1*f1c4c3daSCy Schubertfrom k5test import * 2*f1c4c3daSCy Schubert 3*f1c4c3daSCy Schubertrealm = K5Realm(create_host=False) 4*f1c4c3daSCy Schubert 5*f1c4c3daSCy Schubertmark('Fallback to primary KDC') 6*f1c4c3daSCy Schubert 7*f1c4c3daSCy Schubert# Create a replica database and start a KDC. 8*f1c4c3daSCy Schubertconf_rep = {'dbmodules': {'db': {'database_name': '$testdir/db.replica2'}}, 9*f1c4c3daSCy Schubert 'realms': {'$realm': {'kdc_listen': '$port9', 10*f1c4c3daSCy Schubert 'kdc_tcp_listen': '$port9'}}} 11*f1c4c3daSCy Schubertreplica = realm.special_env('replica', True, kdc_conf=conf_rep) 12*f1c4c3daSCy Schubertdumpfile = os.path.join(realm.testdir, 'dump') 13*f1c4c3daSCy Schubertrealm.run([kdb5_util, 'dump', dumpfile]) 14*f1c4c3daSCy Schubertrealm.run([kdb5_util, 'load', dumpfile], env=replica) 15*f1c4c3daSCy Schubertreplica_kdc = realm.start_server([krb5kdc, '-n'], 'starting...', env=replica) 16*f1c4c3daSCy Schubert 17*f1c4c3daSCy Schubert# Change the password on the primary. 18*f1c4c3daSCy Schubertrealm.run([kadminl, 'cpw', '-pw', 'new', realm.user_princ]) 19*f1c4c3daSCy Schubert 20*f1c4c3daSCy Schubertconf_fallback = {'realms': {'$realm': {'kdc': '$hostname:$port9', 21*f1c4c3daSCy Schubert 'primary_kdc': '$hostname:$port0'}}} 22*f1c4c3daSCy Schubertfallback = realm.special_env('fallback', False, krb5_conf=conf_fallback) 23*f1c4c3daSCy Schubertmsgs = ('Retrying AS request with primary KDC',) 24*f1c4c3daSCy Schubertrealm.kinit(realm.user_princ, 'new', env=fallback, expected_trace=msgs) 25*f1c4c3daSCy Schubert 26*f1c4c3daSCy Schubertstop_daemon(replica_kdc) 27*f1c4c3daSCy Schubert 28*f1c4c3daSCy Schubertmark('UNIX domain socket') 29*f1c4c3daSCy Schubert 30*f1c4c3daSCy Schubertconf_unix = {'realms': {'$realm': {'kdc_listen': '$testdir/krb5.sock', 31*f1c4c3daSCy Schubert 'kdc_tcp_listen': ''}}} 32*f1c4c3daSCy Schubertunix = realm.special_env('unix', True, kdc_conf=conf_unix) 33*f1c4c3daSCy Schubertrealm.run([kdb5_util, 'load', dumpfile], env=unix) 34*f1c4c3daSCy Schubertrealm.stop_kdc() 35*f1c4c3daSCy Schubertrealm.start_kdc(env=unix) 36*f1c4c3daSCy Schubert 37*f1c4c3daSCy Schubertconf_unix_cli = {'realms': {'$realm': {'kdc': '$testdir/krb5.sock'}}} 38*f1c4c3daSCy Schubertunix_cli = realm.special_env('unix_cli', False, krb5_conf=conf_unix_cli) 39*f1c4c3daSCy Schubert 40*f1c4c3daSCy Schubert# Do a kinit and check if we send the packet via a UNIX domain socket. 41*f1c4c3daSCy Schubertmsgs = ('Sending TCP request to UNIX domain socket',) 42*f1c4c3daSCy Schubertrealm.kinit(realm.user_princ, password('user'), env=unix_cli, 43*f1c4c3daSCy Schubert expected_trace=msgs) 44*f1c4c3daSCy Schubert 45*f1c4c3daSCy Schubertsuccess('sendto_kdc') 46