SCAS Patch 3193 test report

Setup

The certification was done on the cern testbed. One machine was set up to be a SCAS server, and a glexec worker node was installed as a client. The server was SLC5 64bit, and the client was SLC4 32bit. For both a normal yum install and yaim configure was done.

Bugs

Seven bugs were attached to this.

bug #54356: scas daemon error message typo

This bug (a small typo) was still present. The bug state was set to "none" and the bug removed from the patch

bug #54350: scas man page typo

This was a small typo which was still present. The bug state should be set to "none", and removed from the patch

bug #54357: strange characters in scas log file

The logfile does not contain strange characters anymore, bug fixed

bug #45524: logging to syslog should include the same lines as logging to file

bug #37755: lcas & lcmaps & glexec should be able to be configured to log everything into syslog

These bugs should be removed from the patch, since they were not applicable at this point. SCAS can not at the moment log into syslog

bug #54351

The fix for this bug was certified. A regression test was created for this.

bug #54392:

The bug could not be reproduced.

Certification

The SCAS test suite is only partially related to SCAS, more to glexex. Hence the SCAS was tested with a number of proxy certificates to check that the mapping/denial works correctly. The utility glexec-test.sh was used, which connects to the SCAS service using given certificate, and prints the mapping received. After that also ran tests with combinations of GLEXEC_CLIENT_CERT and GLEXEC_SOURCE_PROXY to see that the user mapping is done correctly, even if another certificate was used to connect to the service. The following certificates were used:

  • proxy1: normal user proxy
  • proxy2: another user proxy
  • proxy3: the same user, different role
  • proxy4: proxy without voms extensions
  • proxy5: malformed proxy
  • proxy6: proxy from an untrusted CA
  • proxy7: banned user

All tests passed, the result is attached. Test with proxy4 should succeed, since the DN is explicitly in the grid mapfile.

-- KalleHapponen - 09-Nov-2009

Topic attachments
I Attachment History Action Size Date Who Comment
Unknown file formatext ceroutput r1 manage 2.1 K 2009-11-09 - 15:57 UnknownUser Output of the certification tests
Edit | Attach | Watch | Print version | History: r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r1 - 2009-11-09 - unknown
 
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    EGEE All webs login

This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright & by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Ask a support question or Send feedback