blob: c7894e4a6ccc43d7cf8d509e2f8b9f06047ec1ac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
|
This document tries to descrive the test in this directory. Most of these
tests should be self-explanitory as they should be simple unit tests of the
shipped modules (more unit tests are welcome).
Since nss-pam-ldapd is meant for providing data from an LDAP server for some
tests you should have an LDAP server running and for even other tests you need
to have nslcd running.
For this a test environment should be set up (the tests are ignored if no such
environment was detected). In my development environment I use a chroot jail
with Debian. The instructions in this document assume a similar environment.
TEST ENVIRONMENT
================
LDAP server configuration
-------------------------
An LDAP server listening on ldap://localhost and ldapi:// is assumed. This is
acomplished on Debian by the following line in /etc/default/slapd:
SLAPD_SERVICES="ldap:/// ldaps:/// ldapi:///"
Because there will be a lot of data in the database and to test paged results
you need the following in /etc/ldap/slapd.conf:
sizelimit size.prtotal=unlimited
The LDAP server should be set up to service up the dc=test,dc=tld DN as base.
A sample test.ldif file is also available in the SVN repository. Note that
this file is currently not shipped in the released tarballs because it is
quite large. Load the file into your LDAP server so that it can be served.
Most of the names in the database have been randomly generated based on a
combination of name-lists that were found on the Internet.
nsswitch.conf
-------------
The /etc/nsswitch.conf file is expected to contain something like the
following. All maps should be looked up through LDAP and some tests may expect
the LDAP lookup to come after the files lookup.
passwd: files ldap
group: files ldap
shadow: files ldap
hosts: files ldap dns mdns
networks: files ldap
protocols: db files ldap
services: db files ldap
ethers: db files ldap
rpc: db files ldap
netgroup: files ldap
aliases: files ldap
nslcd.conf
----------
The /etc/nslcd.conf file is expected to be configured like the following.
uid nslcd
gid nslcd
uri ldapi:///
base dc=test,dc=tld
#pagesize 100 # paging and referrals don't mix
timelimit 2
bind_timelimit 4
reconnect_sleeptime 4
reconnect_retrytime 10
filter group (|(objectClass=posixGroup)(objectClass=groupOfNames))
base passwd ou=people,dc=test,dc=tld
base shadow ou=people,dc=test,dc=tld
base group ou=groups,dc=test,dc=tld
rootpwmoddn cn=admin,dc=test,dc=tld
rootpwmodpw test
OLD TESTS
=========
There are also a lot of old test files in this directory. Those files are of
the form test_<map>.c. These files call the NSS module functions directly.
These can probably all be removed and integrated into test_nsscmds.sh instead.
|