From 1155c2fee4c197bfc295f761d52f9b748c37ad79 Mon Sep 17 00:00:00 2001
From: Sebastien Buisson <sbuisson@ddn.com>
Date: Wed, 26 Jun 2019 00:36:48 +0900
Subject: [PATCH] LU-12472 tests: update sanity-krb5.sh

With current Lustre version, some behaviors have changed.

When a user tries to access Lustre without valid Kerberos credentials,
access is denied, and the key generated in the user's session keyring
is marked as revoked. This key must be unlinked so that further
access with valid Kerberos credentials regenerates a new, valid key in
the user's session keyring.

When Kerberos credentials presented by the user cannot be validated
on server side because the lsvcgssd daemon is down, client's request
immediately fails instead of being blocked until lsvcgssd daemon
is up and runnning again.

*gssd daemon is automatically started in the background, no need for a
'&' on the command line.

Test-Parameters: trivial
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I1b929ac593fd427c199cffa02d364b40426d32bf
Reviewed-on: https://review.whamcloud.com/35317
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: James Nunez <jnunez@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
---
 lustre/tests/sanity-krb5.sh | 18 ++++++------------
 1 file changed, 6 insertions(+), 12 deletions(-)

diff --git a/lustre/tests/sanity-krb5.sh b/lustre/tests/sanity-krb5.sh
index d38ad00..6c8d079 100755
--- a/lustre/tests/sanity-krb5.sh
+++ b/lustre/tests/sanity-krb5.sh
@@ -118,6 +118,7 @@ stop_dbench()
 }
 
 restore_krb5_cred() {
+	keyctl reap
 	cp $KRB5_CRED_SAVE $KRB5_CRED
 	chown $RUNAS_ID:$RUNAS_ID $KRB5_CRED
 	chmod 0600 $KRB5_CRED
@@ -129,7 +130,7 @@ check_multiple_gss_daemons() {
 	local gssd_name=$(basename $gssd)
 
 	for ((i = 0; i < 10; i++)); do
-		do_facet $facet "$gssd -v &"
+		do_facet $facet "$gssd -v"
 	done
 
 	# wait daemons entering "stable" status
@@ -310,25 +311,18 @@ test_5() {
 
 	# flush context, and touch
 	$RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT"
-	$RUNAS touch $file2 &
-	TOUCHPID=$!
-
-	# wait certain time
-	echo "waiting $wait_time seconds for touch pid $TOUCHPID"
-	sleep $wait_time
-	num=$(ps --no-headers -p $TOUCHPID | wc -l)
-	[ $num -eq 1 ] || error "touch already ended ($num)"
-	echo "process $TOUCHPID still hanging there... OK"
+	$RUNAS touch $file2 && error 'should fail without lsvcgssd'
 
 	# restart lsvcgssd, expect touch suceed
 	echo "restart lsvcgssd and recovering"
 	start_gss_daemons $(comma_list $(mdts_nodes)) "$LSVCGSSD -v"
 	sleep 5
 	check_gss_daemon_nodes $(comma_list $(mdts_nodes)) lsvcgssd
-	wait $TOUCHPID || error "touch fail"
+	$RUNAS keyctl reap
+	$RUNAS touch $file2 || error 'should not fail now'
 	[ -f $file2 ] || error "$file2 not found"
 }
-run_test 5 "lsvcgssd dead, operations lead to recovery"
+run_test 5 "lsvcgssd dead, operations fail"
 
 test_6() {
 	local nfile=10
-- 
1.8.3.1