xref: /netbsd-src/external/bsd/openldap/dist/tests/scripts/test049-sync-config (revision e670fd5c413e99c2f6a37901bb21c537fcd322d2) 
12de962bdSlukem#! /bin/sh
2d11b170bStron# $OpenLDAP$
32de962bdSlukem## This work is part of OpenLDAP Software <http://www.openldap.org/>.
42de962bdSlukem##
5*e670fd5cSchristos## Copyright 1998-2021 The OpenLDAP Foundation.
62de962bdSlukem## All rights reserved.
72de962bdSlukem##
82de962bdSlukem## Redistribution and use in source and binary forms, with or without
92de962bdSlukem## modification, are permitted only as authorized by the OpenLDAP
102de962bdSlukem## Public License.
112de962bdSlukem##
122de962bdSlukem## A copy of this license is available in the file LICENSE in the
132de962bdSlukem## top-level directory of the distribution or, alternatively, at
142de962bdSlukem## <http://www.OpenLDAP.org/license.html>.
152de962bdSlukem
162de962bdSlukemecho "running defines.sh"
172de962bdSlukem. $SRCDIR/scripts/defines.sh
182de962bdSlukem
192de962bdSlukemif test $SYNCPROV = syncprovno; then
202de962bdSlukem	echo "Syncrepl provider overlay not available, test skipped"
212de962bdSlukem	exit 0
222de962bdSlukemfi
232de962bdSlukem
242de962bdSlukemPRODIR=$TESTDIR/pro
254e6df137SlukemCONDIR=$TESTDIR/con1
262de962bdSlukemDBPRO=$PRODIR/db
272de962bdSlukemDBCON=$CONDIR/db
282de962bdSlukemCFPRO=$PRODIR/slapd.d
292de962bdSlukemCFCON=$CONDIR/slapd.d
302de962bdSlukem
312de962bdSlukemmkdir -p $TESTDIR $PRODIR $CONDIR $DBPRO $DBCON $CFPRO $CFCON
322de962bdSlukem
332de962bdSlukem$SLAPPASSWD -g -n >$CONFIGPWF
342de962bdSlukem
354e6df137Slukemif test x"$SYNCMODE" = x ; then
364e6df137Slukem	SYNCMODE=rp
374e6df137Slukemfi
384e6df137Slukemcase "$SYNCMODE" in
394e6df137Slukem	ro)
404e6df137Slukem		SYNCTYPE="type=refreshOnly interval=00:00:00:03"
414e6df137Slukem		;;
424e6df137Slukem	rp)
434e6df137Slukem		SYNCTYPE="type=refreshAndPersist"
444e6df137Slukem		;;
454e6df137Slukem	*)
464e6df137Slukem		echo "unknown sync mode $SYNCMODE"
474e6df137Slukem		exit 1;
484e6df137Slukem		;;
494e6df137Slukemesac
504e6df137Slukem
512de962bdSlukem#
522de962bdSlukem# Test replication of dynamic config:
53d11b170bStron# - start provider
542de962bdSlukem# - start consumer
552de962bdSlukem# - configure over ldap
562de962bdSlukem# - populate over ldap
572de962bdSlukem# - configure syncrepl over ldap
582de962bdSlukem# - retrieve database over ldap and compare against expected results
592de962bdSlukem#
602de962bdSlukem
61d11b170bStronecho "Starting provider slapd on TCP/IP port $PORT1..."
62*e670fd5cSchristos. $CONFFILTER $BACKEND < $DYNAMICCONF > $CONFLDIF
632de962bdSlukem$SLAPADD -F $CFPRO -n 0 -l $CONFLDIF
642de962bdSlukemcd $PRODIR
65*e670fd5cSchristos$SLAPD -F ./slapd.d -h $URI1 -d $LVL > $LOG1 2>&1 &
662de962bdSlukemPID=$!
672de962bdSlukemif test $WAIT != 0 ; then
682de962bdSlukem    echo PID $PID
692de962bdSlukem    read foo
702de962bdSlukemfi
712de962bdSlukemKILLPIDS="$PID"
722de962bdSlukemcd $TESTWD
732de962bdSlukem
742de962bdSlukemsleep 1
752de962bdSlukem
76d11b170bStronecho "Using ldapsearch to check that provider slapd is running..."
772de962bdSlukemfor i in 0 1 2 3 4 5; do
782de962bdSlukem	$LDAPSEARCH -s base -b "" -H $URI1 \
792de962bdSlukem		'objectclass=*' > /dev/null 2>&1
802de962bdSlukem	RC=$?
812de962bdSlukem	if test $RC = 0 ; then
822de962bdSlukem		break
832de962bdSlukem	fi
842de962bdSlukem	echo "Waiting 5 seconds for slapd to start..."
852de962bdSlukem	sleep 5
862de962bdSlukemdone
872de962bdSlukem
882de962bdSlukemif test $RC != 0 ; then
892de962bdSlukem	echo "ldapsearch failed ($RC)!"
902de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
912de962bdSlukem	exit $RC
922de962bdSlukemfi
932de962bdSlukem
94d11b170bStronecho "Inserting syncprov overlay on provider..."
952de962bdSlukemif [ "$SYNCPROV" = syncprovmod ]; then
962de962bdSlukem	$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF > $TESTOUT 2>&1
972de962bdSlukemdn: cn=module,cn=config
982de962bdSlukemobjectClass: olcModuleList
992de962bdSlukemcn: module
100d11b170bStronolcModulePath: $TESTWD/../servers/slapd/overlays
1012de962bdSlukemolcModuleLoad: syncprov.la
1022de962bdSlukemEOF
1032de962bdSlukem	RC=$?
1042de962bdSlukem	if test $RC != 0 ; then
1052de962bdSlukem		echo "ldapadd failed for moduleLoad ($RC)!"
1062de962bdSlukem		test $KILLSERVERS != no && kill -HUP $KILLPIDS
1072de962bdSlukem		exit $RC
1082de962bdSlukem	fi
1092de962bdSlukemfi
1102de962bdSlukemread CONFIGPW < $CONFIGPWF
1112de962bdSlukem$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
1122de962bdSlukemdn: olcDatabase={0}config,cn=config
1132de962bdSlukemchangetype: modify
1142de962bdSlukemadd: olcSyncRepl
1152de962bdSlukemolcSyncRepl: rid=001 provider=$URI1 binddn="cn=config" bindmethod=simple
1164e6df137Slukem  credentials=$CONFIGPW searchbase="cn=config" type=refreshAndPersist
1174e6df137Slukem  retry="3 5 300 5" timeout=3
1182de962bdSlukem-
1192de962bdSlukemadd: olcUpdateRef
1202de962bdSlukemolcUpdateRef: $URI1
1212de962bdSlukem
1222de962bdSlukemdn: olcOverlay=syncprov,olcDatabase={0}config,cn=config
1232de962bdSlukemchangetype: add
1242de962bdSlukemobjectClass: olcOverlayConfig
1252de962bdSlukemobjectClass: olcSyncProvConfig
1262de962bdSlukemolcOverlay: syncprov
1272de962bdSlukemEOF
1282de962bdSlukemRC=$?
1292de962bdSlukemif test $RC != 0 ; then
1302de962bdSlukem	echo "ldapmodify failed for syncrepl config ($RC)!"
1312de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
1322de962bdSlukem	exit $RC
1332de962bdSlukemfi
1342de962bdSlukem
1352de962bdSlukemecho "Starting consumer slapd on TCP/IP port $PORT2..."
1362de962bdSlukem$SLAPADD -F $CFCON -n 0 -l $CONFLDIF
1372de962bdSlukemcd $CONDIR
138*e670fd5cSchristos$SLAPD -F ./slapd.d -h $URI2 -d $LVL > $LOG2 2>&1 &
139*e670fd5cSchristosCONSUMERPID=$!
1402de962bdSlukemif test $WAIT != 0 ; then
141*e670fd5cSchristos    echo CONSUMERPID $CONSUMERPID
1422de962bdSlukem    read foo
1432de962bdSlukemfi
144*e670fd5cSchristosKILLPIDS="$KILLPIDS $CONSUMERPID"
1452de962bdSlukemcd $TESTWD
1462de962bdSlukem
1472de962bdSlukemsleep 1
1482de962bdSlukem
1492de962bdSlukemecho "Using ldapsearch to check that consumer slapd is running..."
1502de962bdSlukemfor i in 0 1 2 3 4 5; do
1512de962bdSlukem	$LDAPSEARCH -s base -b "" -H $URI2 \
1522de962bdSlukem		'objectclass=*' > /dev/null 2>&1
1532de962bdSlukem	RC=$?
1542de962bdSlukem	if test $RC = 0 ; then
1552de962bdSlukem		break
1562de962bdSlukem	fi
1572de962bdSlukem	echo "Waiting 5 seconds for slapd to start..."
1582de962bdSlukem	sleep 5
1592de962bdSlukemdone
1602de962bdSlukem
1612de962bdSlukemif test $RC != 0 ; then
1622de962bdSlukem	echo "ldapsearch failed ($RC)!"
1632de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
1642de962bdSlukem	exit $RC
1652de962bdSlukemfi
1662de962bdSlukem
1672de962bdSlukemecho "Configuring syncrepl on consumer..."
1682de962bdSlukem$LDAPMODIFY -D cn=config -H $URI2 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
1692de962bdSlukemdn: olcDatabase={0}config,cn=config
1702de962bdSlukemchangetype: modify
1712de962bdSlukemadd: olcSyncRepl
1722de962bdSlukemolcSyncRepl: rid=001 provider=$URI1 binddn="cn=config" bindmethod=simple
1734e6df137Slukem  credentials=$CONFIGPW searchbase="cn=config" type=refreshAndPersist
1744e6df137Slukem  retry="3 5 300 5" timeout=3
1752de962bdSlukem-
1762de962bdSlukemadd: olcUpdateRef
1772de962bdSlukemolcUpdateRef: $URI1
1782de962bdSlukemEOF
1792de962bdSlukem
1804e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
1814e6df137Slukemsleep $SLEEP1
1822de962bdSlukem
1832de962bdSlukemecho "Using ldapsearch to check that syncrepl received config changes..."
1842de962bdSlukemRC=32
1852de962bdSlukemfor i in 0 1 2 3 4 5; do
1862de962bdSlukem	RESULT=`$LDAPSEARCH -H $URI2 -D cn=config -y $CONFIGPWF \
1872de962bdSlukem		-s base -b "olcDatabase={0}config,cn=config" \
1882de962bdSlukem		'(olcUpdateRef=*)' 2>&1 | awk '/^dn:/ {print "OK"}'`
1892de962bdSlukem	if test "x$RESULT" = "xOK" ; then
1902de962bdSlukem		RC=0
1912de962bdSlukem		break
1922de962bdSlukem	fi
1934e6df137Slukem	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
1944e6df137Slukem	sleep $SLEEP1
1952de962bdSlukemdone
1962de962bdSlukem
1972de962bdSlukemif test $RC != 0 ; then
1982de962bdSlukem	echo "ldapsearch failed ($RC)!"
1992de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
2002de962bdSlukem	exit $RC
2012de962bdSlukemfi
2022de962bdSlukem
203d11b170bStronecho "Adding schema and databases on provider..."
2042de962bdSlukem$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
2052de962bdSlukeminclude: file://$ABS_SCHEMADIR/core.ldif
2062de962bdSlukem
2072de962bdSlukeminclude: file://$ABS_SCHEMADIR/cosine.ldif
2082de962bdSlukem
2092de962bdSlukeminclude: file://$ABS_SCHEMADIR/inetorgperson.ldif
2102de962bdSlukem
2112de962bdSlukeminclude: file://$ABS_SCHEMADIR/openldap.ldif
2122de962bdSlukem
2132de962bdSlukeminclude: file://$ABS_SCHEMADIR/nis.ldif
2142de962bdSlukemEOF
2152de962bdSlukemRC=$?
2162de962bdSlukemif test $RC != 0 ; then
2172de962bdSlukem	echo "ldapadd failed for schema config ($RC)!"
2182de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
2192de962bdSlukem	exit $RC
2202de962bdSlukemfi
2212de962bdSlukem
222ef2f90d3SadamnullExclude="" nullOK=""
223ef2f90d3Sadamtest $BACKEND = null && nullExclude="# " nullOK="OK"
224ef2f90d3Sadam
2252de962bdSlukemif [ "$BACKENDTYPE" = mod ]; then
2262de962bdSlukem	$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
2272de962bdSlukemdn: cn=module,cn=config
2282de962bdSlukemobjectClass: olcModuleList
2292de962bdSlukemcn: module
230d11b170bStronolcModulePath: $TESTWD/../servers/slapd/back-$BACKEND
2312de962bdSlukemolcModuleLoad: back_$BACKEND.la
2322de962bdSlukemEOF
2332de962bdSlukem	RC=$?
2342de962bdSlukem	if test $RC != 0 ; then
2352de962bdSlukem		echo "ldapadd failed for backend config ($RC)!"
2362de962bdSlukem		test $KILLSERVERS != no && kill -HUP $KILLPIDS
2372de962bdSlukem		exit $RC
2382de962bdSlukem	fi
2392de962bdSlukemfi
2402de962bdSlukem
2412de962bdSlukem$LDAPADD -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
2422de962bdSlukemdn: olcDatabase={1}$BACKEND,cn=config
2432de962bdSlukemobjectClass: olcDatabaseConfig
244ef2f90d3Sadam${nullExclude}objectClass: olc${BACKEND}Config
2452de962bdSlukemolcDatabase: {1}$BACKEND
2462de962bdSlukemolcSuffix: $BASEDN
247ef2f90d3Sadam${nullExclude}olcDbDirectory: ./db
2482de962bdSlukemolcRootDN: $MANAGERDN
2492de962bdSlukemolcRootPW: $PASSWD
2502de962bdSlukemolcSyncRepl: rid=002 provider=$URI1 binddn="$MANAGERDN" bindmethod=simple
2514e6df137Slukem  credentials=$PASSWD searchbase="$BASEDN" $SYNCTYPE
2524e6df137Slukem  retry="3 5 300 5" timeout=3
2532de962bdSlukemolcUpdateRef: $URI1
2542de962bdSlukem
2552de962bdSlukemdn: olcOverlay=syncprov,olcDatabase={1}${BACKEND},cn=config
2562de962bdSlukemchangetype: add
2572de962bdSlukemobjectClass: olcOverlayConfig
2582de962bdSlukemobjectClass: olcSyncProvConfig
2592de962bdSlukemolcOverlay: syncprov
2602de962bdSlukemEOF
2612de962bdSlukemRC=$?
2622de962bdSlukemif test $RC != 0 ; then
2632de962bdSlukem	echo "ldapadd failed for database config ($RC)!"
2642de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
2652de962bdSlukem	exit $RC
2662de962bdSlukemfi
2672de962bdSlukem
268d11b170bStronif test $INDEXDB = indexdb ; then
2694e6df137Slukem	$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >>$TESTOUT 2>&1
2704e6df137Slukemdn: olcDatabase={1}$BACKEND,cn=config
2714e6df137Slukemchangetype: modify
2724e6df137Slukemadd: olcDbIndex
2734e6df137SlukemolcDbIndex: objectClass,entryUUID,entryCSN eq
2744e6df137SlukemolcDbIndex: cn,uid pres,eq,sub
2754e6df137SlukemEOF
2764e6df137Slukem	RC=$?
2774e6df137Slukem	if test $RC != 0 ; then
2784e6df137Slukem		echo "ldapadd modify for database config ($RC)!"
2794e6df137Slukem		test $KILLSERVERS != no && kill -HUP $KILLPIDS
2804e6df137Slukem		exit $RC
2814e6df137Slukem	fi
282d11b170bStronfi
2834e6df137Slukem
284d11b170bStronecho "Using ldapadd to populate provider..."
2852de962bdSlukem$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD -f $LDIFORDERED \
2862de962bdSlukem	>> $TESTOUT 2>&1
2872de962bdSlukemRC=$?
2882de962bdSlukemif test $RC != 0 ; then
2892de962bdSlukem	echo "ldapadd failed for database config ($RC)!"
2902de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
2912de962bdSlukem	exit $RC
2922de962bdSlukemfi
2932de962bdSlukem
2944e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
2954e6df137Slukemsleep $SLEEP1
2962de962bdSlukem
2972de962bdSlukemecho "Using ldapsearch to check that syncrepl received database changes..."
2982de962bdSlukemRC=32
2992de962bdSlukemfor i in 0 1 2 3 4 5; do
3002de962bdSlukem	RESULT=`$LDAPSEARCH -H $URI2 \
3012de962bdSlukem		-s base -b "cn=Ursula Hampster,ou=Alumni Association,ou=People,dc=example,dc=com" \
3022de962bdSlukem		'(objectClass=*)' 2>&1 | awk '/^dn:/ {print "OK"}'`
303ef2f90d3Sadam	if test "x$RESULT$nullOK" = "xOK" ; then
3042de962bdSlukem		RC=0
3052de962bdSlukem		break
3062de962bdSlukem	fi
3074e6df137Slukem	echo "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
3084e6df137Slukem	sleep $SLEEP1
3092de962bdSlukemdone
3102de962bdSlukem
3112de962bdSlukemif test $RC != 0 ; then
3122de962bdSlukem	echo "ldapsearch failed ($RC)!"
3132de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3142de962bdSlukem	exit $RC
3152de962bdSlukemfi
3162de962bdSlukem
317d11b170bStronecho "Replacing olcSyncrepl on provider..."
3184e6df137Slukem$LDAPMODIFY -D cn=config -H $URI1 -y $CONFIGPWF <<EOF >> $TESTOUT 2>&1
3194e6df137Slukemdn: olcDatabase={0}config,cn=config
3204e6df137Slukemchangetype: modify
3214e6df137Slukemreplace: olcSyncRepl
322*e670fd5cSchristosolcSyncRepl: rid=003 provider=$URI1 binddn="cn=config" bindmethod=simple
3234e6df137Slukem  credentials=$CONFIGPW searchbase="cn=config" type=refreshAndPersist
3244e6df137Slukem  retry="3 5 300 5" timeout=3
3254e6df137SlukemEOF
3264e6df137Slukemecho "Waiting $SLEEP1 seconds for syncrepl to receive changes..."
3274e6df137Slukemsleep $SLEEP1
3284e6df137Slukem
329d11b170bStronecho "Using ldapsearch to read config from the provider..."
3302de962bdSlukem$LDAPSEARCH -b cn=config -D cn=config -H $URI1 -y $CONFIGPWF  \
331*e670fd5cSchristos	'objectclass=*' > $PROVIDEROUT 2>&1
3322de962bdSlukemRC=$?
3332de962bdSlukem
3342de962bdSlukemif test $RC != 0 ; then
335d11b170bStron	echo "ldapsearch failed at provider ($RC)!"
3362de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3372de962bdSlukem	exit $RC
3382de962bdSlukemfi
3392de962bdSlukem
3402de962bdSlukemecho "Using ldapsearch to read config from the consumer..."
3412de962bdSlukem$LDAPSEARCH -b cn=config -D cn=config -H $URI2 -y $CONFIGPWF \
342*e670fd5cSchristos	'objectclass=*' > $CONSUMEROUT 2>&1
3432de962bdSlukemRC=$?
3442de962bdSlukem
3452de962bdSlukemif test $RC != 0 ; then
3462de962bdSlukem	echo "ldapsearch failed at consumer ($RC)!"
3472de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3482de962bdSlukem	exit $RC
3492de962bdSlukemfi
3502de962bdSlukem
351d11b170bStronecho "Filtering provider results..."
352*e670fd5cSchristos$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
3532de962bdSlukemecho "Filtering consumer results..."
354*e670fd5cSchristos$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
3552de962bdSlukem
356d11b170bStronecho "Comparing retrieved configs from provider and consumer..."
357*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
3582de962bdSlukem
3592de962bdSlukemif test $? != 0 ; then
360d11b170bStron	echo "test failed - provider and consumer configs differ"
3612de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3622de962bdSlukem	exit 1
3632de962bdSlukemfi
3642de962bdSlukem
365d11b170bStronecho "Using ldapsearch to read all the entries from the provider..."
3662de962bdSlukem$LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI1 -w $PASSWD  \
367*e670fd5cSchristos	'objectclass=*' > $PROVIDEROUT 2>&1
3682de962bdSlukemRC=$?
3692de962bdSlukem
3702de962bdSlukemif test $RC != 0 ; then
371d11b170bStron	echo "ldapsearch failed at provider ($RC)!"
3722de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3732de962bdSlukem	exit $RC
3742de962bdSlukemfi
3752de962bdSlukem
3762de962bdSlukemecho "Using ldapsearch to read all the entries from the consumer..."
3772de962bdSlukem$LDAPSEARCH -S "" -b "$BASEDN" -D "$MANAGERDN" -H $URI2 -w $PASSWD  \
378*e670fd5cSchristos	'objectclass=*' > $CONSUMEROUT 2>&1
3792de962bdSlukemRC=$?
3802de962bdSlukem
3812de962bdSlukemif test $RC != 0 ; then
3822de962bdSlukem	echo "ldapsearch failed at consumer ($RC)!"
3832de962bdSlukem	test $KILLSERVERS != no && kill -HUP $KILLPIDS
3842de962bdSlukem	exit $RC
3852de962bdSlukemfi
3862de962bdSlukem
3872de962bdSlukemtest $KILLSERVERS != no && kill -HUP $KILLPIDS
3882de962bdSlukem
389d11b170bStronecho "Filtering provider results..."
390*e670fd5cSchristos$LDIFFILTER < $PROVIDEROUT > $PROVIDERFLT
3912de962bdSlukemecho "Filtering consumer results..."
392*e670fd5cSchristos$LDIFFILTER < $CONSUMEROUT > $CONSUMERFLT
3932de962bdSlukem
394d11b170bStronecho "Comparing retrieved entries from provider and consumer..."
395*e670fd5cSchristos$CMP $PROVIDERFLT $CONSUMERFLT > $CMPOUT
3962de962bdSlukem
3972de962bdSlukemif test $? != 0 ; then
398d11b170bStron	echo "test failed - provider and consumer databases differ"
3992de962bdSlukem	exit 1
4002de962bdSlukemfi
4012de962bdSlukem
4022de962bdSlukemecho ">>>>> Test succeeded"
4032de962bdSlukem
4042de962bdSlukemtest $KILLSERVERS != no && wait
4052de962bdSlukem
4062de962bdSlukemexit 0
407