LU-12472 tests: update sanity-krb5.sh

With current Lustre version, some behaviors have changed.

When a user tries to access Lustre without valid Kerberos credentials,
access is denied, and the key generated in the user's session keyring
is marked as revoked. This key must be unlinked so that further
access with valid Kerberos credentials regenerates a new, valid key in
the user's session keyring.

When Kerberos credentials presented by the user cannot be validated
on server side because the lsvcgssd daemon is down, client's request
immediately fails instead of being blocked until lsvcgssd daemon
is up and runnning again.

*gssd daemon is automatically started in the background, no need for a
'&' on the command line.

Test-Parameters: trivial
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I1b929ac593fd427c199cffa02d364b40426d32bf
Reviewed-on: https://review.whamcloud.com/35317
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: James Nunez <jnunez@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>

diff --git a/lustre/tests/sanity-krb5.sh b/lustre/tests/sanity-krb5.sh
index d38ad00..6c8d079 100755 (executable)
--- a/lustre/tests/sanity-krb5.sh
+++ b/lustre/tests/sanity-krb5.sh
@@ -118,6 +118,7 @@ stop_dbench()
 }
 
 restore_krb5_cred() {
+       keyctl reap
        cp $KRB5_CRED_SAVE $KRB5_CRED
        chown $RUNAS_ID:$RUNAS_ID $KRB5_CRED
        chmod 0600 $KRB5_CRED
@@ -129,7 +130,7 @@ check_multiple_gss_daemons() {
        local gssd_name=$(basename $gssd)
 
        for ((i = 0; i < 10; i++)); do
-               do_facet $facet "$gssd -v &"
+               do_facet $facet "$gssd -v"
        done
 
        # wait daemons entering "stable" status
@@ -310,25 +311,18 @@ test_5() {
 
        # flush context, and touch
        $RUNAS $LFS flushctx $MOUNT || error "can't flush context on $MOUNT"
-       $RUNAS touch $file2 &
-       TOUCHPID=$!
-
-       # wait certain time
-       echo "waiting $wait_time seconds for touch pid $TOUCHPID"
-       sleep $wait_time
-       num=$(ps --no-headers -p $TOUCHPID | wc -l)
-       [ $num -eq 1 ] || error "touch already ended ($num)"
-       echo "process $TOUCHPID still hanging there... OK"
+       $RUNAS touch $file2 && error 'should fail without lsvcgssd'
 
        # restart lsvcgssd, expect touch suceed
        echo "restart lsvcgssd and recovering"
        start_gss_daemons $(comma_list $(mdts_nodes)) "$LSVCGSSD -v"
        sleep 5
        check_gss_daemon_nodes $(comma_list $(mdts_nodes)) lsvcgssd
-       wait $TOUCHPID || error "touch fail"
+       $RUNAS keyctl reap
+       $RUNAS touch $file2 || error 'should not fail now'
        [ -f $file2 ] || error "$file2 not found"
 }
-run_test 5 "lsvcgssd dead, operations lead to recovery"
+run_test 5 "lsvcgssd dead, operations fail"
 
 test_6() {
        local nfile=10