From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | Thomas Munro <thomas(dot)munro(at)gmail(dot)com> |
Cc: | PostgreSQL Hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
Subject: | Re: Add a test to ldapbindpasswd |
Date: | 2023-01-02 14:45:27 |
Message-ID: | 739a2ed6-a626-78e1-0358-fcdc02bfaad9@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2023-01-01 Su 18:31, Andrew Dunstan wrote:
> On 2023-01-01 Su 14:02, Thomas Munro wrote:
>> On Mon, Jan 2, 2023 at 3:04 AM Andrew Dunstan <andrew(at)dunslane(dot)net> wrote:
>>> On 2022-12-19 Mo 11:16, Andrew Dunstan wrote:
>>>> There is currently no test for the use of ldapbindpasswd in the
>>>> pg_hba.conf file. This patch, mostly the work of John Naylor, remedies that.
>>>>
>>>>
>>> This currently has failures on the cfbot for meson builds on FBSD13 and
>>> Debian Bullseye, but it's not at all clear why. In both cases it fails
>>> where the ldap server is started.
>> I think it's failing when using meson. I guess it fails to fail on
>> macOS only because you need to add a new path for Homebrew/ARM like
>> commit 14d63dd2, so it's skipping (it'd be nice if we didn't need
>> another copy of all that logic). Trying locally... it looks like
>> slapd is failing silently, and with some tracing I can see it's
>> sending an error message to my syslog daemon, which logged:
>>
>> 2023-01-02T07:50:20.853019+13:00 x1 slapd[153599]: main: TLS init def
>> ctx failed: -1
>>
>> Ah, it looks like this test is relying on "slapd-certs", which doesn't exist:
>>
>> tmunro(at)x1:~/projects/postgresql/build$ ls testrun/ldap/001_auth/data/
>> ldap.conf ldappassword openldap-data portlock slapd-certs slapd.conf
>> tmunro(at)x1:~/projects/postgresql/build$ ls testrun/ldap/002_bindpasswd/data/
>> portlock slapd.conf
>>
>> I didn't look closely, but apparently there is something wrong in the
>> part that copies certs from the ssl test? Not sure why it works for
>> autoconf...
>
>
> Let's see how we fare with this patch.
>
>
Not so well :-(. This version tries to make the tests totally
independent, as they should be. That's an attempt to get the cfbot to go
green, but I am intending to refactor this code substantially so the
common bits are in a module each test file will load.
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
Attachment | Content-Type | Size |
---|---|---|
0001-Add-a-test-for-ldapbindpasswd-v3.patch | text/x-patch | 7.5 KB |
From | Date | Subject | |
---|---|---|---|
Next Message | Alexander Korotkov | 2023-01-02 15:14:48 | Re: Allow placeholders in ALTER ROLE w/o superuser |
Previous Message | David Geier | 2023-01-02 13:28:20 | Re: Reduce timing overhead of EXPLAIN ANALYZE using rdtsc? |