diff options
Diffstat (limited to 'nixpkgs/nixos/tests/sssd-ldap.nix')
| -rw-r--r-- | nixpkgs/nixos/tests/sssd-ldap.nix | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/nixpkgs/nixos/tests/sssd-ldap.nix b/nixpkgs/nixos/tests/sssd-ldap.nix new file mode 100644 index 00000000000..b68403a0102 --- /dev/null +++ b/nixpkgs/nixos/tests/sssd-ldap.nix @@ -0,0 +1,78 @@ +import ./make-test-python.nix ({ pkgs, ... }: + let + dbDomain = "example.org"; + dbSuffix = "dc=example,dc=org"; + + ldapRootUser = "admin"; + ldapRootPassword = "foobar"; + + testUser = "alice"; + in + { + name = "sssd-ldap"; + + meta = with pkgs.stdenv.lib.maintainers; { + maintainers = [ bbigras ]; + }; + + machine = { pkgs, ... }: { + services.openldap = { + enable = true; + rootdn = "cn=${ldapRootUser},${dbSuffix}"; + rootpw = ldapRootPassword; + suffix = dbSuffix; + declarativeContents = '' + dn: ${dbSuffix} + objectClass: top + objectClass: dcObject + objectClass: organization + o: ${dbDomain} + + dn: ou=posix,${dbSuffix} + objectClass: top + objectClass: organizationalUnit + + dn: ou=accounts,ou=posix,${dbSuffix} + objectClass: top + objectClass: organizationalUnit + + dn: uid=${testUser},ou=accounts,ou=posix,${dbSuffix} + objectClass: person + objectClass: posixAccount + # userPassword: somePasswordHash + homeDirectory: /home/${testUser} + uidNumber: 1234 + gidNumber: 1234 + cn: "" + sn: "" + ''; + }; + + services.sssd = { + enable = true; + config = '' + [sssd] + config_file_version = 2 + services = nss, pam, sudo + domains = ${dbDomain} + + [domain/${dbDomain}] + auth_provider = ldap + id_provider = ldap + ldap_uri = ldap://127.0.0.1:389 + ldap_search_base = ${dbSuffix} + ldap_default_bind_dn = cn=${ldapRootUser},${dbSuffix} + ldap_default_authtok_type = password + ldap_default_authtok = ${ldapRootPassword} + ''; + }; + }; + + testScript = '' + machine.start() + machine.wait_for_unit("openldap.service") + machine.wait_for_unit("sssd.service") + machine.succeed("getent passwd ${testUser}") + ''; + } +) |