sssd_test_framework.utils.sssctl

Manage and configure SSSD.

Classes

SSSCTLUtils(*args, **kwargs)

Call commands from sssctl.
class sssd_test_framework.utils.sssctl.SSSCTLUtils(*args, **kwargs)

Bases: MultihostUtility[MultihostHost]

Call commands from sssctl.

Find all MultihostUtility objects in the constructor.

cli: CLIBuilder

Command line builder.

fs: LinuxFileSystem

Filesystem utils.

cache_expire(*, everything: bool = False, user: str | None = None, users: bool = False, group: str | None = None, groups: bool = False, netgroup: str | None = None, netgroups: bool = False, service: str | None = None, services: bool = False, autofs_map: str | None = None, autofs_maps: bool = False, ssh_host: str | None = None, ssh_hosts: bool = False, sudorule: str | None = None, sudorules: bool = False, domain: str | None = None) None

Call sssctl cache-expire with given arguments.

Parameters:

  • everything (bool, optional) – Invalidate all cached entries, defaults to False

  • user (str | None, optional) – Invalidate particular user, defaults to None

  • users (bool, optional) – Invalidate all users, defaults to False

  • group (str | None, optional) – Invalidate particular group, defaults to None

  • groups (bool, optional) – Invalidate all groups, defaults to False

  • netgroup (str | None, optional) – Invalidate particular netgroup, defaults to None

  • netgroups (bool, optional) – Invalidate all netgroups, defaults to False

  • service (str | None, optional) – Invalidate particular service, defaults to None

  • services (bool, optional) – Invalidate all services, defaults to False

  • autofs_map (str | None, optional) – Invalidate particular autofs map, defaults to None

  • autofs_maps (bool, optional) – Invalidate all autofs maps, defaults to False

  • ssh_host (str | None, optional) – Invalidate particular SSH host, defaults to None

  • ssh_hosts (bool, optional) – Invalidate all SSH hosts, defaults to False

  • sudorule (str | None, optional) – Invalidate particular sudo rule, defaults to None

  • sudorules (bool, optional) – Invalidate all cached sudo rules, defaults to False

  • domain (str | None, optional) – Only invalidate entries from a particular domain, defaults to None

passkey_register(*args, **kwargs) str

wrapper for passkey_register methods

vfido_passkey_register(username: str, domain: str, *, pin: str | int | None = None) str

Register user passkey when using virtual-fido

umockdev_passkey_register(username: str, domain: str, *, pin: str | int | None, device: str, ioctl: str, script: str) str

Call sssctl passkey-register

Parameters:

  • username (str) – User name

  • domain (str) – Domain name

  • pin (str | int | None) – Passkey PIN.

  • device (str) – Path to local umockdev device file.

  • ioctl (str) – Path to local umockdev ioctl file.

  • script (str) – Path to local umockdev script file

Returns:

Generated passkey mapping string.

Return type:

str

user_checks(username: str, action: str = 'acct', service: str = 'system-auth') ProcessResult

Print information about a user and check authentication

Parameters:

  • username (str) – User that will be checked

  • action (str) – PAM action, defaults to “acct”

  • service (str) – PAM service, defaults to “system-auth”

Returns:

Result of called command

Return type:

ProcessResult

user_show(user: str | None = None, sid: str | None = None, uid: int | None = None) ProcessResult

Information about cached user

Parameters:

  • user (str | None) – User that will be showed, defaults to None

  • sid (str | None) – Search by SID, defaults to None

  • uid (int | None) – Search by user ID, defaults to None

Returns:

Result of called command

Return type:

ProcessResult

config_check(config: str | None = None, snippet: str | None = None) ProcessResult

Call sssctl config-check with additional arguments

Parameters:

  • config (str) – Non default config file, defaults to None

  • snippet (str) – Non default snippet dir, defaults to None

Returns:

Result of called command

Return type:

ProcessResult

domain_status(domain: str, *, online: bool = False, active: bool = False, servers: bool = False, start: bool = False) ProcessResult

Call sssctl domain-status @domain with additional arguments.

Parameters:

  • domain (str) – Domain name.

  • online (bool, optional) – Show online status, defaults to False

  • active (bool, optional) – Show information about active server, defaults to False

  • servers (bool, optional) – Show list of discovered servers, defaults to False

  • start (bool, optional) – Start SSSD if it is not running, defaults to False

Returns:

Result of called command.

Return type:

ProcessResult

analyze_request(command: str, source: str | None = None, logdir: str | None = None) ProcessResult

Call sssctl analyze [arguments] request command

Parameters:

  • command (str) – request command

  • source (str | None, optional) – “files” or “journald”, defaults to None

  • logdir (str | None, optional) – SSSD Log directory to parse log files from, defaults to None

Returns:

Result of called command

Return type:

ProcessResult

logs_remove() ProcessResult

Call sssctl logs-remove

Returns:

Result of called command

Return type:

ProcessResult

logs_fetch(output_file: str) ProcessResult

Call sssctl logs-fetch

Parameters:

output_file (str) – Path where to save the log archive

Returns:

Result of called command

Return type:

ProcessResult

debug_level(level: str | None = None, *, set: bool = False, domain: str | None = None, nss: bool = False, pam: bool = False, sudo: bool = False, autofs: bool = False, ssh: bool = False, pac: bool = False, ifp: bool = False, secrets: bool = False, kcm: bool = False, all: bool = False) ProcessResult

Call sssctl debug-level with specific targets

Parameters:

  • level (str | None) – Debug level to set (e.g., “9”, “0x3ff0”)

  • set (bool, optional) – Set debug level (use with level parameter), defaults to False

  • domain (str | None, optional) – Apply to specific domain, defaults to None

  • nss (bool, optional) – Apply to NSS responder, defaults to False

  • pam (bool, optional) – Apply to PAM responder, defaults to False

  • sudo (bool, optional) – Apply to SUDO responder, defaults to False

  • autofs (bool, optional) – Apply to AUTOFS responder, defaults to False

  • ssh (bool, optional) – Apply to SSH responder, defaults to False

  • pac (bool, optional) – Apply to PAC responder, defaults to False

  • ifp (bool, optional) – Apply to InfoPipe responder, defaults to False

  • secrets (bool, optional) – Apply to SECRETS service, defaults to False

  • kcm (bool, optional) – Apply to KCM service, defaults to False

  • all (bool, optional) – Apply to all services, defaults to False

Returns:

Result of called command

Return type:

ProcessResult

group_show(group: str | None = None, gid: int | None = None, sid: str | None = None) ProcessResult

Information about cached group

Parameters:

  • group (str | None, optional) – Group that will be showed, defaults to None

  • gid (int | None, optional) – Search by group ID, defaults to None

  • sid (str | None) – Search by SID, defaults to None

Returns:

Result of called command

Return type:

ProcessResult

netgroup_show(netgroup: str) ProcessResult

Information about cached netgroup

Parameters:

netgroup (str) – Netgroup that will be showed

Returns:

Result of called command

Return type:

ProcessResult