From ed87b401510e05e0b1fedcf0252ae068bce77ea0 Mon Sep 17 00:00:00 2001 From: Adrian Dombeck Date: Tue, 4 Feb 2025 11:21:21 +0100 Subject: [PATCH] Rename more occurences of "cache" to "db" (or "database") --- cmd/authd/daemon/daemon.go | 16 ++-- cmd/authd/daemon/daemon_test.go | 34 ++++---- cmd/authd/daemon/export_test.go | 8 +- cmd/authd/daemon/migration.go | 2 +- cmd/authd/daemon/migration_test.go | 8 +- internal/consts/consts.go | 8 +- internal/services/manager.go | 8 +- internal/services/manager_test.go | 10 +-- internal/services/nss/nss.go | 2 +- internal/services/nss/nss_test.go | 34 ++++---- .../{cache.db.yaml => default.db.yaml} | 0 ...ot_in_cache => Precheck_user_if_not_in_db} | 0 internal/services/pam/pam.go | 16 ++-- internal/services/pam/pam_test.go | 34 ++++---- internal/services/withoutexamples.go | 2 +- internal/testutils/daemon.go | 22 ++--- internal/users/db/db.go | 10 +-- internal/users/db/db_test.go | 56 ++++++------ internal/users/db/getbroker.go | 2 +- internal/users/db/getusers.go | 2 +- ...ting_user_keeps_other_group_members_intact | 40 +++++++++ internal/users/db/update.go | 2 +- internal/users/manager.go | 4 +- internal/users/manager_test.go | 86 +++++++++---------- internal/users/tempentries/tempentries.go | 2 +- internal/users/testutils/manager.go | 10 +-- nss/integration-tests/integration_test.go | 74 ++++++++-------- ...Check_user_with_broker_if_not_found_in_db} | 0 28 files changed, 266 insertions(+), 226 deletions(-) rename internal/services/nss/testdata/{cache.db.yaml => default.db.yaml} (100%) rename internal/services/nss/testdata/golden/TestGetPasswdByName/{Precheck_user_if_not_in_cache => Precheck_user_if_not_in_db} (100%) create mode 100644 internal/users/db/testdata/golden/TestDeleteUser/Deleting_existing_user_keeps_other_group_members_intact rename nss/integration-tests/testdata/golden/TestIntegration/{Check_user_with_broker_if_not_found_in_cache => Check_user_with_broker_if_not_found_in_db} (100%) diff --git a/cmd/authd/daemon/daemon.go b/cmd/authd/daemon/daemon.go index 2c35f1041..0c36e83df 100644 --- a/cmd/authd/daemon/daemon.go +++ b/cmd/authd/daemon/daemon.go @@ -33,7 +33,7 @@ type App struct { // only overriable for tests. type systemPaths struct { BrokersConf string - Cache string + Database string Socket string } @@ -65,7 +65,7 @@ func New() *App { a.config = daemonConfig{ Paths: systemPaths{ BrokersConf: consts.DefaultBrokersConfPath, - Cache: consts.DefaultCacheDir, + Database: consts.DefaultDatabaseDir, Socket: "", }, UsersConfig: users.DefaultConfig, @@ -82,7 +82,7 @@ func New() *App { setVerboseMode(a.config.Verbosity) log.Debugf(context.Background(), "Verbosity: %d", a.config.Verbosity) - if err := migrateOldCacheDir(consts.OldCacheDir, a.config.Paths.Cache); err != nil { + if err := migrateOlddbDir(consts.OlddbDir, a.config.Paths.Database); err != nil { return err } @@ -111,18 +111,18 @@ func New() *App { func (a *App) serve(config daemonConfig) error { ctx := context.Background() - cacheDir := config.Paths.Cache - if err := ensureDirWithPerms(cacheDir, 0700); err != nil { + dbDir := config.Paths.Database + if err := ensureDirWithPerms(dbDir, 0700); err != nil { close(a.ready) - return fmt.Errorf("error initializing cache directory at %q: %v", cacheDir, err) + return fmt.Errorf("error initializing database directory at %q: %v", dbDir, err) } - m, err := services.NewManager(ctx, cacheDir, config.Paths.BrokersConf, config.Brokers, config.UsersConfig) + m, err := services.NewManager(ctx, dbDir, config.Paths.BrokersConf, config.Brokers, config.UsersConfig) if err != nil { close(a.ready) return err } - // We are closing the cache on exit. + // We are closing the database on exit. defer func() { _ = m.Stop() }() socketPath := config.Paths.Socket diff --git a/cmd/authd/daemon/daemon_test.go b/cmd/authd/daemon/daemon_test.go index 7d4f3a00b..3ced54794 100644 --- a/cmd/authd/daemon/daemon_test.go +++ b/cmd/authd/daemon/daemon_test.go @@ -113,7 +113,7 @@ func TestAppCanQuitWithoutExecute(t *testing.T) { func TestAppRunFailsOnComponentsCreationAndQuit(t *testing.T) { t.Parallel() - // Trigger the error with a cache directory that cannot be created over an + // Trigger the error with a database directory that cannot be created over an // existing file const ( @@ -124,17 +124,17 @@ func TestAppRunFailsOnComponentsCreationAndQuit(t *testing.T) { ) testCases := map[string]struct { - cacheDBBehavior int - cachePathBehavior int + dbBehavior int + dbPathBehavior int socketPathBehavior int }{ - "Error_on_existing_cache_path_not_being_a_directory": {cachePathBehavior: dirIsFile}, - "Error_on_existing_cache_path_with_invalid_permissions": {cachePathBehavior: hasWrongPermission}, - "Error_on_missing_parent_cache_directory": {cachePathBehavior: parentDirDoesNotExists}, + "Error_on_existing_db_path_not_being_a_directory": {dbPathBehavior: dirIsFile}, + "Error_on_existing_db_path_with_invalid_permissions": {dbPathBehavior: hasWrongPermission}, + "Error_on_missing_parent_db_directory": {dbPathBehavior: parentDirDoesNotExists}, "Error_on_grpc_daemon_creation_failure": {socketPathBehavior: dirIsFile}, - "Error_on_manager_creationg_failure": {cacheDBBehavior: hasWrongPermission}, + "Error_on_manager_creationg_failure": {dbBehavior: hasWrongPermission}, } for name, tc := range testCases { @@ -156,13 +156,13 @@ func TestAppRunFailsOnComponentsCreationAndQuit(t *testing.T) { require.NoError(t, err, "Setup: failed to write file") var config daemon.DaemonConfig - switch tc.cachePathBehavior { + switch tc.dbPathBehavior { case dirIsFile: - config.Paths.Cache = filePath + config.Paths.Database = filePath case hasWrongPermission: - config.Paths.Cache = worldAccessDir + config.Paths.Database = worldAccessDir case parentDirDoesNotExists: - config.Paths.Cache = filepath.Join(shortTmp, "not-exists", "cache") + config.Paths.Database = filepath.Join(shortTmp, "not-exists", "db") } switch tc.socketPathBehavior { case dirIsFile: @@ -170,13 +170,13 @@ func TestAppRunFailsOnComponentsCreationAndQuit(t *testing.T) { default: config.Paths.Socket = filepath.Join(shortTmp, "mysocket") } - switch tc.cacheDBBehavior { + switch tc.dbBehavior { case hasWrongPermission: - config.Paths.Cache = filepath.Join(shortTmp, "cache") - err := os.MkdirAll(config.Paths.Cache, 0700) - require.NoError(t, err, "Setup: could not create cache directory") + config.Paths.Database = filepath.Join(shortTmp, "db") + err := os.MkdirAll(config.Paths.Database, 0700) + require.NoError(t, err, "Setup: could not create database directory") //nolint: gosec // This is a file with invalid permission for tests. - err = os.WriteFile(filepath.Join(config.Paths.Cache, db.Z_ForTests_DBName()), nil, 0644) + err = os.WriteFile(filepath.Join(config.Paths.Database, db.Z_ForTests_DBName()), nil, 0644) require.NoError(t, err, "Setup: could not create database with invalid permissions") } @@ -319,7 +319,7 @@ func TestNoConfigSetDefaults(t *testing.T) { require.Equal(t, 0, a.Config().Verbosity, "Default Verbosity") require.Equal(t, consts.DefaultBrokersConfPath, a.Config().Paths.BrokersConf, "Default brokers configuration path") - require.Equal(t, consts.DefaultCacheDir, a.Config().Paths.Cache, "Default cache directory") + require.Equal(t, consts.DefaultDatabaseDir, a.Config().Paths.Database, "Default database directory") require.Equal(t, "", a.Config().Paths.Socket, "No socket address as default") } diff --git a/cmd/authd/daemon/export_test.go b/cmd/authd/daemon/export_test.go index 6f1acfbd6..d57519973 100644 --- a/cmd/authd/daemon/export_test.go +++ b/cmd/authd/daemon/export_test.go @@ -38,11 +38,11 @@ func GenerateTestConfig(t *testing.T, origConf *daemonConfig) string { if conf.Verbosity == 0 { conf.Verbosity = 2 } - if conf.Paths.Cache == "" { - conf.Paths.Cache = t.TempDir() + if conf.Paths.Database == "" { + conf.Paths.Database = t.TempDir() //nolint: gosec // This is a directory owned only by the current user for tests. - err := os.Chmod(conf.Paths.Cache, 0700) - require.NoError(t, err, "Setup: could not change permission on cache directory for tests") + err := os.Chmod(conf.Paths.Database, 0700) + require.NoError(t, err, "Setup: could not change permission on database directory for tests") } if conf.Paths.Socket == "" { conf.Paths.Socket = filepath.Join(t.TempDir(), "authd.socket") diff --git a/cmd/authd/daemon/migration.go b/cmd/authd/daemon/migration.go index 66f52424f..855f74f00 100644 --- a/cmd/authd/daemon/migration.go +++ b/cmd/authd/daemon/migration.go @@ -9,7 +9,7 @@ import ( "github.com/ubuntu/authd/log" ) -func migrateOldCacheDir(oldPath, newPath string) error { +func migrateOlddbDir(oldPath, newPath string) error { exists, err := fileutils.FileExists(oldPath) if err != nil { // Let's not fail if we can't access the old database dir, but log a warning diff --git a/cmd/authd/daemon/migration_test.go b/cmd/authd/daemon/migration_test.go index 03661ae92..a132b70e0 100644 --- a/cmd/authd/daemon/migration_test.go +++ b/cmd/authd/daemon/migration_test.go @@ -9,7 +9,7 @@ import ( "github.com/ubuntu/authd/internal/fileutils" ) -func TestMigrateOldCacheDir(t *testing.T) { +func TestMigrateOlddbDir(t *testing.T) { t.Parallel() testCases := map[string]struct { @@ -56,8 +56,8 @@ func TestMigrateOldCacheDir(t *testing.T) { oldParentDir := t.TempDir() newParentDir := t.TempDir() - oldDir := filepath.Join(oldParentDir, "cache") - newDir := filepath.Join(newParentDir, "cache") + oldDir := filepath.Join(oldParentDir, "db") + newDir := filepath.Join(newParentDir, "db") dbFilename := "authd.db" if tc.oldDirExists { @@ -94,7 +94,7 @@ func TestMigrateOldCacheDir(t *testing.T) { }() } - err := migrateOldCacheDir(oldDir, newDir) + err := migrateOlddbDir(oldDir, newDir) require.ErrorIs(t, err, tc.wantedErr) if tc.wantOldDirExists { diff --git a/internal/consts/consts.go b/internal/consts/consts.go index f68c4d44c..0074ffb5f 100644 --- a/internal/consts/consts.go +++ b/internal/consts/consts.go @@ -21,11 +21,11 @@ const ( // DefaultBrokersConfPath is the default configuration directory for the brokers. DefaultBrokersConfPath = "/etc/authd/brokers.d/" - // OldCacheDir is the directory where the database was stored by default before 0.3.7. - OldCacheDir = "/var/cache/authd/" + // OlddbDir is the directory where the database was stored by default before 0.3.7. + OlddbDir = "/var/cache/authd/" - // DefaultCacheDir is the default directory for the database. - DefaultCacheDir = "/var/lib/authd/" + // DefaultDatabaseDir is the default directory for the database. + DefaultDatabaseDir = "/var/lib/authd/" // ServiceName is the authd service name for health check purposes. ServiceName = "com.ubuntu.authd" diff --git a/internal/services/manager.go b/internal/services/manager.go index bb67bace8..9eb7e440b 100644 --- a/internal/services/manager.go +++ b/internal/services/manager.go @@ -29,7 +29,7 @@ type Manager struct { } // NewManager returns a new manager after creating all necessary items for our business logic. -func NewManager(ctx context.Context, cacheDir, brokersConfPath string, configuredBrokers []string, usersConfig users.Config) (m Manager, err error) { +func NewManager(ctx context.Context, dbDir, brokersConfPath string, configuredBrokers []string, usersConfig users.Config) (m Manager, err error) { defer decorate.OnError(&err /*i18n.G(*/, "can't create authd object") //) log.Debug(ctx, "Building authd object") @@ -39,7 +39,7 @@ func NewManager(ctx context.Context, cacheDir, brokersConfPath string, configure return m, err } - userManager, err := users.NewManager(usersConfig, cacheDir) + userManager, err := users.NewManager(usersConfig, dbDir) if err != nil { return m, err } @@ -78,9 +78,9 @@ func (m Manager) RegisterGRPCServices(ctx context.Context) *grpc.Server { return grpcServer } -// stop stops the underlying cache. +// stop stops the underlying database. func (m *Manager) stop() error { - log.Debug(context.TODO(), "Closing gRPC manager and cache") + log.Debug(context.TODO(), "Closing gRPC manager and database") return m.userManager.Stop() } diff --git a/internal/services/manager_test.go b/internal/services/manager_test.go index ba58b3ec8..067292240 100644 --- a/internal/services/manager_test.go +++ b/internal/services/manager_test.go @@ -23,7 +23,7 @@ import ( func TestNewManager(t *testing.T) { tests := map[string]struct { - cacheDir string + dbDir string systemBusSocket string @@ -31,19 +31,19 @@ func TestNewManager(t *testing.T) { }{ "Successfully_create_the_manager": {}, - "Error_when_can_not_create_cache": {cacheDir: "doesnotexist", wantErr: true}, + "Error_when_can_not_create_db": {dbDir: "doesnotexist", wantErr: true}, "Error_when_can_not_create_broker_manager": {systemBusSocket: "doesnotexist", wantErr: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { - if tc.cacheDir == "" { - tc.cacheDir = t.TempDir() + if tc.dbDir == "" { + tc.dbDir = t.TempDir() } if tc.systemBusSocket != "" { t.Setenv("DBUS_SYSTEM_BUS_ADDRESS", tc.systemBusSocket) } - m, err := services.NewManager(context.Background(), tc.cacheDir, t.TempDir(), nil, users.DefaultConfig) + m, err := services.NewManager(context.Background(), tc.dbDir, t.TempDir(), nil, users.DefaultConfig) if tc.wantErr { require.Error(t, err, "NewManager should have returned an error, but did not") return diff --git a/internal/services/nss/nss.go b/internal/services/nss/nss.go index 02bb601ce..bfa0adbc8 100644 --- a/internal/services/nss/nss.go +++ b/internal/services/nss/nss.go @@ -53,7 +53,7 @@ func (s Service) GetPasswdByName(ctx context.Context, req *authd.GetPasswdByName return nil, noDataFoundErrorToGRPCError(err) } - // If the user is not found in the local cache, we check if it exists in at least one broker. + // If the user is not found in the database, we check if it exists in at least one broker. pwent, err := s.userPreCheck(ctx, req.GetName()) if err != nil { return nil, status.Error(codes.NotFound, err.Error()) diff --git a/internal/services/nss/nss_test.go b/internal/services/nss/nss_test.go index 335ef92dc..8d5106a0f 100644 --- a/internal/services/nss/nss_test.go +++ b/internal/services/nss/nss_test.go @@ -55,7 +55,7 @@ func TestGetPasswdByName(t *testing.T) { }{ "Return_existing_user": {username: "user1"}, - "Precheck_user_if_not_in_cache": {username: "user-pre-check", shouldPreCheck: true}, + "Precheck_user_if_not_in_db": {username: "user-pre-check", shouldPreCheck: true}, "Prechecked_user_with_upper_cases_in_username_has_same_id_as_lower_case": {username: "User-Pre-Check", shouldPreCheck: true}, "Error_in_database_fetched_content": {username: "user1", sourceDB: "invalid.db.yaml", wantErr: true}, @@ -63,12 +63,12 @@ func TestGetPasswdByName(t *testing.T) { "Error_on_missing_name": {wantErr: true}, "Error_in_database_fetched_content_does_not_trigger_precheck": {username: "user1", sourceDB: "invalid.db.yaml", shouldPreCheck: true, wantErr: true}, - "Error_if_user_not_in_cache_and_precheck_is_disabled": {username: "user-pre-check", wantErr: true, wantErrNotExists: true}, - "Error_if_user_not_in_cache_and_precheck_fails": {username: "does-not-exist", sourceDB: "empty.db.yaml", shouldPreCheck: true, wantErr: true, wantErrNotExists: true}, + "Error_if_user_not_in_db_and_precheck_is_disabled": {username: "user-pre-check", wantErr: true, wantErrNotExists: true}, + "Error_if_user_not_in_db_and_precheck_fails": {username: "does-not-exist", sourceDB: "empty.db.yaml", shouldPreCheck: true, wantErr: true, wantErrNotExists: true}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -96,7 +96,7 @@ func TestGetPasswdByUID(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -120,7 +120,7 @@ func TestGetPasswdEntries(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -148,7 +148,7 @@ func TestGetGroupByName(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -176,7 +176,7 @@ func TestGetGroupByGID(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -200,7 +200,7 @@ func TestGetGroupEntries(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, false) @@ -230,7 +230,7 @@ func TestGetShadowByName(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, tc.currentUserNotRoot) @@ -256,7 +256,7 @@ func TestGetShadowEntries(t *testing.T) { } for name, tc := range tests { t.Run(name, func(t *testing.T) { - // We don't care about gpasswd output here as it's already covered in the cache unit tests. + // We don't care about gpasswd output here as it's already covered in the db unit tests. _ = localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "empty.group")) client := newNSSClient(t, tc.sourceDB, tc.currentUserNotRoot) @@ -271,7 +271,7 @@ func TestMockgpasswd(t *testing.T) { localgroupstestutils.Mockgpasswd(t) } -// newNSSClient returns a new GRPC PAM client for tests with the provided sourceDB as its initial cache. +// newNSSClient returns a new GRPC PAM client for tests with the provided sourceDB as its initial database. func newNSSClient(t *testing.T, sourceDB string, currentUserNotRoot bool) (client authd.NSSClient) { t.Helper() @@ -322,15 +322,15 @@ func enableCheckGlobalAccess(s nss.Service) grpc.UnaryServerInterceptor { } } -// newUserManagerForTests returns a cache object cleaned up with the test ends. +// newUserManagerForTests returns a user manager object cleaned up with the test ends. func newUserManagerForTests(t *testing.T, sourceDB string) *users.Manager { t.Helper() - cacheDir := t.TempDir() + dbDir := t.TempDir() if sourceDB == "" { - sourceDB = "cache.db.yaml" + sourceDB = "default.db.yaml" } - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", sourceDB), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", sourceDB), dbDir) managerOpts := []users.Option{ users.WithIDGenerator(&idgenerator.IDGeneratorMock{ @@ -339,7 +339,7 @@ func newUserManagerForTests(t *testing.T, sourceDB string) *users.Manager { }), } - m, err := users.NewManager(users.DefaultConfig, cacheDir, managerOpts...) + m, err := users.NewManager(users.DefaultConfig, dbDir, managerOpts...) require.NoError(t, err, "Setup: could not create user manager") t.Cleanup(func() { _ = m.Stop() }) diff --git a/internal/services/nss/testdata/cache.db.yaml b/internal/services/nss/testdata/default.db.yaml similarity index 100% rename from internal/services/nss/testdata/cache.db.yaml rename to internal/services/nss/testdata/default.db.yaml diff --git a/internal/services/nss/testdata/golden/TestGetPasswdByName/Precheck_user_if_not_in_cache b/internal/services/nss/testdata/golden/TestGetPasswdByName/Precheck_user_if_not_in_db similarity index 100% rename from internal/services/nss/testdata/golden/TestGetPasswdByName/Precheck_user_if_not_in_cache rename to internal/services/nss/testdata/golden/TestGetPasswdByName/Precheck_user_if_not_in_db diff --git a/internal/services/pam/pam.go b/internal/services/pam/pam.go index a707f159e..e5ab560c9 100644 --- a/internal/services/pam/pam.go +++ b/internal/services/pam/pam.go @@ -60,20 +60,20 @@ func (s Service) AvailableBrokers(ctx context.Context, _ *authd.Empty) (*authd.A } // GetPreviousBroker returns the previous broker set for a given user, if any. -// If the user is not in our cache, it will try to check if it’s on the system, and return then "local". +// If the user is not in our cache/database, it will try to check if it’s on the system, and return then "local". func (s Service) GetPreviousBroker(ctx context.Context, req *authd.GPBRequest) (*authd.GPBResponse, error) { // Use in memory cache first if b := s.brokerManager.BrokerForUser(req.GetUsername()); b != nil { return &authd.GPBResponse{PreviousBroker: b.ID}, nil } - // Load from database cache. + // Load from database. brokerID, err := s.userManager.BrokerForUser(req.GetUsername()) - // User is not in our cache. + // User is not in our database. if err != nil && errors.Is(err, users.NoDataFoundError{}) { // FIXME: this part will not be here in the v2 API version, as we won’t have GetPreviousBroker and handle // autoselection silently in authd. - // User not in cache, if there is only the local broker available, return this one without saving it. + // User not in database, if there is only the local broker available, return this one without saving it. if len(s.brokerManager.AvailableBrokers()) == 1 { log.Debugf(ctx, "User %q is not handled by authd and only local broker: select it.", req.GetUsername()) return &authd.GPBResponse{PreviousBroker: brokers.LocalBrokerName}, nil @@ -89,13 +89,13 @@ func (s Service) GetPreviousBroker(ctx context.Context, req *authd.GPBRequest) ( // service (passwd, winbind, sss…) is handling that user. brokerID = brokers.LocalBrokerName } else if err != nil { - log.Infof(ctx, "Could not get previous broker for user %q from cache: %v", req.GetUsername(), err) + log.Infof(ctx, "Could not get previous broker for user %q from database: %v", req.GetUsername(), err) return &authd.GPBResponse{}, nil } - // No error but the brokerID is empty (broker in cache but default broker not stored yet due no successful login) + // No error but the brokerID is empty (broker in database but default broker not stored yet due no successful login) if brokerID == "" { - log.Infof(ctx, "No assigned broker for user %q from cache", req.GetUsername()) + log.Infof(ctx, "No assigned broker for user %q from database", req.GetUsername()) return &authd.GPBResponse{}, nil } @@ -104,7 +104,7 @@ func (s Service) GetPreviousBroker(ctx context.Context, req *authd.GPBRequest) ( return &authd.GPBResponse{}, nil } - // Cache the broker which should be used for the user, so that we don't have to query the database again next time - + // Database the broker which should be used for the user, so that we don't have to query the database again next time - // except if the broker is the local broker, because then the decision to use the local broker should be made each // time the user tries to log in, based on whether the user is provided by any other NSS service. if brokerID == brokers.LocalBrokerName { diff --git a/internal/services/pam/pam_test.go b/internal/services/pam/pam_test.go index 7e1d0bef9..5838f6c7b 100644 --- a/internal/services/pam/pam_test.go +++ b/internal/services/pam/pam_test.go @@ -148,7 +148,7 @@ func TestGetPreviousBroker(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - cacheDir := t.TempDir() + dbDir := t.TempDir() // We have to replace MOCKBROKERID with our generated broker id. f, err := os.Open(filepath.Join(testutils.TestFamilyPath(t), "get-previous-broker.db")) require.NoError(t, err, "Setup: could not open fixture database file") @@ -156,10 +156,10 @@ func TestGetPreviousBroker(t *testing.T) { d, err := io.ReadAll(f) require.NoError(t, err, "Setup: could not read fixture database file") d = bytes.ReplaceAll(d, []byte("MOCKBROKERID"), []byte(mockBrokerGeneratedID)) - err = db.Z_ForTests_FromYAML(bytes.NewBuffer(d), cacheDir) - require.NoError(t, err, "Setup: could not prepare cache database file") + err = db.Z_ForTests_FromYAML(bytes.NewBuffer(d), dbDir) + require.NoError(t, err, "Setup: could not prepare database file") - m, err := users.NewManager(users.DefaultConfig, cacheDir) + m, err := users.NewManager(users.DefaultConfig, dbDir) require.NoError(t, err, "Setup: could not create user manager") t.Cleanup(func() { _ = m.Stop() }) pm := newPermissionManager(t, tc.currentUserNotRoot) @@ -456,9 +456,9 @@ func TestIsAuthenticated(t *testing.T) { destCmdsFile = localgroupstestutils.SetupGPasswdMock(t, filepath.Join(testutils.TestFamilyPath(t), tc.localGroupsFile)) } - cacheDir := t.TempDir() + dbDir := t.TempDir() if tc.existingDB != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join(testutils.TestFamilyPath(t), tc.existingDB), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join(testutils.TestFamilyPath(t), tc.existingDB), dbDir) } managerOpts := []users.Option{ @@ -468,7 +468,7 @@ func TestIsAuthenticated(t *testing.T) { }), } - m, err := users.NewManager(users.DefaultConfig, cacheDir, managerOpts...) + m, err := users.NewManager(users.DefaultConfig, dbDir, managerOpts...) require.NoError(t, err, "Setup: could not create user manager") t.Cleanup(func() { _ = m.Stop() }) pm := newPermissionManager(t, false) // Allow starting the session (current user considered root) @@ -532,8 +532,8 @@ func TestIsAuthenticated(t *testing.T) { got = permissions.Z_ForTests_IdempotentPermissionError(got) golden.CheckOrUpdate(t, got, golden.WithPath("IsAuthenticated")) - // Check that cache has been updated too. - gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + // Check that database has been updated too. + gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Setup: failed to dump database for comparing") golden.CheckOrUpdate(t, gotDB, golden.WithPath("cache.db")) @@ -579,7 +579,7 @@ func TestIDGeneration(t *testing.T) { require.NoError(t, err, "Setup: could not authenticate user") require.Equal(t, "granted", resp.GetAccess(), "Setup: authentication should be granted") - gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Setup: failed to dump database for comparing") golden.CheckOrUpdate(t, gotDB, golden.WithPath("cache.db")) }) @@ -609,10 +609,10 @@ func TestSetDefaultBrokerForUser(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join(testutils.TestFamilyPath(t), "set-default-broker.db"), cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join(testutils.TestFamilyPath(t), "set-default-broker.db"), dbDir) - m, err := users.NewManager(users.DefaultConfig, cacheDir) + m, err := users.NewManager(users.DefaultConfig, dbDir) require.NoError(t, err, "Setup: could not create user manager") t.Cleanup(func() { _ = m.Stop() }) pm := newPermissionManager(t, tc.currentUserNotRoot) @@ -637,8 +637,8 @@ func TestSetDefaultBrokerForUser(t *testing.T) { require.NoError(t, err, "GetPreviousBroker should not return an error") require.Equal(t, tc.brokerID, gpbResp.GetPreviousBroker(), "SetDefaultBrokerForUser should set the default broker as expected") - // Check that cache has been updated too. - gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + // Check that database has been updated too. + gotDB, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Setup: failed to dump database for comparing") golden.CheckOrUpdate(t, gotDB, golden.WithPath("cache.db")) }) @@ -725,9 +725,9 @@ func initBrokers() (brokerConfigPath string, cleanup func(), err error) { }, nil } -// newPAMClient returns a new GRPC PAM client for tests connected to brokerManager with the given cache and +// newPAMClient returns a new GRPC PAM client for tests connected to brokerManager with the given database and // permissionmanager. -// If the one passed is nil, this function will create the cache and close it upon test teardown. +// If the one passed is nil, this function will create the database and close it upon test teardown. func newPamClient(t *testing.T, m *users.Manager, brokerManager *brokers.Manager, pm *permissions.Manager) (client authd.PAMClient) { t.Helper() diff --git a/internal/services/withoutexamples.go b/internal/services/withoutexamples.go index 5c97757d2..906a63ca4 100644 --- a/internal/services/withoutexamples.go +++ b/internal/services/withoutexamples.go @@ -2,7 +2,7 @@ package services -// Stop stops the underlying cache only in production code. +// Stop stops the underlying database only in production code. func (m *Manager) Stop() error { return m.stop() } diff --git a/internal/testutils/daemon.go b/internal/testutils/daemon.go index 4a116ad85..d5c06fcd1 100644 --- a/internal/testutils/daemon.go +++ b/internal/testutils/daemon.go @@ -19,7 +19,7 @@ import ( ) type daemonOptions struct { - cachePath string + dbPath string existentDB string socketPath string env []string @@ -28,14 +28,14 @@ type daemonOptions struct { // DaemonOption represents an optional function that can be used to override some of the daemon default values. type DaemonOption func(*daemonOptions) -// WithCachePath overrides the default cache path of the daemon. -func WithCachePath(path string) DaemonOption { +// WithDBPath overrides the default database path of the daemon. +func WithDBPath(path string) DaemonOption { return func(o *daemonOptions) { - o.cachePath = path + o.dbPath = path } } -// WithPreviousDBState initializes the cache of the daemon with a preexistent database. +// WithPreviousDBState initializes the database of the daemon with a preexistent database. func WithPreviousDBState(db string) DaemonOption { return func(o *daemonOptions) { o.existentDB = db @@ -71,13 +71,13 @@ func RunDaemon(ctx context.Context, t *testing.T, execPath string, args ...Daemo require.NoError(t, err, "Setup: failed to create temp dir for tests") t.Cleanup(func() { os.RemoveAll(tempDir) }) - if opts.cachePath == "" { - opts.cachePath = filepath.Join(tempDir, "cache") - require.NoError(t, os.MkdirAll(opts.cachePath, 0700), "Setup: failed to create cache dir") + if opts.dbPath == "" { + opts.dbPath = filepath.Join(tempDir, "db") + require.NoError(t, os.MkdirAll(opts.dbPath, 0700), "Setup: failed to create database dir") } if opts.existentDB != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", opts.existentDB+".db.yaml"), opts.cachePath) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", opts.existentDB+".db.yaml"), opts.dbPath) } if opts.socketPath == "" { @@ -87,9 +87,9 @@ func RunDaemon(ctx context.Context, t *testing.T, execPath string, args ...Daemo config := fmt.Sprintf(` verbosity: 2 paths: - cache: %s + database: %s socket: %s -`, opts.cachePath, opts.socketPath) +`, opts.dbPath, opts.socketPath) configPath := filepath.Join(tempDir, "testconfig.yaml") require.NoError(t, os.WriteFile(configPath, []byte(config), 0600), "Setup: failed to create config file for tests") diff --git a/internal/users/db/db.go b/internal/users/db/db.go index f9031d30e..c9163e237 100644 --- a/internal/users/db/db.go +++ b/internal/users/db/db.go @@ -84,9 +84,9 @@ type groupToUsersDB struct { UIDs []uint32 } -// New creates a new database cache by creating or opening the underlying db. -func New(cacheDir string) (cache *Database, err error) { - dbPath := filepath.Join(cacheDir, dbName) +// New creates a new database by creating or opening the underlying db. +func New(dbDir string) (database *Database, err error) { + dbPath := filepath.Join(dbDir, dbName) defer decorate.OnError(&err, "could not create new database object at %q", dbPath) db, err := openAndInitDB(dbPath) @@ -165,8 +165,8 @@ func (c *Database) Close() error { } // RemoveDb removes the database file. -func RemoveDb(cacheDir string) error { - return os.Remove(filepath.Join(cacheDir, dbName)) +func RemoveDb(dbDir string) error { + return os.Remove(filepath.Join(dbDir, dbName)) } // bucketWithName is a wrapper adding the name on top of a bbolt Bucket. diff --git a/internal/users/db/db_test.go b/internal/users/db/db_test.go index 0312f1e67..466cb9ab5 100644 --- a/internal/users/db/db_test.go +++ b/internal/users/db/db_test.go @@ -30,7 +30,7 @@ func TestNew(t *testing.T) { "New_recreates_any_missing_buckets_and_delete_unknowns": {dbFile: "database_with_unknown_bucket"}, "New_removes_orphaned_user_records_from_UserByID_bucket": {dbFile: "orphaned_user_record"}, - "Error_on_cacheDir_non_existent_cacheDir": {dbFile: "-", wantErr: true}, + "Error_on_dbDir_non_existent_dbDir": {dbFile: "-", wantErr: true}, "Error_on_corrupted_db_file": {corruptedDbFile: true, wantErr: true}, "Error_on_invalid_permission_on_database_file": {dbFile: "multiple_users_and_groups", perm: &perm0644, wantErr: true}, "Error_on_unreadable_database_file": {dbFile: "multiple_users_and_groups", perm: &perm0000, wantErr: true}, @@ -39,14 +39,14 @@ func TestNew(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - cacheDir := t.TempDir() - dbDestPath := filepath.Join(cacheDir, db.Z_ForTests_DBName()) + dbDir := t.TempDir() + dbDestPath := filepath.Join(dbDir, db.Z_ForTests_DBName()) if tc.dbFile == "-" { - err := os.RemoveAll(cacheDir) - require.NoError(t, err, "Setup: could not remove temporary cache directory") + err := os.RemoveAll(dbDir) + require.NoError(t, err, "Setup: could not remove temporary database directory") } else if tc.dbFile != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", tc.dbFile+".db.yaml"), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", tc.dbFile+".db.yaml"), dbDir) } if tc.corruptedDbFile { err := os.WriteFile(dbDestPath, []byte("corrupted"), 0600) @@ -66,7 +66,7 @@ func TestNew(t *testing.T) { } } - c, err := db.New(cacheDir) + c, err := db.New(dbDir) if tc.wantErr { require.Error(t, err, "New should return an error but didn't") return @@ -205,7 +205,7 @@ func TestUpdateUserEntry(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) if tc.userCase == "" { tc.userCase = "user1" @@ -254,7 +254,7 @@ func TestUserByID(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.UserByID(1111) requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -280,7 +280,7 @@ func TestUserByName(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.UserByName("user1") requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -307,7 +307,7 @@ func TestAllUsers(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.AllUsers() requireGetAssertions(t, got, tc.wantErr, nil, err) @@ -334,7 +334,7 @@ func TestGroupByID(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.GroupByID(11111) requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -361,7 +361,7 @@ func TestGroupByName(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.GroupByName("group1") requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -388,7 +388,7 @@ func TestUserGroups(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.UserGroups(1111) requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -418,7 +418,7 @@ func TestAllGroups(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) got, err := c.AllGroups() requireGetAssertions(t, got, tc.wantErr, tc.wantErrType, err) @@ -429,7 +429,7 @@ func TestAllGroups(t *testing.T) { func TestUpdateBrokerForUser(t *testing.T) { t.Parallel() - c := initCache(t, "one_user_and_group") + c := initDB(t, "one_user_and_group") // Update broker for existent user err := c.UpdateBrokerForUser("user1", "ExampleBrokerID") @@ -443,7 +443,7 @@ func TestUpdateBrokerForUser(t *testing.T) { func TestBrokerForUser(t *testing.T) { t.Parallel() - c := initCache(t, "multiple_users_and_groups") + c := initDB(t, "multiple_users_and_groups") // Get existing BrokerForUser entry gotID, err := c.BrokerForUser("user1") @@ -464,15 +464,15 @@ func TestBrokerForUser(t *testing.T) { func TestRemoveDb(t *testing.T) { t.Parallel() - c := initCache(t, "multiple_users_and_groups") - cacheDir := filepath.Dir(c.DbPath()) + c := initDB(t, "multiple_users_and_groups") + dbDir := filepath.Dir(c.DbPath()) // First call should return with no error. - require.NoError(t, db.RemoveDb(cacheDir), "RemoveDb should not return an error on the first call") - require.NoFileExists(t, cacheDir, "RemoveDb should remove the database file") + require.NoError(t, db.RemoveDb(dbDir), "RemoveDb should not return an error on the first call") + require.NoFileExists(t, dbDir, "RemoveDb should remove the database file") // Second call should return ErrNotExist as the database file was already removed. - require.ErrorIs(t, db.RemoveDb(cacheDir), fs.ErrNotExist, "RemoveDb should return os.ErrNotExist on the second call") + require.ErrorIs(t, db.RemoveDb(dbDir), fs.ErrNotExist, "RemoveDb should return os.ErrNotExist on the second call") } func TestDeleteUser(t *testing.T) { @@ -494,7 +494,7 @@ func TestDeleteUser(t *testing.T) { t.Run(name, func(t *testing.T) { t.Parallel() - c := initCache(t, tc.dbFile) + c := initDB(t, tc.dbFile) err := c.DeleteUser(1111) if tc.wantErr { @@ -514,16 +514,16 @@ func TestDeleteUser(t *testing.T) { } } -// initCache returns a new cache ready to be used alongside its cache directory. -func initCache(t *testing.T, dbFile string) (c *db.Database) { +// initDB returns a new database ready to be used alongside its database directory. +func initDB(t *testing.T, dbFile string) (c *db.Database) { t.Helper() - cacheDir := t.TempDir() + dbDir := t.TempDir() if dbFile != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", dbFile+".db.yaml"), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", dbFile+".db.yaml"), dbDir) } - c, err := db.New(cacheDir) + c, err := db.New(dbDir) require.NoError(t, err) t.Cleanup(func() { c.Close() }) diff --git a/internal/users/db/getbroker.go b/internal/users/db/getbroker.go index 8d2b37c44..b823d5eb5 100644 --- a/internal/users/db/getbroker.go +++ b/internal/users/db/getbroker.go @@ -7,7 +7,7 @@ import ( ) // BrokerForUser returns the broker ID assigned to the given username, empty if it's not assigned yet -// or an error if no user was found in cache. +// or an error if no user was found in the database. func (c *Database) BrokerForUser(username string) (brokerID string, err error) { c.mu.RLock() defer c.mu.RUnlock() diff --git a/internal/users/db/getusers.go b/internal/users/db/getusers.go index fcbeea86c..40224c89d 100644 --- a/internal/users/db/getusers.go +++ b/internal/users/db/getusers.go @@ -10,7 +10,7 @@ import ( // userDB is the struct stored in json format in the bucket. // -// It prevents leaking of lastLogin, which is only relevant to the cache. +// It prevents leaking of lastLogin, which is only relevant to the database. type userDB struct { UserDB LastLogin time.Time diff --git a/internal/users/db/testdata/golden/TestDeleteUser/Deleting_existing_user_keeps_other_group_members_intact b/internal/users/db/testdata/golden/TestDeleteUser/Deleting_existing_user_keeps_other_group_members_intact new file mode 100644 index 000000000..317e47df2 --- /dev/null +++ b/internal/users/db/testdata/golden/TestDeleteUser/Deleting_existing_user_keeps_other_group_members_intact @@ -0,0 +1,40 @@ +GroupByID: + "11111": '{"Name":"group1","GID":11111,"UGID":"12345678"}' + "22222": '{"Name":"group2","GID":22222,"UGID":"56781234"}' + "33333": '{"Name":"group3","GID":33333,"UGID":"34567812"}' + "44444": '{"Name":"group4","GID":44444,"UGID":"45678123"}' + "99999": '{"Name":"commongroup","GID":99999,"UGID":"87654321"}' +GroupByName: + commongroup: '{"Name":"commongroup","GID":99999,"UGID":"87654321"}' + group1: '{"Name":"group1","GID":11111,"UGID":"12345678"}' + group2: '{"Name":"group2","GID":22222,"UGID":"56781234"}' + group3: '{"Name":"group3","GID":33333,"UGID":"34567812"}' + group4: '{"Name":"group4","GID":44444,"UGID":"45678123"}' +GroupByUGID: + "12345678": '{"Name":"group1","GID":11111,"UGID":"12345678"}' + "34567812": '{"Name":"group3","GID":33333,"UGID":"34567812"}' + "45678123": '{"Name":"group4","GID":44444,"UGID":"45678123"}' + "56781234": '{"Name":"group2","GID":22222,"UGID":"56781234"}' + "87654321": '{"Name":"commongroup","GID":99999,"UGID":"87654321"}' +GroupToUsers: + "11111": '{"GID":11111,"UIDs":[]}' + "22222": '{"GID":22222,"UIDs":[2222]}' + "33333": '{"GID":33333,"UIDs":[3333]}' + "44444": '{"GID":33333,"UIDs":[4444]}' + "99999": '{"GID":99999,"UIDs":[2222,3333,4444]}' +UserByID: + "2222": '{"Name":"user2","UID":2222,"GID":22222,"Gecos":"User2","Dir":"/home/user2","Shell":"/bin/dash","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"BBBBBTIME"}' + "3333": '{"Name":"user3","UID":3333,"GID":33333,"Gecos":"User3","Dir":"/home/user3","Shell":"/bin/zsh","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + "4444": '{"Name":"userwithoutbroker","UID":4444,"GID":44444,"Gecos":"userwithoutbroker","Dir":"/home/userwithoutbroker","Shell":"/bin/sh","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' +UserByName: + user2: '{"Name":"user2","UID":2222,"GID":22222,"Gecos":"User2","Dir":"/home/user2","Shell":"/bin/dash","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"BBBBBTIME"}' + user3: '{"Name":"user3","UID":3333,"GID":33333,"Gecos":"User3","Dir":"/home/user3","Shell":"/bin/zsh","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' + userwithoutbroker: '{"Name":"userwithoutbroker","UID":4444,"GID":44444,"Gecos":"userwithoutbroker","Dir":"/home/userwithoutbroker","Shell":"/bin/sh","LastPwdChange":-1,"MaxPwdAge":-1,"PwdWarnPeriod":-1,"PwdInactivity":-1,"MinPwdAge":-1,"ExpirationDate":-1,"LastLogin":"ABCDETIME"}' +UserToBroker: + "2222": '"broker-id"' + "3333": '"broker-id"' +UserToGroups: + "2222": '{"UID":2222,"GIDs":[22222,99999]}' + "3333": '{"UID":3333,"GIDs":[33333,99999]}' + "4444": '{"UID":4444,"GIDs":[44444,99999]}' +UserToLocalGroups: {} diff --git a/internal/users/db/update.go b/internal/users/db/update.go index e6090d62f..b4a776e39 100644 --- a/internal/users/db/update.go +++ b/internal/users/db/update.go @@ -72,7 +72,7 @@ func updateUser(buckets map[string]bucketWithName, userContent userDB) error { return errors.New("UID already in use by a different user") } - // Ensure that we use the same homedir as the one we have in cache. + // Ensure that we use the same homedir as the one we have in the database. if existingUser.Dir != "" && existingUser.Dir != userContent.Dir { log.Warningf(context.TODO(), "User %q already has a homedir. The existing %q one will be kept instead of %q", userContent.Name, existingUser.Dir, userContent.Dir) userContent.Dir = existingUser.Dir diff --git a/internal/users/manager.go b/internal/users/manager.go index 4d81f4140..d96415583 100644 --- a/internal/users/manager.go +++ b/internal/users/manager.go @@ -59,7 +59,7 @@ func WithIDGenerator(g tempentries.IDGenerator) Option { } // NewManager creates a new user manager. -func NewManager(config Config, cacheDir string, args ...Option) (m *Manager, err error) { +func NewManager(config Config, dbDir string, args ...Option) (m *Manager, err error) { log.Debugf(context.Background(), "Creating user manager with config: %+v", config) opts := &options{} @@ -95,7 +95,7 @@ func NewManager(config Config, cacheDir string, args ...Option) (m *Manager, err temporaryRecords: tempentries.NewTemporaryRecords(opts.idGenerator), } - c, err := db.New(cacheDir) + c, err := db.New(dbDir) if err != nil { return nil, err } diff --git a/internal/users/manager_test.go b/internal/users/manager_test.go index 16dc1e0c1..afccf0081 100644 --- a/internal/users/manager_test.go +++ b/internal/users/manager_test.go @@ -36,7 +36,7 @@ func TestNewManager(t *testing.T) { "New_recreates_any_missing_buckets_and_delete_unknowns": {dbFile: "database_with_unknown_bucket"}, "Error_when_database_is_corrupted": {corruptedDbFile: true, wantErr: true}, - "Error_if_cacheDir_does_not_exist": {dbFile: "-", wantErr: true}, + "Error_if_dbDir_does_not_exist": {dbFile: "-", wantErr: true}, "Error_if_UID_MIN_is_equal_to_UID_MAX": {uidMin: 1000, uidMax: 1000, wantErr: true}, "Error_if_GID_MIN_is_equal_to_GID_MAX": {gidMin: 1000, gidMax: 1000, wantErr: true}, "Error_if_UID_range_is_too_small": {uidMin: 1000, uidMax: 2000, wantErr: true}, @@ -45,18 +45,18 @@ func TestNewManager(t *testing.T) { t.Run(name, func(t *testing.T) { destCmdsFile := localgroupstestutils.SetupGPasswdMock(t, filepath.Join("testdata", "groups", "users_in_groups.group")) - cacheDir := t.TempDir() + dbDir := t.TempDir() if tc.dbFile == "" { tc.dbFile = "multiple_users_and_groups" } if tc.dbFile == "-" { - err := os.RemoveAll(cacheDir) + err := os.RemoveAll(dbDir) require.NoError(t, err, "Setup: could not remove temporary db directory") } else if tc.dbFile != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) } if tc.corruptedDbFile { - err := os.WriteFile(filepath.Join(cacheDir, db.Z_ForTests_DBName()), []byte("Corrupted db"), 0600) + err := os.WriteFile(filepath.Join(dbDir, db.Z_ForTests_DBName()), []byte("Corrupted db"), 0600) require.NoError(t, err, "Setup: Can't update the file with invalid db content") } @@ -74,14 +74,14 @@ func TestNewManager(t *testing.T) { config.GIDMax = tc.gidMax } - m, err := users.NewManager(config, cacheDir) + m, err := users.NewManager(config, dbDir) if tc.wantErr { require.Error(t, err, "NewManager should return an error, but did not") return } require.NoError(t, err, "NewManager should not return an error, but did") - got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Created database should be valid yaml content") golden.CheckOrUpdate(t, got) @@ -92,12 +92,12 @@ func TestNewManager(t *testing.T) { } func TestStop(t *testing.T) { - cacheDir := t.TempDir() - m := newManagerForTests(t, cacheDir) + dbDir := t.TempDir() + m := newManagerForTests(t, dbDir) require.NoError(t, m.Stop(), "Stop should not return an error, but did") // Should fail, because the db is closed - _, err := userstestutils.GetManagerCache(m).AllUsers() + _, err := userstestutils.GetManagerDB(m).AllUsers() require.ErrorIs(t, err, bbolt.ErrDatabaseNotOpen, "AllUsers should return an error, but did not") } @@ -194,9 +194,9 @@ func TestUpdateUser(t *testing.T) { user.Groups = append(user.Groups, g.GroupInfo) } - cacheDir := t.TempDir() + dbDir := t.TempDir() if tc.dbFile != "" { - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) } // One GID is generated for the user private group @@ -213,7 +213,7 @@ func TestUpdateUser(t *testing.T) { GIDsToGenerate: gids, }), } - m := newManagerForTests(t, cacheDir, managerOpts...) + m := newManagerForTests(t, dbDir, managerOpts...) var oldUID uint32 if tc.wantSameUID { @@ -236,7 +236,7 @@ func TestUpdateUser(t *testing.T) { require.Equal(t, oldUID, newUser.UID, "UID should not have changed") } - got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Created database should be valid yaml content") golden.CheckOrUpdateYAML(t, got) @@ -255,8 +255,8 @@ func TestBrokerForUser(t *testing.T) { wantErr bool wantErrType error }{ - "Successfully_get_broker_for_user": {username: "user1", dbFile: "multiple_users_and_groups", wantBrokerID: "broker-id"}, - "Return_no_broker_but_in_cache_if_user_has_no_broker_yet": {username: "userwithoutbroker", dbFile: "multiple_users_and_groups", wantBrokerID: ""}, + "Successfully_get_broker_for_user": {username: "user1", dbFile: "multiple_users_and_groups", wantBrokerID: "broker-id"}, + "Return_no_broker_but_in_db_if_user_has_no_broker_yet": {username: "userwithoutbroker", dbFile: "multiple_users_and_groups", wantBrokerID: ""}, "Error_if_user_does_not_exist": {username: "doesnotexist", dbFile: "multiple_users_and_groups", wantErrType: db.NoDataFoundError{}}, "Error_if_db_has_invalid_entry": {username: "user1", dbFile: "invalid_entry_in_userByName", wantErr: true}, @@ -266,9 +266,9 @@ func TestBrokerForUser(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) - m := newManagerForTests(t, cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) + m := newManagerForTests(t, dbDir) brokerID, err := m.BrokerForUser(tc.username) @@ -308,9 +308,9 @@ func TestUpdateBrokerForUser(t *testing.T) { tc.dbFile = "multiple_users_and_groups" } - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) - m := newManagerForTests(t, cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) + m := newManagerForTests(t, dbDir) err := m.UpdateBrokerForUser(tc.username, "ExampleBrokerID") @@ -319,7 +319,7 @@ func TestUpdateBrokerForUser(t *testing.T) { return } - got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerCache(m)) + got, err := db.Z_ForTests_DumpNormalizedYAML(userstestutils.GetManagerDB(m)) require.NoError(t, err, "Created database should be valid yaml content") golden.CheckOrUpdateYAML(t, got) @@ -353,10 +353,10 @@ func TestUserByIDAndName(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) - m := newManagerForTests(t, cacheDir) + m := newManagerForTests(t, dbDir) var err error if tc.isTempUser { @@ -406,9 +406,9 @@ func TestAllUsers(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) - m := newManagerForTests(t, cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) + m := newManagerForTests(t, dbDir) got, err := m.AllUsers() @@ -448,9 +448,9 @@ func TestGroupByIDAndName(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) - m := newManagerForTests(t, cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) + m := newManagerForTests(t, dbDir) var err error if tc.isTempGroup { @@ -500,10 +500,10 @@ func TestAllGroups(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) - m := newManagerForTests(t, cacheDir) + m := newManagerForTests(t, dbDir) got, err := m.AllGroups() @@ -535,10 +535,10 @@ func TestShadowByName(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) - m := newManagerForTests(t, cacheDir) + m := newManagerForTests(t, dbDir) got, err := m.ShadowByName(tc.username) @@ -567,10 +567,10 @@ func TestAllShadows(t *testing.T) { // We don't care about the output of gpasswd in this test, but we still need to mock it. _ = localgroupstestutils.SetupGPasswdMock(t, "empty.group") - cacheDir := t.TempDir() - db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), cacheDir) + dbDir := t.TempDir() + db.Z_ForTests_CreateDBFromYAML(t, filepath.Join("testdata", "db", tc.dbFile+".db.yaml"), dbDir) - m := newManagerForTests(t, cacheDir) + m := newManagerForTests(t, dbDir) got, err := m.AllShadows() @@ -602,10 +602,10 @@ func requireErrorAssertions(t *testing.T, gotErr, wantErrType error, wantErr boo require.NoError(t, gotErr, "Error should not be returned") } -func newManagerForTests(t *testing.T, cacheDir string, opts ...users.Option) *users.Manager { +func newManagerForTests(t *testing.T, dbDir string, opts ...users.Option) *users.Manager { t.Helper() - m, err := users.NewManager(users.DefaultConfig, cacheDir, opts...) + m, err := users.NewManager(users.DefaultConfig, dbDir, opts...) require.NoError(t, err, "NewManager should not return an error, but did") return m diff --git a/internal/users/tempentries/tempentries.go b/internal/users/tempentries/tempentries.go index cb759ae45..e0e9f3e6b 100644 --- a/internal/users/tempentries/tempentries.go +++ b/internal/users/tempentries/tempentries.go @@ -11,7 +11,7 @@ import ( "github.com/ubuntu/authd/log" ) -// NoDataFoundError is the error returned when no entry is found in the cache. +// NoDataFoundError is the error returned when no entry is found in the database. type NoDataFoundError = db.NoDataFoundError // IDGenerator is the interface that must be implemented by the ID generator. diff --git a/internal/users/testutils/manager.go b/internal/users/testutils/manager.go index 2f61ba38c..10b0079fe 100644 --- a/internal/users/testutils/manager.go +++ b/internal/users/testutils/manager.go @@ -1,4 +1,4 @@ -// Package userstestutils export cache test functionalities used by other packages. +// Package userstestutils export db test functionalities used by other packages. package userstestutils import ( @@ -15,13 +15,13 @@ func init() { } type manager struct { - cache *db.Database + db *db.Database } -// GetManagerCache returns the cache of the manager. -func GetManagerCache(m *users.Manager) *db.Database { +// GetManagerDB returns the database of the manager. +func GetManagerDB(m *users.Manager) *db.Database { //#nosec:G103 // This is only used in tests. mTest := *(*manager)(unsafe.Pointer(m)) - return mTest.cache + return mTest.db } diff --git a/nss/integration-tests/integration_test.go b/nss/integration-tests/integration_test.go index ba814bb6c..784eb1f6b 100644 --- a/nss/integration-tests/integration_test.go +++ b/nss/integration-tests/integration_test.go @@ -44,9 +44,9 @@ func TestIntegration(t *testing.T) { }) tests := map[string]struct { - db string - key string - cacheDB string + getentDB string + key string + dbState string noDaemon bool currentUserNotRoot bool @@ -55,51 +55,51 @@ func TestIntegration(t *testing.T) { wantStatus int }{ - "Get_all_entries_from_passwd": {db: "passwd"}, - "Get_all_entries_from_group": {db: "group"}, - "Get_all_entries_from_shadow_if_considered_root": {db: "shadow"}, + "Get_all_entries_from_passwd": {getentDB: "passwd"}, + "Get_all_entries_from_group": {getentDB: "group"}, + "Get_all_entries_from_shadow_if_considered_root": {getentDB: "shadow"}, - "Get_entry_from_passwd_by_name": {db: "passwd", key: "user1"}, - "Get_entry_from_group_by_name": {db: "group", key: "group1"}, - "Get_entry_from_shadow_by_name_if_considered_root": {db: "shadow", key: "user1"}, + "Get_entry_from_passwd_by_name": {getentDB: "passwd", key: "user1"}, + "Get_entry_from_group_by_name": {getentDB: "group", key: "group1"}, + "Get_entry_from_shadow_by_name_if_considered_root": {getentDB: "shadow", key: "user1"}, - "Get_entry_from_passwd_by_id": {db: "passwd", key: "1111"}, - "Get_entry_from_group_by_id": {db: "group", key: "11111"}, + "Get_entry_from_passwd_by_id": {getentDB: "passwd", key: "1111"}, + "Get_entry_from_group_by_id": {getentDB: "group", key: "11111"}, - "Check_user_with_broker_if_not_found_in_cache": {db: "passwd", key: "user-pre-check", shouldPreCheck: true}, + "Check_user_with_broker_if_not_found_in_db": {getentDB: "passwd", key: "user-pre-check", shouldPreCheck: true}, // Even though those are "error" cases, the getent command won't fail when trying to list content of a service. - "Returns_empty_when_getting_all_entries_from_shadow_if_regular_user": {db: "shadow", currentUserNotRoot: true}, + "Returns_empty_when_getting_all_entries_from_shadow_if_regular_user": {getentDB: "shadow", currentUserNotRoot: true}, - "Returns_empty_when_getting_all_entries_from_passwd_and_daemon_is_not_available": {db: "passwd", noDaemon: true}, - "Returns_empty_when_getting_all_entries_from_group_and_daemon_is_not_available": {db: "group", noDaemon: true}, - "Returns_empty_when_getting_all_entries_from_shadow_and_daemon_is_not_available": {db: "shadow", noDaemon: true}, + "Returns_empty_when_getting_all_entries_from_passwd_and_daemon_is_not_available": {getentDB: "passwd", noDaemon: true}, + "Returns_empty_when_getting_all_entries_from_group_and_daemon_is_not_available": {getentDB: "group", noDaemon: true}, + "Returns_empty_when_getting_all_entries_from_shadow_and_daemon_is_not_available": {getentDB: "shadow", noDaemon: true}, /* Error cases */ // We can't assert on the returned error type since the error returned by getent will always be 2 (i.e. Not Found), even though the library returns other types. - "Error_when_getting_all_entries_from_passwd_and_database_is_corrupted": {db: "passwd", cacheDB: "invalid_entry_in_userByID", wantSecondCall: true}, - "Error_when_getting_all_entries_from_group_and_database_is_corrupted": {db: "group", cacheDB: "invalid_entry_in_groupByID", wantSecondCall: true}, - "Error_when_getting_all_entries_from_shadow_and_database_is_corrupted": {db: "shadow", cacheDB: "invalid_entry_in_userByID", wantSecondCall: true}, + "Error_when_getting_all_entries_from_passwd_and_database_is_corrupted": {getentDB: "passwd", dbState: "invalid_entry_in_userByID", wantSecondCall: true}, + "Error_when_getting_all_entries_from_group_and_database_is_corrupted": {getentDB: "group", dbState: "invalid_entry_in_groupByID", wantSecondCall: true}, + "Error_when_getting_all_entries_from_shadow_and_database_is_corrupted": {getentDB: "shadow", dbState: "invalid_entry_in_userByID", wantSecondCall: true}, - "Error_when_getting_shadow_by_name_if_regular_user": {db: "shadow", key: "user1", currentUserNotRoot: true, wantStatus: codeNotFound}, + "Error_when_getting_shadow_by_name_if_regular_user": {getentDB: "shadow", key: "user1", currentUserNotRoot: true, wantStatus: codeNotFound}, - "Error_when_getting_passwd_by_name_and_entry_does_not_exist": {db: "passwd", key: "doesnotexit", wantStatus: codeNotFound}, - "Error_when_getting_passwd_by_name_entry_exists_in_broker_but_precheck_is_disabled": {db: "passwd", key: "user-pre-check", wantStatus: codeNotFound}, - "Error_when_getting_group_by_name_and_entry_does_not_exist": {db: "group", key: "doesnotexit", wantStatus: codeNotFound}, - "Error_when_getting_shadow_by_name_and_entry_does_not_exist": {db: "shadow", key: "doesnotexit", wantStatus: codeNotFound}, + "Error_when_getting_passwd_by_name_and_entry_does_not_exist": {getentDB: "passwd", key: "doesnotexit", wantStatus: codeNotFound}, + "Error_when_getting_passwd_by_name_entry_exists_in_broker_but_precheck_is_disabled": {getentDB: "passwd", key: "user-pre-check", wantStatus: codeNotFound}, + "Error_when_getting_group_by_name_and_entry_does_not_exist": {getentDB: "group", key: "doesnotexit", wantStatus: codeNotFound}, + "Error_when_getting_shadow_by_name_and_entry_does_not_exist": {getentDB: "shadow", key: "doesnotexit", wantStatus: codeNotFound}, - "Error_when_getting_passwd_by_id_and_entry_does_not_exist": {db: "passwd", key: "404", wantStatus: codeNotFound}, - "Error_when_getting_group_by_id_and_entry_does_not_exist": {db: "group", key: "404", wantStatus: codeNotFound}, + "Error_when_getting_passwd_by_id_and_entry_does_not_exist": {getentDB: "passwd", key: "404", wantStatus: codeNotFound}, + "Error_when_getting_group_by_id_and_entry_does_not_exist": {getentDB: "group", key: "404", wantStatus: codeNotFound}, - "Error_when_getting_passwd_by_name_and_daemon_is_not_available": {db: "passwd", key: "user1", noDaemon: true, wantStatus: codeNotFound}, - "Error_when_getting_group_by_name_and_daemon_is_not_available": {db: "group", key: "group1", noDaemon: true, wantStatus: codeNotFound}, - "Error_when_getting_shadow_by_name_and_daemon_is_not_available": {db: "shadow", key: "user1", noDaemon: true, wantStatus: codeNotFound}, + "Error_when_getting_passwd_by_name_and_daemon_is_not_available": {getentDB: "passwd", key: "user1", noDaemon: true, wantStatus: codeNotFound}, + "Error_when_getting_group_by_name_and_daemon_is_not_available": {getentDB: "group", key: "group1", noDaemon: true, wantStatus: codeNotFound}, + "Error_when_getting_shadow_by_name_and_daemon_is_not_available": {getentDB: "shadow", key: "user1", noDaemon: true, wantStatus: codeNotFound}, - "Error_when_getting_passwd_by_id_and_daemon_is_not_available": {db: "passwd", key: "1111", noDaemon: true, wantStatus: codeNotFound}, - "Error_when_getting_group_by_id_and_daemon_is_not_available": {db: "group", key: "11111", noDaemon: true, wantStatus: codeNotFound}, + "Error_when_getting_passwd_by_id_and_daemon_is_not_available": {getentDB: "passwd", key: "1111", noDaemon: true, wantStatus: codeNotFound}, + "Error_when_getting_group_by_id_and_daemon_is_not_available": {getentDB: "group", key: "11111", noDaemon: true, wantStatus: codeNotFound}, /* Special cases */ - "Do_not_query_the_cache_when_user_is_pam_unix_non_existent": {db: "passwd", key: "pam_unix_non_existent:", cacheDB: "pam_unix_non_existent", wantStatus: codeNotFound}, + "Do_not_query_the_db_when_user_is_pam_unix_non_existent": {getentDB: "passwd", key: "pam_unix_non_existent:", dbState: "pam_unix_non_existent", wantStatus: codeNotFound}, } for name, tc := range tests { t.Run(name, func(t *testing.T) { @@ -108,10 +108,10 @@ func TestIntegration(t *testing.T) { socketPath := defaultSocket var useAlternativeDaemon bool - if tc.cacheDB != "" || tc.currentUserNotRoot { + if tc.dbState != "" || tc.currentUserNotRoot { useAlternativeDaemon = true } else { - tc.cacheDB = defaultDbState + tc.dbState = defaultDbState } // We don't check compatibility of arguments, have noDaemon taking precedences to the others. @@ -132,7 +132,7 @@ func TestIntegration(t *testing.T) { env = append(env, "AUTHD_INTEGRATIONTESTS_CURRENT_USER_AS_ROOT=1") } socketPath, daemonStopped = testutils.RunDaemon(ctx, t, daemonPath, - testutils.WithPreviousDBState(tc.cacheDB), + testutils.WithPreviousDBState(tc.dbState), testutils.WithEnvironment(env...), ) t.Cleanup(func() { @@ -141,7 +141,7 @@ func TestIntegration(t *testing.T) { }) } - cmds := []string{tc.db} + cmds := []string{tc.getentDB} if tc.key != "" { cmds = append(cmds, tc.key) } @@ -149,7 +149,7 @@ func TestIntegration(t *testing.T) { got, status := getentOutputForLib(t, libPath, socketPath, rustCovEnv, tc.shouldPreCheck, cmds...) require.Equal(t, tc.wantStatus, status, "Expected status %d, but got %d", tc.wantStatus, status) - if tc.shouldPreCheck && tc.db == "passwd" { + if tc.shouldPreCheck && tc.getentDB == "passwd" { // When pre-checking, the `getent passwd` output contains a randomly generated UID. // To make the test deterministic, we replace the UID with a placeholder. // The output looks something like this: diff --git a/nss/integration-tests/testdata/golden/TestIntegration/Check_user_with_broker_if_not_found_in_cache b/nss/integration-tests/testdata/golden/TestIntegration/Check_user_with_broker_if_not_found_in_db similarity index 100% rename from nss/integration-tests/testdata/golden/TestIntegration/Check_user_with_broker_if_not_found_in_cache rename to nss/integration-tests/testdata/golden/TestIntegration/Check_user_with_broker_if_not_found_in_db