15replica_kdc = realm.start_server([krb5kdc, '-n'], 'starting...', env=replica) 16 17# Change the password on the primary. 18realm.run([kadminl, 'cpw', '-pw', 'new', realm.user_princ]) 19 20conf_fallback = {'realms': {'$realm': {'kdc': '$hostname:$port9', 21 'primary_kdc': '$hostname:$port0'}}} 22fallback = realm.special_env('fallback', False, krb5_conf=conf_fallback) 23msgs = ('Retrying AS request with primary KDC',) 24realm.kinit(realm.user_princ, 'new', env=fallback, expected_trace=msgs) 25 26stop_daemon(replica_kdc) 27 28mark('UNIX domain socket') 29 30conf_unix = {'realms': {'$realm': {'kdc_listen': '$testdir/krb5.sock', 31 'kdc_tcp_listen': ''}}} 32unix = realm.special_env('unix', True, kdc_conf=conf_unix) 33realm.run([kdb5_util, 'load', dumpfile], env=unix) 34realm.stop_kdc() 35realm.start_kdc(env=unix) 36 37conf_unix_cli = {'realms': {'$realm': {'kdc': '$testdir/krb5.sock'}}} 38unix_cli = realm.special_env('unix_cli', False, krb5_conf=conf_unix_cli) 39 40# Do a kinit and check if we send the packet via a UNIX domain socket. 41msgs = ('Sending TCP request to UNIX domain socket',) 42realm.kinit(realm.user_princ, password('user'), env=unix_cli, 43 expected_trace=msgs) 44 45success('sendto_kdc') 46