OpenStack Identity (keystone)

  1. Bug #1157727
  2. Comment #0

Comment 0 for bug 1157727

Revision history for this message
Allan Feid (crayz) wrote :

I started working on a separate bug and attempted to run the live ldap tests:

PYTHONPATH=. ./run_tests.sh --nologcapture _ldap_livetest:LiveLDAPIdentity.test_add_duplicate_role_grant
test_add_duplicate_role_grant (_ldap_livetest.LiveLDAPIdentity) ... ERROR

======================================================================
ERROR: test_add_duplicate_role_grant (_ldap_livetest.LiveLDAPIdentity)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/allan/repos/devstack/stack/keystone/tests/test_backend_ldap.py", line 52, in setUp
    self.load_fixtures(default_fixtures)
  File "/Users/allan/repos/devstack/stack/keystone/keystone/test.py", line 247, in load_fixtures
    rv = self.identity_api.create_domain(domain['id'], domain)
  File "/Users/allan/repos/devstack/stack/keystone/keystone/identity/backends/ldap/core.py", line 275, in create_domain
    return self.domain.create(domain)
  File "/Users/allan/repos/devstack/stack/keystone/keystone/identity/backends/ldap/core.py", line 968, in create
    return super(DomainApi, self).create(data)
  File "/Users/allan/repos/devstack/stack/keystone/keystone/common/ldap/core.py", line 256, in create
    conn.add_s(self._id_to_dn(values['id']), attrs)
  File "/Users/allan/repos/devstack/stack/keystone/keystone/common/ldap/core.py", line 384, in add_s
    return self.conn.add_s(dn, ldap_attrs)
  File "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py", line 194, in add_s
    return self.result(msgid,all=1,timeout=self.timeout)
  File "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py", line 422, in result
    res_type,res_data,res_msgid = self.result2(msgid,all,timeout)
  File "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py", line 426, in result2
    res_type, res_data, res_msgid, srv_ctrls = self.result3(msgid,all,timeout)
  File "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py", line 432, in result3
    ldap_result = self._ldap_call(self._l.result3,msgid,all,timeout)
  File "/Users/allan/repos/devstack/stack/keystone/.venv/lib/python2.7/site-packages/ldap/ldapobject.py", line 96, in _ldap_call
    result = func(*args,**kwargs)
UNDEFINED_TYPE: {'info': 'enabled: attribute type undefined', 'desc': 'Undefined attribute type'}

----------------------------------------------------------------------
Ran 1 test in 0.088s

FAILED (errors=1)

This is the same problem that was solved in earlier changes via emulation. The role and user objects both take this into account. A workaround to get live ldap tests running is to simply ignore the enabled attributes in your backend_liveldap.conf:

domain_attribute_ignore = enabled
group_attribute_ignore = enabled