2007-03-21 18:57:07 +03:00
#!/usr/bin/perl
# Bootstrap Samba and run a number of tests against it.
# Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
# Published under the GNU GPL, v3 or later.
2018-11-09 01:44:18 +03:00
# NOTE: Refer to the README for more details about the various testenvs,
# and tips about adding new testenvs.
2007-03-21 18:57:07 +03:00
package Samba3 ;
use strict ;
2007-04-18 04:12:39 +04:00
use Cwd qw( abs_path ) ;
2007-03-21 18:57:07 +03:00
use FindBin qw( $RealBin ) ;
2007-09-02 03:11:48 +04:00
use POSIX ;
2011-04-27 05:19:20 +04:00
use target::Samba ;
2017-06-22 15:17:07 +03:00
use File::Path 'remove_tree' ;
2007-03-21 18:57:07 +03:00
2012-02-14 02:04:16 +04:00
sub have_ads ($) {
2012-02-18 03:35:24 +04:00
my ( $ self ) = @ _ ;
2012-02-14 02:04:16 +04:00
my $ found_ads = 0 ;
2012-02-18 03:35:24 +04:00
my $ smbd_build_options = Samba:: bindir_path ( $ self , "smbd" ) . " -b|" ;
open ( IN , $ smbd_build_options ) or die ( "Unable to run $smbd_build_options: $!" ) ;
while ( <IN> ) {
if ( /WITH_ADS/ ) {
$ found_ads = 1 ;
}
}
close IN ;
2012-02-14 02:04:16 +04:00
# If we were not built with ADS support, pretend we were never even available
2013-07-03 23:49:43 +04:00
print "smbd does not have ADS support\n" unless $ found_ads ;
2012-02-14 02:04:16 +04:00
return $ found_ads ;
}
2013-11-18 17:54:26 +04:00
# return smb.conf parameters applicable to @path, based on the underlying
# filesystem type
sub get_fs_specific_conf ($$)
{
my ( $ self , $ path ) = @ _ ;
my $ mods = "" ;
my $ stat_out = `stat --file-system $path` or return "" ;
if ( $ stat_out =~ m/Type:\s+btrfs/ ) {
2017-05-17 13:54:15 +03:00
$ mods . = "streams_xattr btrfs" ;
2013-11-18 17:54:26 +04:00
}
if ( $ mods ) {
return "vfs objects = $mods" ;
}
return undef ;
}
2007-04-18 04:12:39 +04:00
sub new ($$) {
2015-06-05 03:22:45 +03:00
my ( $ classname , $ bindir , $ srcdir , $ server_maxtime ) = @ _ ;
2011-04-15 06:27:30 +04:00
my $ self = { vars = > { } ,
bindir = > $ bindir ,
srcdir = > $ srcdir ,
2011-04-19 07:50:40 +04:00
server_maxtime = > $ server_maxtime
2011-02-22 03:56:18 +03:00
} ;
2007-03-21 18:57:07 +03:00
bless $ self ;
return $ self ;
}
2007-04-18 04:12:39 +04:00
sub teardown_env ($$)
2007-03-21 18:57:07 +03:00
{
2007-04-18 04:12:39 +04:00
my ( $ self , $ envvars ) = @ _ ;
2012-03-02 11:20:45 +04:00
my $ count = 0 ;
2013-11-18 17:54:26 +04:00
2012-03-02 11:20:45 +04:00
# This should cause smbd to terminate gracefully
close ( $ envvars - > { STDIN_PIPE } ) ;
2007-03-21 18:57:07 +03:00
2012-03-04 11:34:34 +04:00
my $ smbdpid = $ envvars - > { SMBD_TL_PID } ;
my $ nmbdpid = $ envvars - > { NMBD_TL_PID } ;
my $ winbinddpid = $ envvars - > { WINBINDD_TL_PID } ;
# This should give it time to write out the gcov data
until ( $ count > 20 ) {
2012-03-05 04:12:00 +04:00
my $ smbdchild = Samba:: cleanup_child ( $ smbdpid , "smbd" ) ;
my $ nmbdchild = Samba:: cleanup_child ( $ nmbdpid , "nmbd" ) ;
my $ winbinddchild = Samba:: cleanup_child ( $ winbinddpid , "winbindd" ) ;
if ( $ smbdchild == - 1
&& $ nmbdchild == - 1
&& $ winbinddchild == - 1 ) {
2012-03-04 11:34:34 +04:00
last ;
}
2012-03-02 11:20:45 +04:00
sleep ( 1 ) ;
$ count + + ;
}
2012-03-04 11:34:34 +04:00
if ( $ count <= 20 && kill ( 0 , $ smbdpid , $ nmbdpid , $ winbinddpid ) == 0 ) {
2012-03-02 11:20:45 +04:00
return ;
}
2007-09-02 21:47:35 +04:00
$ self - > stop_sig_term ( $ smbdpid ) ;
$ self - > stop_sig_term ( $ nmbdpid ) ;
2009-01-28 19:28:51 +03:00
$ self - > stop_sig_term ( $ winbinddpid ) ;
2009-03-20 16:25:15 +03:00
2012-03-02 11:20:45 +04:00
$ count = 0 ;
2012-03-04 11:34:34 +04:00
until ( $ count > 10 ) {
2012-03-05 04:12:00 +04:00
my $ smbdchild = Samba:: cleanup_child ( $ smbdpid , "smbd" ) ;
my $ nmbdchild = Samba:: cleanup_child ( $ nmbdpid , "nmbd" ) ;
my $ winbinddchild = Samba:: cleanup_child ( $ winbinddpid , "winbindd" ) ;
if ( $ smbdchild == - 1
&& $ nmbdchild == - 1
&& $ winbinddchild == - 1 ) {
2012-03-04 11:34:34 +04:00
last ;
}
2012-03-02 11:20:45 +04:00
sleep ( 1 ) ;
$ count + + ;
}
2012-03-04 11:34:34 +04:00
if ( $ count <= 10 && kill ( 0 , $ smbdpid , $ nmbdpid , $ winbinddpid ) == 0 ) {
2012-03-02 11:20:45 +04:00
return ;
}
2009-03-20 16:25:15 +03:00
2012-03-02 11:20:45 +04:00
warn ( "timelimit process did not quit on SIGTERM, sending SIGKILL" ) ;
2007-09-02 21:47:35 +04:00
$ self - > stop_sig_kill ( $ smbdpid ) ;
$ self - > stop_sig_kill ( $ nmbdpid ) ;
2009-01-28 19:28:51 +03:00
$ self - > stop_sig_kill ( $ winbinddpid ) ;
2007-04-18 04:12:39 +04:00
return 0 ;
}
2007-09-02 03:11:48 +04:00
sub getlog_env_app ($$$)
{
my ( $ self , $ envvars , $ name ) = @ _ ;
my $ title = "$name LOG of: $envvars->{NETBIOSNAME}\n" ;
my $ out = $ title ;
open ( LOG , "<" . $ envvars - > { $ name . "_TEST_LOG" } ) ;
seek ( LOG , $ envvars - > { $ name . "_TEST_LOG_POS" } , SEEK_SET ) ;
while ( <LOG> ) {
$ out . = $ _ ;
}
$ envvars - > { $ name . "_TEST_LOG_POS" } = tell ( LOG ) ;
close ( LOG ) ;
return "" if $ out eq $ title ;
return $ out ;
}
2007-04-18 18:02:26 +04:00
sub getlog_env ($$)
{
my ( $ self , $ envvars ) = @ _ ;
2007-09-30 13:08:10 +04:00
my $ ret = "" ;
2007-04-18 18:02:26 +04:00
2007-09-30 13:08:10 +04:00
$ ret . = $ self - > getlog_env_app ( $ envvars , "SMBD" ) ;
$ ret . = $ self - > getlog_env_app ( $ envvars , "NMBD" ) ;
2009-01-28 19:28:51 +03:00
$ ret . = $ self - > getlog_env_app ( $ envvars , "WINBINDD" ) ;
2007-09-30 13:08:10 +04:00
return $ ret ;
2007-04-18 18:02:26 +04:00
}
2007-04-19 18:54:09 +04:00
sub check_env ($$)
{
my ( $ self , $ envvars ) = @ _ ;
2012-03-02 11:20:45 +04:00
my $ childpid = waitpid ( - 1 , WNOHANG ) ;
2007-04-19 18:54:09 +04:00
# TODO ...
return 1 ;
}
2018-02-21 03:33:49 +03:00
# Declare the environments Samba3 makes available.
# To be set up, they will be called as
# samba3->setup_$envname($self, $path, $dep_1_vars, $dep_2_vars, ...)
% Samba3:: ENV_DEPS = (
# name => [dep_1, dep_2, ...],
nt4_dc = > [] ,
nt4_dc_schannel = > [] ,
simpleserver = > [] ,
fileserver = > [] ,
maptoguest = > [] ,
ktest = > [] ,
nt4_member = > [ "nt4_dc" ] ,
ad_member = > [ "ad_dc" ] ,
ad_member_rfc2307 = > [ "ad_dc_ntvfs" ] ,
ad_member_idmap_rid = > [ "ad_dc" ] ,
2019-04-18 02:12:27 +03:00
ad_member_idmap_ad = > [ "fl2008r2dc" ] ,
2018-02-21 03:33:49 +03:00
) ;
2007-04-18 04:12:39 +04:00
2019-01-17 07:18:48 +03:00
% Samba3:: ENV_DEPS_POST = ( ) ;
2018-02-08 06:51:23 +03:00
sub setup_nt4_dc
2007-04-18 04:12:39 +04:00
{
my ( $ self , $ path ) = @ _ ;
2007-03-21 18:57:07 +03:00
2015-03-06 11:34:11 +03:00
print "PROVISIONING NT4 DC..." ;
2009-01-28 22:30:16 +03:00
2015-03-06 11:34:11 +03:00
my $ nt4_dc_options = "
2009-01-28 22:30:16 +03:00
domain master = yes
domain logons = yes
2009-05-08 02:18:28 +04:00
lanman auth = yes
2016-07-21 10:26:27 +03:00
ntlm auth = yes
2016-03-27 00:08:38 +03:00
raw NTLMv2 auth = yes
2017-12-13 15:09:47 +03:00
server schannel = auto
2012-03-06 15:04:55 +04:00
rpc_server:epmapper = external
rpc_server:spoolss = external
rpc_server:lsarpc = external
rpc_server:samr = external
rpc_server:netlogon = external
2012-03-07 14:39:14 +04:00
rpc_server:register_embedded_np = yes
2013-05-15 02:42:35 +04:00
rpc_server:FssagentRpc = external
2012-03-06 15:04:55 +04:00
rpc_daemon:epmd = fork
rpc_daemon:spoolssd = fork
rpc_daemon:lsasd = fork
2013-05-15 02:42:35 +04:00
rpc_daemon:fssd = fork
fss: sequence timeout = 1
2018-01-11 19:52:06 +03:00
check parent directory delete on close = yes
2009-01-28 22:30:16 +03:00
" ;
2017-06-10 13:29:47 +03:00
my $ vars = $ self - > provision ( $ path , "SAMBA-TEST" ,
2015-03-06 11:34:11 +03:00
"LOCALNT4DC2" ,
"localntdc2pass" ,
$ nt4_dc_options ) ;
2007-04-18 04:12:39 +04:00
2011-04-12 03:05:34 +04:00
$ vars or return undef ;
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ vars , "yes" , "yes" , "yes" ) ) {
2011-04-12 03:05:34 +04:00
return undef ;
}
2007-04-18 04:12:39 +04:00
2018-02-26 16:56:27 +03:00
$ vars - > { DOMSID } = $ vars - > { SAMSID } ;
2011-02-21 08:01:44 +03:00
$ vars - > { DC_SERVER } = $ vars - > { SERVER } ;
$ vars - > { DC_SERVER_IP } = $ vars - > { SERVER_IP } ;
2014-06-19 19:21:16 +04:00
$ vars - > { DC_SERVER_IPV6 } = $ vars - > { SERVER_IPV6 } ;
2011-02-21 08:01:44 +03:00
$ vars - > { DC_NETBIOSNAME } = $ vars - > { NETBIOSNAME } ;
$ vars - > { DC_USERNAME } = $ vars - > { USERNAME } ;
$ vars - > { DC_PASSWORD } = $ vars - > { PASSWORD } ;
2007-04-18 04:12:39 +04:00
return $ vars ;
}
2018-02-08 06:51:23 +03:00
sub setup_nt4_dc_schannel
2015-02-16 10:56:28 +03:00
{
my ( $ self , $ path ) = @ _ ;
2015-03-06 11:39:54 +03:00
print "PROVISIONING NT4 DC WITH SERVER SCHANNEL ..." ;
2015-02-16 10:56:28 +03:00
my $ pdc_options = "
domain master = yes
domain logons = yes
lanman auth = yes
rpc_server:epmapper = external
rpc_server:spoolss = external
rpc_server:lsarpc = external
rpc_server:samr = external
rpc_server:netlogon = external
rpc_server:register_embedded_np = yes
rpc_daemon:epmd = fork
rpc_daemon:spoolssd = fork
rpc_daemon:lsasd = fork
server schannel = yes
2017-06-26 13:10:40 +03:00
# used to reproduce bug #12772
server max protocol = SMB2_02
2015-02-16 10:56:28 +03:00
" ;
2017-06-10 13:29:47 +03:00
my $ vars = $ self - > provision ( $ path , "NT4SCHANNEL" ,
2015-03-06 11:39:54 +03:00
"LOCALNT4DC9" ,
"localntdc9pass" ,
2015-02-16 10:56:28 +03:00
$ pdc_options ) ;
$ vars or return undef ;
if ( not $ self - > check_or_start ( $ vars , "yes" , "yes" , "yes" ) ) {
return undef ;
}
2018-02-26 16:56:27 +03:00
$ vars - > { DOMSID } = $ vars - > { SAMSID } ;
2015-02-16 10:56:28 +03:00
$ vars - > { DC_SERVER } = $ vars - > { SERVER } ;
$ vars - > { DC_SERVER_IP } = $ vars - > { SERVER_IP } ;
$ vars - > { DC_SERVER_IPV6 } = $ vars - > { SERVER_IPV6 } ;
$ vars - > { DC_NETBIOSNAME } = $ vars - > { NETBIOSNAME } ;
$ vars - > { DC_USERNAME } = $ vars - > { USERNAME } ;
$ vars - > { DC_PASSWORD } = $ vars - > { PASSWORD } ;
return $ vars ;
}
2018-02-08 06:51:23 +03:00
sub setup_nt4_member
2009-01-28 23:01:04 +03:00
{
2015-03-06 11:34:11 +03:00
my ( $ self , $ prefix , $ nt4_dc_vars ) = @ _ ;
2014-09-09 11:47:05 +04:00
my $ count = 0 ;
my $ rc ;
2009-01-28 23:01:04 +03:00
print "PROVISIONING MEMBER..." ;
2016-01-16 12:20:32 +03:00
my $ require_mutexes = "dbwrap_tdb_require_mutexes:* = yes" ;
$ require_mutexes = "" if ( $ ENV { SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT } eq "1" ) ;
2009-01-28 23:01:04 +03:00
my $ member_options = "
security = domain
2013-05-13 13:14:26 +04:00
dbwrap_tdb_mutexes: * = yes
2016-01-16 12:20:32 +03:00
$ { require_mutexes }
2009-01-28 23:01:04 +03:00
" ;
2017-06-10 13:29:47 +03:00
my $ ret = $ self - > provision ( $ prefix , $ nt4_dc_vars - > { DOMAIN } ,
2015-03-06 12:01:33 +03:00
"LOCALNT4MEMBER3" ,
"localnt4member3pass" ,
2009-01-28 23:01:04 +03:00
$ member_options ) ;
2011-04-12 03:05:34 +04:00
$ ret or return undef ;
2009-01-28 23:01:04 +03:00
2014-09-09 11:47:05 +04:00
my $ nmblookup = Samba:: bindir_path ( $ self , "nmblookup" ) ;
do {
print "Waiting for the LOGON SERVER registration ...\n" ;
$ rc = system ( "$nmblookup $ret->{CONFIGURATION} $ret->{DOMAIN}\#1c" ) ;
if ( $ rc != 0 ) {
sleep ( 1 ) ;
}
$ count + + ;
} while ( $ rc != 0 && $ count < 10 ) ;
if ( $ count == 10 ) {
print "NMBD not reachable after 10 retries\n" ;
teardown_env ( $ self , $ ret ) ;
return 0 ;
}
2011-04-27 05:19:20 +04:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2009-01-28 23:01:04 +03:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
2016-03-22 16:09:08 +03:00
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
2018-01-06 14:27:27 +03:00
$ cmd . = "$net rpc join $ret->{CONFIGURATION} $nt4_dc_vars->{DOMAIN} member" ;
2015-03-06 11:34:11 +03:00
$ cmd . = " -U$nt4_dc_vars->{USERNAME}\%$nt4_dc_vars->{PASSWORD}" ;
2009-01-28 23:01:04 +03:00
2011-04-27 16:18:18 +04:00
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
2009-01-28 23:01:04 +03:00
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2017-06-22 16:30:56 +03:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
$ cmd . = "$net $ret->{CONFIGURATION} primarytrust dumpinfo | grep -q 'REDACTED SECRET VALUES'" ;
if ( system ( $ cmd ) != 0 ) {
warn ( "check failed\n$cmd" ) ;
return undef ;
}
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ ret , "yes" , "yes" , "yes" ) ) {
2011-04-12 03:05:34 +04:00
return undef ;
}
2009-01-28 23:01:04 +03:00
2018-02-26 16:56:27 +03:00
$ ret - > { DOMSID } = $ nt4_dc_vars - > { DOMSID } ;
2015-03-06 11:34:11 +03:00
$ ret - > { DC_SERVER } = $ nt4_dc_vars - > { SERVER } ;
$ ret - > { DC_SERVER_IP } = $ nt4_dc_vars - > { SERVER_IP } ;
$ ret - > { DC_SERVER_IPV6 } = $ nt4_dc_vars - > { SERVER_IPV6 } ;
$ ret - > { DC_NETBIOSNAME } = $ nt4_dc_vars - > { NETBIOSNAME } ;
$ ret - > { DC_USERNAME } = $ nt4_dc_vars - > { USERNAME } ;
$ ret - > { DC_PASSWORD } = $ nt4_dc_vars - > { PASSWORD } ;
2009-01-28 23:01:04 +03:00
return $ ret ;
}
2018-02-21 03:33:49 +03:00
sub setup_ad_member
2011-04-19 10:38:46 +04:00
{
2012-03-02 04:44:56 +04:00
my ( $ self , $ prefix , $ dcvars ) = @ _ ;
2011-04-19 10:38:46 +04:00
2016-09-25 19:42:17 +03:00
my $ prefix_abs = abs_path ( $ prefix ) ;
my @ dirs = ( ) ;
2012-02-14 02:04:16 +04:00
# If we didn't build with ADS, pretend this env was never available
if ( not $ self - > have_ads ( ) ) {
return "UNKNOWN" ;
}
2012-03-02 04:44:56 +04:00
print "PROVISIONING S3 AD MEMBER..." ;
2011-04-19 10:38:46 +04:00
2016-09-25 19:42:17 +03:00
mkdir ( $ prefix_abs , 0777 ) ;
my $ share_dir = "$prefix_abs/share" ;
push ( @ dirs , $ share_dir ) ;
2017-06-09 15:53:40 +03:00
my $ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}" ;
2016-09-25 19:42:17 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/U_alice" ;
2016-09-25 19:42:17 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/U_alice/G_domain users" ;
2016-09-25 19:42:17 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-03-15 14:37:08 +03:00
# Using '/' as the winbind separator is a bad idea ...
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/u_$dcvars->{DOMAIN}" ;
2017-03-15 14:37:08 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/u_$dcvars->{DOMAIN}/alice" ;
2017-03-15 14:37:08 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/u_$dcvars->{DOMAIN}/alice/g_$dcvars->{DOMAIN}" ;
2017-03-15 14:37:08 +03:00
push ( @ dirs , $ substitution_path ) ;
2017-06-09 15:53:40 +03:00
$ substitution_path = "$share_dir/D_$dcvars->{DOMAIN}/u_$dcvars->{DOMAIN}/alice/g_$dcvars->{DOMAIN}/domain users" ;
2017-03-15 14:37:08 +03:00
push ( @ dirs , $ substitution_path ) ;
2011-04-19 10:38:46 +04:00
my $ member_options = "
security = ads
workgroup = $ dcvars - > { DOMAIN }
realm = $ dcvars - > { REALM }
2016-06-18 20:30:46 +03:00
netbios aliases = foo bar
2017-03-17 12:04:19 +03:00
template homedir = /home/ % D /%G/ % U
2019-01-21 23:16:05 +03:00
auth event notification = true
password server = $ dcvars - > { SERVER }
2016-09-25 19:42:17 +03:00
2017-03-15 14:37:08 +03:00
[ sub_dug ]
2016-09-25 19:42:17 +03:00
path = $ share_dir /D_%D/ U_ % U / G_ % G
writeable = yes
2017-03-15 14:37:08 +03:00
[ sub_dug2 ]
path = $ share_dir /D_%D/ u_ % u / g_ % g
writeable = yes
2011-04-19 10:38:46 +04:00
" ;
2017-06-10 13:29:47 +03:00
my $ ret = $ self - > provision ( $ prefix , $ dcvars - > { DOMAIN } ,
2012-03-02 04:44:56 +04:00
"LOCALADMEMBER" ,
"loCalMemberPass" ,
2014-09-04 16:33:05 +04:00
$ member_options ,
$ dcvars - > { SERVER_IP } ,
$ dcvars - > { SERVER_IPV6 } ) ;
2011-04-19 10:38:46 +04:00
$ ret or return undef ;
2016-09-25 19:42:17 +03:00
mkdir ( $ _ , 0777 ) foreach ( @ dirs ) ;
2011-04-19 10:38:46 +04:00
close ( USERMAP ) ;
$ ret - > { DOMAIN } = $ dcvars - > { DOMAIN } ;
$ ret - > { REALM } = $ dcvars - > { REALM } ;
2018-02-26 16:56:27 +03:00
$ ret - > { DOMSID } = $ dcvars - > { DOMSID } ;
2011-04-19 10:38:46 +04:00
my $ ctx ;
$ ctx = { } ;
$ ctx - > { krb5_conf } = "$prefix_abs/lib/krb5.conf" ;
$ ctx - > { domain } = $ dcvars - > { DOMAIN } ;
$ ctx - > { realm } = $ dcvars - > { REALM } ;
$ ctx - > { dnsname } = lc ( $ dcvars - > { REALM } ) ;
$ ctx - > { kdc_ipv4 } = $ dcvars - > { SERVER_IP } ;
2014-09-04 16:33:05 +04:00
$ ctx - > { kdc_ipv6 } = $ dcvars - > { SERVER_IPV6 } ;
2016-09-22 19:46:28 +03:00
$ ctx - > { krb5_ccname } = "$prefix_abs/krb5cc_%{uid}" ;
2011-08-26 10:02:01 +04:00
Samba:: mk_krb5_conf ( $ ctx , "" ) ;
2011-04-19 10:38:46 +04:00
$ ret - > { KRB5_CONFIG } = $ ctx - > { krb5_conf } ;
2019-01-02 23:24:34 +03:00
$ ret - > { RESOLV_CONF } = $ dcvars - > { RESOLV_CONF } ;
2011-04-19 10:38:46 +04:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2011-04-19 10:38:46 +04:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
2014-09-04 16:33:05 +04:00
if ( defined ( $ ret - > { RESOLV_WRAPPER_CONF } ) ) {
$ cmd . = "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" " ;
} else {
$ cmd . = "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" " ;
}
2011-04-19 10:38:46 +04:00
$ cmd . = "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" " ;
2016-03-22 16:09:08 +03:00
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
2013-02-21 23:33:23 +04:00
$ cmd . = "$net join $ret->{CONFIGURATION}" ;
$ cmd . = " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}" ;
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
# We need world access to this share, as otherwise the domain
# administrator from the AD domain provided by Samba4 can't
# access the share for tests.
chmod 0777 , "$prefix/share" ;
if ( not $ self - > check_or_start ( $ ret , "yes" , "yes" , "yes" ) ) {
return undef ;
}
$ ret - > { DC_SERVER } = $ dcvars - > { SERVER } ;
$ ret - > { DC_SERVER_IP } = $ dcvars - > { SERVER_IP } ;
2014-06-19 19:21:16 +04:00
$ ret - > { DC_SERVER_IPV6 } = $ dcvars - > { SERVER_IPV6 } ;
2019-01-21 23:16:05 +03:00
$ ret - > { DC_SERVERCONFFILE } = $ dcvars - > { SERVERCONFFILE } ;
2013-02-21 23:33:23 +04:00
$ ret - > { DC_NETBIOSNAME } = $ dcvars - > { NETBIOSNAME } ;
$ ret - > { DC_USERNAME } = $ dcvars - > { USERNAME } ;
$ ret - > { DC_PASSWORD } = $ dcvars - > { PASSWORD } ;
return $ ret ;
}
2018-02-21 03:33:49 +03:00
sub setup_ad_member_rfc2307
2013-02-21 23:33:23 +04:00
{
my ( $ self , $ prefix , $ dcvars ) = @ _ ;
# If we didn't build with ADS, pretend this env was never available
if ( not $ self - > have_ads ( ) ) {
return "UNKNOWN" ;
}
print "PROVISIONING S3 AD MEMBER WITH idmap_rfc2307 config..." ;
my $ member_options = "
security = ads
workgroup = $ dcvars - > { DOMAIN }
realm = $ dcvars - > { REALM }
2017-04-04 18:15:10 +03:00
idmap cache time = 0
idmap negative cache time = 0
2016-06-24 19:33:01 +03:00
idmap config * : backend = autorid
idmap config * : range = 1000000 - 1999999
idmap config * : rangesize = 100000
2013-02-21 23:33:23 +04:00
idmap config $ dcvars - > { DOMAIN } : backend = rfc2307
idmap config $ dcvars - > { DOMAIN } : range = 2000000 - 2999999
idmap config $ dcvars - > { DOMAIN } : ldap_server = ad
idmap config $ dcvars - > { DOMAIN } : bind_path_user = ou = idmap , dc = samba , dc = example , dc = com
idmap config $ dcvars - > { DOMAIN } : bind_path_group = ou = idmap , dc = samba , dc = example , dc = com
2017-07-01 12:44:38 +03:00
password server = $ dcvars - > { SERVER }
2013-02-21 23:33:23 +04:00
" ;
2017-06-10 13:29:47 +03:00
my $ ret = $ self - > provision ( $ prefix , $ dcvars - > { DOMAIN } ,
2013-02-21 23:33:23 +04:00
"RFC2307MEMBER" ,
"loCalMemberPass" ,
2014-09-04 16:33:05 +04:00
$ member_options ,
$ dcvars - > { SERVER_IP } ,
$ dcvars - > { SERVER_IPV6 } ) ;
2013-02-21 23:33:23 +04:00
$ ret or return undef ;
close ( USERMAP ) ;
$ ret - > { DOMAIN } = $ dcvars - > { DOMAIN } ;
$ ret - > { REALM } = $ dcvars - > { REALM } ;
2018-02-26 16:56:27 +03:00
$ ret - > { DOMSID } = $ dcvars - > { DOMSID } ;
2017-04-05 14:27:14 +03:00
my $ ctx ;
my $ prefix_abs = abs_path ( $ prefix ) ;
$ ctx = { } ;
$ ctx - > { krb5_conf } = "$prefix_abs/lib/krb5.conf" ;
$ ctx - > { domain } = $ dcvars - > { DOMAIN } ;
$ ctx - > { realm } = $ dcvars - > { REALM } ;
$ ctx - > { dnsname } = lc ( $ dcvars - > { REALM } ) ;
$ ctx - > { kdc_ipv4 } = $ dcvars - > { SERVER_IP } ;
$ ctx - > { kdc_ipv6 } = $ dcvars - > { SERVER_IPV6 } ;
$ ctx - > { krb5_ccname } = "$prefix_abs/krb5cc_%{uid}" ;
Samba:: mk_krb5_conf ( $ ctx , "" ) ;
$ ret - > { KRB5_CONFIG } = $ ctx - > { krb5_conf } ;
2019-01-02 23:24:34 +03:00
$ ret - > { RESOLV_CONF } = $ dcvars - > { RESOLV_CONF } ;
2017-04-05 14:27:14 +03:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2017-04-05 14:27:14 +03:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
if ( defined ( $ ret - > { RESOLV_WRAPPER_CONF } ) ) {
$ cmd . = "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" " ;
} else {
$ cmd . = "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" " ;
}
$ cmd . = "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" " ;
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
$ cmd . = "$net join $ret->{CONFIGURATION}" ;
$ cmd . = " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}" ;
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
# We need world access to this share, as otherwise the domain
# administrator from the AD domain provided by Samba4 can't
# access the share for tests.
chmod 0777 , "$prefix/share" ;
if ( not $ self - > check_or_start ( $ ret , "yes" , "yes" , "yes" ) ) {
return undef ;
}
$ ret - > { DC_SERVER } = $ dcvars - > { SERVER } ;
$ ret - > { DC_SERVER_IP } = $ dcvars - > { SERVER_IP } ;
$ ret - > { DC_SERVER_IPV6 } = $ dcvars - > { SERVER_IPV6 } ;
$ ret - > { DC_NETBIOSNAME } = $ dcvars - > { NETBIOSNAME } ;
$ ret - > { DC_USERNAME } = $ dcvars - > { USERNAME } ;
$ ret - > { DC_PASSWORD } = $ dcvars - > { PASSWORD } ;
return $ ret ;
}
2018-02-08 06:51:23 +03:00
sub setup_ad_member_idmap_rid
2017-04-05 14:27:14 +03:00
{
my ( $ self , $ prefix , $ dcvars ) = @ _ ;
# If we didn't build with ADS, pretend this env was never available
if ( not $ self - > have_ads ( ) ) {
return "UNKNOWN" ;
}
print "PROVISIONING S3 AD MEMBER WITH idmap_rid config..." ;
my $ member_options = "
security = ads
workgroup = $ dcvars - > { DOMAIN }
realm = $ dcvars - > { REALM }
idmap config * : backend = tdb
idmap config * : range = 1000000 - 1999999
idmap config $ dcvars - > { DOMAIN } : backend = rid
idmap config $ dcvars - > { DOMAIN } : range = 2000000 - 2999999
2018-12-11 18:43:13 +03:00
# Prevent overridding the provisioned lib/krb5.conf which sets certain
# values required for tests to succeed
create krb5 conf = no
2019-05-16 13:43:40 +03:00
map to guest = bad user
2017-04-05 14:27:14 +03:00
" ;
2017-06-10 13:29:47 +03:00
my $ ret = $ self - > provision ( $ prefix , $ dcvars - > { DOMAIN } ,
2017-04-05 14:27:14 +03:00
"IDMAPRIDMEMBER" ,
"loCalMemberPass" ,
$ member_options ,
$ dcvars - > { SERVER_IP } ,
$ dcvars - > { SERVER_IPV6 } ) ;
2017-07-10 17:19:18 +03:00
$ ret or return undef ;
close ( USERMAP ) ;
$ ret - > { DOMAIN } = $ dcvars - > { DOMAIN } ;
$ ret - > { REALM } = $ dcvars - > { REALM } ;
2018-02-26 16:56:27 +03:00
$ ret - > { DOMSID } = $ dcvars - > { DOMSID } ;
2017-07-10 17:19:18 +03:00
my $ ctx ;
my $ prefix_abs = abs_path ( $ prefix ) ;
$ ctx = { } ;
$ ctx - > { krb5_conf } = "$prefix_abs/lib/krb5.conf" ;
$ ctx - > { domain } = $ dcvars - > { DOMAIN } ;
$ ctx - > { realm } = $ dcvars - > { REALM } ;
$ ctx - > { dnsname } = lc ( $ dcvars - > { REALM } ) ;
$ ctx - > { kdc_ipv4 } = $ dcvars - > { SERVER_IP } ;
$ ctx - > { kdc_ipv6 } = $ dcvars - > { SERVER_IPV6 } ;
$ ctx - > { krb5_ccname } = "$prefix_abs/krb5cc_%{uid}" ;
Samba:: mk_krb5_conf ( $ ctx , "" ) ;
$ ret - > { KRB5_CONFIG } = $ ctx - > { krb5_conf } ;
2019-01-02 23:24:34 +03:00
$ ret - > { RESOLV_CONF } = $ dcvars - > { RESOLV_CONF } ;
2017-07-10 17:19:18 +03:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2017-07-10 17:19:18 +03:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
if ( defined ( $ ret - > { RESOLV_WRAPPER_CONF } ) ) {
$ cmd . = "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" " ;
} else {
$ cmd . = "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" " ;
}
$ cmd . = "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" " ;
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
$ cmd . = "$net join $ret->{CONFIGURATION}" ;
$ cmd . = " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}" ;
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
# We need world access to this share, as otherwise the domain
# administrator from the AD domain provided by Samba4 can't
# access the share for tests.
chmod 0777 , "$prefix/share" ;
if ( not $ self - > check_or_start ( $ ret , "yes" , "yes" , "yes" ) ) {
return undef ;
}
$ ret - > { DC_SERVER } = $ dcvars - > { SERVER } ;
$ ret - > { DC_SERVER_IP } = $ dcvars - > { SERVER_IP } ;
$ ret - > { DC_SERVER_IPV6 } = $ dcvars - > { SERVER_IPV6 } ;
$ ret - > { DC_NETBIOSNAME } = $ dcvars - > { NETBIOSNAME } ;
$ ret - > { DC_USERNAME } = $ dcvars - > { USERNAME } ;
$ ret - > { DC_PASSWORD } = $ dcvars - > { PASSWORD } ;
return $ ret ;
}
2018-02-08 06:51:23 +03:00
sub setup_ad_member_idmap_ad
2017-07-10 17:19:18 +03:00
{
my ( $ self , $ prefix , $ dcvars ) = @ _ ;
# If we didn't build with ADS, pretend this env was never available
if ( not $ self - > have_ads ( ) ) {
return "UNKNOWN" ;
}
print "PROVISIONING S3 AD MEMBER WITH idmap_ad config..." ;
my $ member_options = "
security = ads
workgroup = $ dcvars - > { DOMAIN }
realm = $ dcvars - > { REALM }
password server = $ dcvars - > { SERVER }
idmap config * : backend = tdb
idmap config * : range = 1000000 - 1999999
idmap config $ dcvars - > { DOMAIN } : backend = ad
idmap config $ dcvars - > { DOMAIN } : range = 2000000 - 2999999
2019-04-23 02:07:02 +03:00
idmap config $ dcvars - > { TRUST_DOMAIN } : backend = ad
idmap config $ dcvars - > { TRUST_DOMAIN } : range = 2000000 - 2999999
2017-07-10 17:19:18 +03:00
" ;
my $ ret = $ self - > provision ( $ prefix , $ dcvars - > { DOMAIN } ,
"IDMAPADMEMBER" ,
"loCalMemberPass" ,
$ member_options ,
$ dcvars - > { SERVER_IP } ,
$ dcvars - > { SERVER_IPV6 } ) ;
2017-04-05 14:27:14 +03:00
$ ret or return undef ;
close ( USERMAP ) ;
$ ret - > { DOMAIN } = $ dcvars - > { DOMAIN } ;
$ ret - > { REALM } = $ dcvars - > { REALM } ;
2018-02-26 16:56:27 +03:00
$ ret - > { DOMSID } = $ dcvars - > { DOMSID } ;
2013-02-21 23:33:23 +04:00
my $ ctx ;
my $ prefix_abs = abs_path ( $ prefix ) ;
$ ctx = { } ;
$ ctx - > { krb5_conf } = "$prefix_abs/lib/krb5.conf" ;
$ ctx - > { domain } = $ dcvars - > { DOMAIN } ;
$ ctx - > { realm } = $ dcvars - > { REALM } ;
$ ctx - > { dnsname } = lc ( $ dcvars - > { REALM } ) ;
$ ctx - > { kdc_ipv4 } = $ dcvars - > { SERVER_IP } ;
2014-09-04 16:33:05 +04:00
$ ctx - > { kdc_ipv6 } = $ dcvars - > { SERVER_IPV6 } ;
2016-09-22 19:46:28 +03:00
$ ctx - > { krb5_ccname } = "$prefix_abs/krb5cc_%{uid}" ;
2013-02-21 23:33:23 +04:00
Samba:: mk_krb5_conf ( $ ctx , "" ) ;
$ ret - > { KRB5_CONFIG } = $ ctx - > { krb5_conf } ;
2019-01-02 23:24:34 +03:00
$ ret - > { RESOLV_CONF } = $ dcvars - > { RESOLV_CONF } ;
2013-02-21 23:33:23 +04:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
2018-08-31 11:22:54 +03:00
# Add hosts file for name lookups
my $ cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' " ;
2013-02-21 23:33:23 +04:00
$ cmd . = "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" " ;
2014-09-04 16:33:05 +04:00
if ( defined ( $ ret - > { RESOLV_WRAPPER_CONF } ) ) {
$ cmd . = "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" " ;
} else {
$ cmd . = "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" " ;
}
2013-02-21 23:33:23 +04:00
$ cmd . = "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" " ;
2016-03-22 16:09:08 +03:00
$ cmd . = "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" " ;
2011-04-19 10:38:46 +04:00
$ cmd . = "$net join $ret->{CONFIGURATION}" ;
$ cmd . = " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}" ;
2011-04-27 16:18:18 +04:00
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
2011-04-19 10:38:46 +04:00
2011-04-29 09:54:20 +04:00
# We need world access to this share, as otherwise the domain
# administrator from the AD domain provided by Samba4 can't
# access the share for tests.
chmod 0777 , "$prefix/share" ;
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ ret , "yes" , "yes" , "yes" ) ) {
return undef ;
}
2011-04-19 10:38:46 +04:00
$ ret - > { DC_SERVER } = $ dcvars - > { SERVER } ;
$ ret - > { DC_SERVER_IP } = $ dcvars - > { SERVER_IP } ;
2014-06-19 19:21:16 +04:00
$ ret - > { DC_SERVER_IPV6 } = $ dcvars - > { SERVER_IPV6 } ;
2011-04-19 10:38:46 +04:00
$ ret - > { DC_NETBIOSNAME } = $ dcvars - > { NETBIOSNAME } ;
$ ret - > { DC_USERNAME } = $ dcvars - > { USERNAME } ;
$ ret - > { DC_PASSWORD } = $ dcvars - > { PASSWORD } ;
2019-04-18 23:04:09 +03:00
$ ret - > { TRUST_SERVER } = $ dcvars - > { TRUST_SERVER } ;
$ ret - > { TRUST_USERNAME } = $ dcvars - > { TRUST_USERNAME } ;
$ ret - > { TRUST_PASSWORD } = $ dcvars - > { TRUST_PASSWORD } ;
$ ret - > { TRUST_DOMAIN } = $ dcvars - > { TRUST_DOMAIN } ;
$ ret - > { TRUST_REALM } = $ dcvars - > { TRUST_REALM } ;
$ ret - > { TRUST_DOMSID } = $ dcvars - > { TRUST_DOMSID } ;
2011-04-19 10:38:46 +04:00
return $ ret ;
}
2018-02-08 06:51:23 +03:00
sub setup_simpleserver
2011-02-18 10:52:00 +03:00
{
my ( $ self , $ path ) = @ _ ;
2015-05-15 10:43:29 +03:00
print "PROVISIONING simple server..." ;
2011-02-18 10:52:00 +03:00
2012-08-21 13:22:54 +04:00
my $ prefix_abs = abs_path ( $ path ) ;
2012-09-26 04:40:17 +04:00
my $ simpleserver_options = "
2011-02-18 10:52:00 +03:00
lanman auth = yes
2016-07-21 10:26:27 +03:00
ntlm auth = yes
2018-08-10 20:38:28 +03:00
vfs objects = xattr_tdb streams_depot
2015-08-12 12:35:27 +03:00
change notify = no
2017-01-17 19:23:51 +03:00
smb encrypt = off
2012-08-21 13:22:54 +04:00
2018-04-20 12:27:30 +03:00
[ vfs_aio_pthread ]
path = $ prefix_abs / share
read only = no
vfs objects = aio_pthread
aio_pthread:aio open = yes
2018-07-26 19:11:22 +03:00
smbd:async dosmode = no
2018-04-20 12:27:30 +03:00
2018-07-26 19:13:44 +03:00
[ vfs_aio_pthread_async_dosmode_default1 ]
path = $ prefix_abs / share
read only = no
vfs objects = aio_pthread
store dos attributes = yes
aio_pthread:aio open = yes
smbd:async dosmode = yes
[ vfs_aio_pthread_async_dosmode_default2 ]
path = $ prefix_abs / share
read only = no
vfs objects = aio_pthread xattr_tdb
store dos attributes = yes
aio_pthread:aio open = yes
smbd:async dosmode = yes
[ vfs_aio_pthread_async_dosmode_force_sync1 ]
path = $ prefix_abs / share
read only = no
vfs objects = aio_pthread
store dos attributes = yes
aio_pthread:aio open = yes
smbd:async dosmode = yes
# This simulates non linux systems
smbd:force sync user path safe threadpool = yes
smbd:force sync user chdir safe threadpool = yes
smbd:force sync root path safe threadpool = yes
smbd:force sync root chdir safe threadpool = yes
[ vfs_aio_pthread_async_dosmode_force_sync2 ]
path = $ prefix_abs / share
read only = no
vfs objects = aio_pthread xattr_tdb
store dos attributes = yes
aio_pthread:aio open = yes
smbd:async dosmode = yes
# This simulates non linux systems
smbd:force sync user path safe threadpool = yes
smbd:force sync user chdir safe threadpool = yes
smbd:force sync root path safe threadpool = yes
smbd:force sync root chdir safe threadpool = yes
2012-08-21 13:22:54 +04:00
[ vfs_aio_fork ]
path = $ prefix_abs / share
2013-05-22 10:13:21 +04:00
vfs objects = aio_fork
2012-08-21 13:22:54 +04:00
read only = no
vfs_aio_fork:erratic_testing_mode = yes
2016-06-23 20:13:05 +03:00
[ dosmode ]
path = $ prefix_abs / share
vfs objects =
store dos attributes = yes
hide files = /hidefile/
hide dot files = yes
2017-01-17 19:23:51 +03:00
[ enc_desired ]
path = $ prefix_abs / share
vfs objects =
smb encrypt = desired
2018-11-08 15:27:58 +03:00
[ hidenewfiles ]
path = $ prefix_abs / share
hide new files timeout = 5
2011-02-18 10:52:00 +03:00
" ;
2017-06-10 13:29:47 +03:00
my $ vars = $ self - > provision ( $ path , "WORKGROUP" ,
2011-02-18 10:52:00 +03:00
"LOCALSHARE4" ,
"local4pass" ,
2012-09-26 04:40:17 +04:00
$ simpleserver_options ) ;
2011-02-18 10:52:00 +03:00
2011-04-12 03:05:34 +04:00
$ vars or return undef ;
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ vars , "yes" , "no" , "yes" ) ) {
2011-04-12 03:05:34 +04:00
return undef ;
}
2011-02-18 10:52:00 +03:00
return $ vars ;
}
2018-02-08 06:51:23 +03:00
sub setup_fileserver
2015-05-15 10:43:29 +03:00
{
my ( $ self , $ path ) = @ _ ;
my $ prefix_abs = abs_path ( $ path ) ;
2015-07-14 17:30:35 +03:00
my $ srcdir_abs = abs_path ( $ self - > { srcdir } ) ;
2015-05-15 10:43:29 +03:00
print "PROVISIONING file server ...\n" ;
my @ dirs = ( ) ;
mkdir ( $ prefix_abs , 0777 ) ;
2017-06-22 15:17:07 +03:00
my $ usershare_dir = "$prefix_abs/lib/usershare" ;
mkdir ( "$prefix_abs/lib" , 0755 ) ;
remove_tree ( $ usershare_dir ) ;
mkdir ( $ usershare_dir , 01770 ) ;
2015-05-15 10:43:29 +03:00
my $ share_dir = "$prefix_abs/share" ;
# Create share directory structure
my $ lower_case_share_dir = "$share_dir/lower-case" ;
push ( @ dirs , $ lower_case_share_dir ) ;
my $ lower_case_share_dir_30000 = "$share_dir/lower-case-30000" ;
push ( @ dirs , $ lower_case_share_dir_30000 ) ;
2015-07-14 17:30:35 +03:00
my $ dfree_share_dir = "$share_dir/dfree" ;
push ( @ dirs , $ dfree_share_dir ) ;
2016-01-06 01:12:36 +03:00
push ( @ dirs , "$dfree_share_dir/subdir1" ) ;
push ( @ dirs , "$dfree_share_dir/subdir2" ) ;
2016-08-11 23:54:22 +03:00
push ( @ dirs , "$dfree_share_dir/subdir3" ) ;
2015-07-14 17:30:35 +03:00
2017-03-21 11:29:59 +03:00
my $ quotadir_dir = "$share_dir/quota" ;
push ( @ dirs , $ quotadir_dir ) ;
2015-07-28 21:28:20 +03:00
my $ valid_users_sharedir = "$share_dir/valid_users" ;
push ( @ dirs , $ valid_users_sharedir ) ;
2015-11-04 13:06:03 +03:00
my $ offline_sharedir = "$share_dir/offline" ;
push ( @ dirs , $ offline_sharedir ) ;
2015-12-04 16:50:56 +03:00
my $ force_user_valid_users_dir = "$share_dir/force_user_valid_users" ;
push ( @ dirs , $ force_user_valid_users_dir ) ;
2016-02-06 12:30:29 +03:00
my $ smbget_sharedir = "$share_dir/smbget" ;
push ( @ dirs , $ smbget_sharedir ) ;
2017-06-27 00:18:30 +03:00
my $ tarmode_sharedir = "$share_dir/tarmode" ;
push ( @ dirs , $ tarmode_sharedir ) ;
2017-06-22 15:17:07 +03:00
my $ usershare_sharedir = "$share_dir/usershares" ;
push ( @ dirs , $ usershare_sharedir ) ;
2015-05-15 10:43:29 +03:00
my $ fileserver_options = "
2017-07-13 17:01:53 +03:00
kernel change notify = yes
2017-06-22 15:17:07 +03:00
usershare path = $ usershare_dir
usershare max shares = 10
usershare allow guests = yes
usershare prefix allow list = $ usershare_sharedir
2017-03-21 11:29:59 +03:00
get quota command = $ prefix_abs / getset_quota . py
set quota command = $ prefix_abs / getset_quota . py
2015-05-15 10:43:29 +03:00
[ lowercase ]
path = $ lower_case_share_dir
comment = smb username is [ % U ]
case sensitive = True
default case = lower
preserve case = no
short preserve case = no
[ lowercase - 30000 ]
path = $ lower_case_share_dir_30000
comment = smb username is [ % U ]
case sensitive = True
default case = lower
preserve case = no
short preserve case = no
2015-07-14 17:30:35 +03:00
[ dfree ]
path = $ dfree_share_dir
comment = smb username is [ % U ]
dfree command = $ srcdir_abs /testprogs/ blackbox / dfree . sh
2015-07-28 21:28:20 +03:00
[ valid - users - access ]
path = $ valid_users_sharedir
2015-10-14 21:20:08 +03:00
valid users = + userdup
2015-11-04 13:06:03 +03:00
[ offline ]
path = $ offline_sharedir
vfs objects = offline
2015-12-04 16:50:56 +03:00
# BUG: https://bugzilla.samba.org/show_bug.cgi?id=9878
# RH BUG: https://bugzilla.redhat.com/show_bug.cgi?id=1077651
[ force_user_valid_users ]
path = $ force_user_valid_users_dir
comment = force user with valid users combination test share
valid users = + force_user
force user = force_user
force group = everyone
write list = force_user
2016-02-06 12:30:29 +03:00
[ smbget ]
path = $ smbget_sharedir
comment = smb username is [ % U ]
guest ok = yes
2016-03-22 00:13:25 +03:00
[ ign_sysacls ]
path = $ share_dir
comment = ignore system acls
acl_xattr:ignore system acls = yes
2016-08-10 04:58:45 +03:00
[ inherit_owner ]
path = $ share_dir
comment = inherit owner
inherit owner = yes
2016-08-10 05:00:23 +03:00
[ inherit_owner_u ]
path = $ share_dir
comment = inherit only unix owner
inherit owner = unix only
acl_xattr:ignore system acls = yes
2019-01-24 21:15:56 +03:00
# BUG: https://bugzilla.samba.org/show_bug.cgi?id=13690
[ force_group_test ]
path = $ share_dir
comment = force group test
# force group = everyone
2018-11-16 17:40:59 +03:00
[ homes ]
comment = Home directories
browseable = No
read only = No
2016-02-06 12:30:29 +03:00
" ;
2015-05-15 10:43:29 +03:00
2017-06-10 13:29:47 +03:00
my $ vars = $ self - > provision ( $ path , "WORKGROUP" ,
2015-05-15 10:43:29 +03:00
"FILESERVER" ,
2015-07-28 21:28:20 +03:00
"fileserver" ,
2015-05-15 10:43:29 +03:00
$ fileserver_options ,
undef ,
undef ,
1 ) ;
$ vars or return undef ;
if ( not $ self - > check_or_start ( $ vars , "yes" , "no" , "yes" ) ) {
return undef ;
}
mkdir ( $ _ , 0777 ) foreach ( @ dirs ) ;
## Create case sensitive lower case share dir
foreach my $ file ( 'a' .. 'z' ) {
my $ full_path = $ lower_case_share_dir . '/' . $ file ;
open my $ fh , '>' , $ full_path ;
# Add some content to file
print $ fh $ full_path ;
close $ fh ;
}
for ( my $ file = 1 ; $ file < 51 ; + + $ file ) {
my $ full_path = $ lower_case_share_dir . '/' . $ file ;
open my $ fh , '>' , $ full_path ;
# Add some content to file
print $ fh $ full_path ;
close $ fh ;
}
# Create content for 30000 share
foreach my $ file ( 'a' .. 'z' ) {
my $ full_path = $ lower_case_share_dir_30000 . '/' . $ file ;
open my $ fh , '>' , $ full_path ;
# Add some content to file
print $ fh $ full_path ;
close $ fh ;
}
for ( my $ file = 1 ; $ file < 30001 ; + + $ file ) {
my $ full_path = $ lower_case_share_dir_30000 . '/' . $ file ;
open my $ fh , '>' , $ full_path ;
# Add some content to file
print $ fh $ full_path ;
close $ fh ;
}
2015-07-28 21:28:20 +03:00
##
## create a listable file in valid_users_share
##
my $ valid_users_target = "$valid_users_sharedir/foo" ;
unless ( open ( VALID_USERS_TARGET , ">$valid_users_target" ) ) {
warn ( "Unable to open $valid_users_target" ) ;
return undef ;
}
close ( VALID_USERS_TARGET ) ;
chmod 0644 , $ valid_users_target ;
2015-05-15 10:43:29 +03:00
return $ vars ;
}
2018-02-08 06:51:23 +03:00
sub setup_ktest
2011-04-04 13:13:17 +04:00
{
2011-04-19 10:38:46 +04:00
my ( $ self , $ prefix ) = @ _ ;
2011-04-04 13:13:17 +04:00
2012-02-14 02:04:16 +04:00
# If we didn't build with ADS, pretend this env was never available
if ( not $ self - > have_ads ( ) ) {
return "UNKNOWN" ;
}
2011-04-04 13:13:17 +04:00
print "PROVISIONING server with security=ads..." ;
my $ ktest_options = "
workgroup = KTEST
realm = ktest . samba . example . com
security = ads
username map = $ prefix /lib/ username . map
2012-02-14 12:22:14 +04:00
server signing = required
2017-01-25 23:15:44 +03:00
server min protocol = SMB3_00
client max protocol = SMB3
2017-07-04 04:40:31 +03:00
# This disables NTLM auth against the local SAM, which
# we use can then test this setting by.
ntlm auth = disabled
2011-04-04 13:13:17 +04:00
" ;
2017-06-10 13:29:47 +03:00
my $ ret = $ self - > provision ( $ prefix , "KTEST" ,
2011-04-04 13:13:17 +04:00
"LOCALKTEST6" ,
"localktest6pass" ,
$ ktest_options ) ;
2011-04-12 03:05:34 +04:00
$ ret or return undef ;
2011-04-04 13:13:17 +04:00
2011-04-19 10:38:46 +04:00
my $ ctx ;
my $ prefix_abs = abs_path ( $ prefix ) ;
$ ctx = { } ;
$ ctx - > { krb5_conf } = "$prefix_abs/lib/krb5.conf" ;
$ ctx - > { domain } = "KTEST" ;
$ ctx - > { realm } = "KTEST.SAMBA.EXAMPLE.COM" ;
$ ctx - > { dnsname } = lc ( $ ctx - > { realm } ) ;
$ ctx - > { kdc_ipv4 } = "0.0.0.0" ;
2014-09-04 16:33:05 +04:00
$ ctx - > { kdc_ipv6 } = "::" ;
2016-09-22 19:46:28 +03:00
$ ctx - > { krb5_ccname } = "$prefix_abs/krb5cc_%{uid}" ;
2011-08-26 10:02:01 +04:00
Samba:: mk_krb5_conf ( $ ctx , "" ) ;
2011-04-19 10:38:46 +04:00
$ ret - > { KRB5_CONFIG } = $ ctx - > { krb5_conf } ;
2011-04-04 13:13:17 +04:00
open ( USERMAP , ">$prefix/lib/username.map" ) or die ( "Unable to open $prefix/lib/username.map" ) ;
print USERMAP "
$ ret - > { USERNAME } = KTEST \ \ Administrator
" ;
close ( USERMAP ) ;
#This is the secrets.tdb created by 'net ads join' from Samba3 to a
#Samba4 DC with the same parameters as are being used here. The
#domain SID is S-1-5-21-1071277805-689288055-3486227160
2018-02-26 16:56:27 +03:00
$ ret - > { SAMSID } = "S-1-5-21-1911091480-1468226576-2729736297" ;
$ ret - > { DOMSID } = "S-1-5-21-1071277805-689288055-3486227160" ;
2011-04-04 13:13:17 +04:00
2011-12-10 18:31:46 +04:00
system ( "cp $self->{srcdir}/source3/selftest/ktest-secrets.tdb $prefix/private/secrets.tdb" ) ;
2011-04-04 13:13:17 +04:00
chmod 0600 , "$prefix/private/secrets.tdb" ;
2015-03-12 16:25:38 +03:00
#Make sure there's no old ntdb file.
system ( "rm -f $prefix/private/secrets.ntdb" ) ;
2011-04-04 13:13:17 +04:00
#This uses a pre-calculated krb5 credentials cache, obtained by running Samba4 with:
# "--option=kdc:service ticket lifetime=239232" "--option=kdc:user ticket lifetime=239232" "--option=kdc:renewal lifetime=239232"
#
#and having in krb5.conf:
# ticket_lifetime = 799718400
# renew_lifetime = 799718400
#
2011-04-06 03:12:15 +04:00
# The commands for the -2 keytab where were:
2011-04-04 13:13:17 +04:00
# kinit administrator@KTEST.SAMBA.EXAMPLE.COM
# kvno host/localktest6@KTEST.SAMBA.EXAMPLE.COM
# kvno cifs/localktest6@KTEST.SAMBA.EXAMPLE.COM
# kvno host/LOCALKTEST6@KTEST.SAMBA.EXAMPLE.COM
# kvno cifs/LOCALKTEST6@KTEST.SAMBA.EXAMPLE.COM
#
2011-04-06 03:12:15 +04:00
# and then for the -3 keytab, I did
#
# net changetrustpw; kdestroy and the same again.
#
# This creates a credential cache with a very long lifetime (2036 at
# at 2011-04), and shows that running 'net changetrustpw' does not
# break existing logins (for the secrets.tdb method at least).
#
2011-04-04 13:13:17 +04:00
$ ret - > { KRB5_CCACHE } = "FILE:$prefix/krb5_ccache" ;
2011-04-06 03:12:15 +04:00
system ( "cp $self->{srcdir}/source3/selftest/ktest-krb5_ccache-2 $prefix/krb5_ccache-2" ) ;
chmod 0600 , "$prefix/krb5_ccache-2" ;
system ( "cp $self->{srcdir}/source3/selftest/ktest-krb5_ccache-3 $prefix/krb5_ccache-3" ) ;
chmod 0600 , "$prefix/krb5_ccache-3" ;
2011-04-04 13:13:17 +04:00
2012-01-27 08:20:17 +04:00
# We need world access to this share, as otherwise the domain
# administrator from the AD domain provided by ktest can't
# access the share for tests.
chmod 0777 , "$prefix/share" ;
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ ret , "yes" , "no" , "yes" ) ) {
2011-04-12 03:05:34 +04:00
return undef ;
}
2011-04-04 13:13:17 +04:00
return $ ret ;
}
2018-02-08 06:51:23 +03:00
sub setup_maptoguest
2011-07-22 07:00:21 +04:00
{
my ( $ self , $ path ) = @ _ ;
print "PROVISIONING maptoguest..." ;
my $ options = "
map to guest = bad user
2016-07-21 10:26:27 +03:00
ntlm auth = yes
2011-07-22 07:00:21 +04:00
" ;
2017-06-10 13:29:47 +03:00
my $ vars = $ self - > provision ( $ path , "WORKGROUP" ,
2011-07-22 07:00:21 +04:00
"maptoguest" ,
"maptoguestpass" ,
$ options ) ;
$ vars or return undef ;
2012-11-23 03:02:33 +04:00
if ( not $ self - > check_or_start ( $ vars , "yes" , "no" , "yes" ) ) {
2011-07-22 07:00:21 +04:00
return undef ;
}
return $ vars ;
}
2007-09-02 21:47:35 +04:00
sub stop_sig_term ($$) {
my ( $ self , $ pid ) = @ _ ;
kill ( "USR1" , $ pid ) or kill ( "ALRM" , $ pid ) or warn ( "Unable to kill $pid: $!" ) ;
}
sub stop_sig_kill ($$) {
my ( $ self , $ pid ) = @ _ ;
2009-03-20 16:25:15 +03:00
kill ( "ALRM" , $ pid ) or warn ( "Unable to kill $pid: $!" ) ;
2007-09-02 21:47:35 +04:00
}
2007-04-18 04:12:39 +04:00
2007-09-02 21:47:35 +04:00
sub write_pid ($$$)
{
my ( $ env_vars , $ app , $ pid ) = @ _ ;
2007-04-18 04:12:39 +04:00
2007-09-02 21:47:35 +04:00
open ( PID , ">$env_vars->{PIDDIR}/timelimit.$app.pid" ) ;
print PID $ pid ;
close ( PID ) ;
2007-04-18 04:12:39 +04:00
}
2007-09-02 21:47:35 +04:00
sub read_pid ($$)
{
my ( $ env_vars , $ app ) = @ _ ;
open ( PID , "<$env_vars->{PIDDIR}/timelimit.$app.pid" ) ;
my $ pid = <PID> ;
close ( PID ) ;
return $ pid ;
2007-04-18 04:12:39 +04:00
}
2019-05-23 03:37:04 +03:00
# builds up the cmd args to run an s3 binary (i.e. smbd, nmbd, etc)
sub make_bin_cmd
{
my ( $ self , $ binary , $ env_vars , $ options , $ valgrind , $ dont_log_stdout ) = @ _ ;
2012-01-03 09:48:29 +04:00
2019-05-23 03:12:44 +03:00
my @ optargs = ( "-d0" ) ;
2019-05-23 03:37:04 +03:00
if ( defined ( $ options ) ) {
@ optargs = split ( / / , $ options ) ;
2019-05-23 03:12:44 +03:00
}
my @ preargs = ( Samba:: bindir_path ( $ self , "timelimit" ) , $ self - > { server_maxtime } ) ;
2019-05-23 03:37:04 +03:00
if ( defined ( $ valgrind ) ) {
@ preargs = split ( / / , $ valgrind ) ;
2019-05-23 03:12:44 +03:00
}
my @ args = ( "-F" , "--no-process-group" ,
"-s" , $ env_vars - > { SERVERCONFFILE } ,
"-l" , $ env_vars - > { LOGDIR } ) ;
2019-05-23 03:37:04 +03:00
if ( not defined ( $ dont_log_stdout ) ) {
2019-05-23 03:12:44 +03:00
push ( @ args , "--log-stdout" ) ;
}
2019-05-23 03:37:04 +03:00
return ( @ preargs , $ binary , @ args , @ optargs ) ;
}
sub check_or_start ($$$$$) {
my ( $ self , $ env_vars , $ nmbd , $ winbindd , $ smbd ) = @ _ ;
2019-05-23 07:35:07 +03:00
my $ STDIN_READER ;
2019-05-23 03:37:04 +03:00
# use a pipe for stdin in the child processes. This allows
# those processes to monitor the pipe for EOF to ensure they
# exit when the test script exits
2019-05-23 07:35:07 +03:00
pipe ( $ STDIN_READER , $ env_vars - > { STDIN_PIPE } ) ;
2019-05-23 03:37:04 +03:00
my $ binary = Samba:: bindir_path ( $ self , "nmbd" ) ;
my @ full_cmd = $ self - > make_bin_cmd ( $ binary , $ env_vars ,
$ ENV { NMBD_OPTIONS } , $ ENV { NMBD_VALGRIND } ,
$ ENV { NMBD_DONT_LOG_STDOUT } ) ;
2019-05-23 06:47:46 +03:00
my $ nmbd_envs = Samba:: get_env_for_process ( "nmbd" , $ env_vars ) ;
delete $ nmbd_envs - > { RESOLV_WRAPPER_CONF } ;
delete $ nmbd_envs - > { RESOLV_WRAPPER_HOSTS } ;
2019-05-23 07:35:07 +03:00
# fork and exec() nmbd in the child process
2019-05-23 07:58:20 +03:00
my $ daemon_ctx = {
2019-05-23 04:45:49 +03:00
NAME = > "nmbd" ,
BINARY_PATH = > $ binary ,
FULL_CMD = > [ @ full_cmd ] ,
LOG_FILE = > $ env_vars - > { NMBD_TEST_LOG } ,
2019-05-23 06:47:46 +03:00
ENV_VARS = > $ nmbd_envs ,
2019-05-23 07:58:20 +03:00
} ;
2019-05-23 04:45:49 +03:00
if ( $ nmbd ne "yes" ) {
2019-05-23 07:58:20 +03:00
$ daemon_ctx - > { SKIP_DAEMON } = 1 ;
2019-05-23 04:45:49 +03:00
}
2019-05-23 07:58:20 +03:00
my $ pid = Samba:: fork_and_exec ( $ self , $ env_vars , $ daemon_ctx , $ STDIN_READER ) ;
2019-05-23 03:12:44 +03:00
2012-03-04 11:34:34 +04:00
$ env_vars - > { NMBD_TL_PID } = $ pid ;
2007-09-02 21:47:35 +04:00
write_pid ( $ env_vars , "nmbd" , $ pid ) ;
2007-03-21 18:57:07 +03:00
2019-05-23 03:12:44 +03:00
$ binary = Samba:: bindir_path ( $ self , "winbindd" ) ;
2019-05-23 03:37:04 +03:00
@ full_cmd = $ self - > make_bin_cmd ( $ binary , $ env_vars ,
$ ENV { WINBINDD_OPTIONS } , $ ENV { WINBINDD_VALGRIND } , "N/A" ) ;
2019-05-23 03:12:44 +03:00
if ( not defined ( $ ENV { WINBINDD_DONT_LOG_STDOUT } ) ) {
2019-05-23 03:37:04 +03:00
push ( @ full_cmd , "--stdout" ) ;
2019-05-23 03:12:44 +03:00
}
2019-05-23 07:35:07 +03:00
# fork and exec() winbindd in the child process
2019-05-23 07:58:20 +03:00
$ daemon_ctx = {
2019-05-23 04:45:49 +03:00
NAME = > "winbindd" ,
BINARY_PATH = > $ binary ,
FULL_CMD = > [ @ full_cmd ] ,
LOG_FILE = > $ env_vars - > { WINBINDD_TEST_LOG } ,
2019-05-23 07:58:20 +03:00
} ;
2019-05-23 04:45:49 +03:00
if ( $ winbindd ne "yes" ) {
2019-05-23 07:58:20 +03:00
$ daemon_ctx - > { SKIP_DAEMON } = 1 ;
2019-05-23 04:45:49 +03:00
}
2019-05-23 07:58:20 +03:00
my $ pid = Samba:: fork_and_exec ( $ self , $ env_vars , $ daemon_ctx , $ STDIN_READER ) ;
2019-05-23 03:12:44 +03:00
2012-03-04 11:34:34 +04:00
$ env_vars - > { WINBINDD_TL_PID } = $ pid ;
2009-01-28 11:35:44 +03:00
write_pid ( $ env_vars , "winbindd" , $ pid ) ;
2007-09-30 13:08:10 +04:00
2019-05-23 03:12:44 +03:00
$ binary = Samba:: bindir_path ( $ self , "smbd" ) ;
2019-05-23 03:37:04 +03:00
@ full_cmd = $ self - > make_bin_cmd ( $ binary , $ env_vars ,
$ ENV { SMBD_OPTIONS } , $ ENV { SMBD_VALGRIND } ,
$ ENV { SMBD_DONT_LOG_STDOUT } ) ;
2019-05-23 07:35:07 +03:00
# fork and exec() smbd in the child process
2019-05-23 07:58:20 +03:00
$ daemon_ctx = {
2019-05-23 04:45:49 +03:00
NAME = > "smbd" ,
BINARY_PATH = > $ binary ,
FULL_CMD = > [ @ full_cmd ] ,
LOG_FILE = > $ env_vars - > { SMBD_TEST_LOG } ,
2019-05-23 07:58:20 +03:00
} ;
2019-05-23 04:45:49 +03:00
if ( $ smbd ne "yes" ) {
2019-05-23 07:58:20 +03:00
$ daemon_ctx - > { SKIP_DAEMON } = 1 ;
2019-05-23 04:45:49 +03:00
}
2019-05-23 03:12:44 +03:00
2019-05-23 07:58:20 +03:00
my $ pid = Samba:: fork_and_exec ( $ self , $ env_vars , $ daemon_ctx , $ STDIN_READER ) ;
2012-01-03 09:48:29 +04:00
2012-03-04 11:34:34 +04:00
$ env_vars - > { SMBD_TL_PID } = $ pid ;
2007-09-02 21:47:35 +04:00
write_pid ( $ env_vars , "smbd" , $ pid ) ;
2007-03-21 18:57:07 +03:00
2019-05-23 07:35:07 +03:00
# close the parent's read-end of the pipe
2012-01-03 09:48:29 +04:00
close ( STDIN_READER ) ;
2012-11-23 03:09:43 +04:00
return $ self - > wait_for_start ( $ env_vars , $ nmbd , $ winbindd , $ smbd ) ;
2007-03-21 18:57:07 +03:00
}
2017-12-08 05:20:36 +03:00
sub createuser ($$$$$)
2016-02-18 02:48:04 +03:00
{
2017-12-08 05:20:36 +03:00
my ( $ self , $ username , $ password , $ conffile , $ env ) = @ _ ;
2016-02-18 02:48:04 +03:00
my $ cmd = "UID_WRAPPER_ROOT=1 " . Samba:: bindir_path ( $ self , "smbpasswd" ) . " -c $conffile -L -s -a $username > /dev/null" ;
2017-12-08 05:20:36 +03:00
keys %$ env ;
while ( my ( $ var , $ val ) = each %$ env ) {
$ cmd = "$var=\"$val\" $cmd" ;
}
2016-02-18 02:48:04 +03:00
unless ( open ( PWD , "|$cmd" ) ) {
warn ( "Unable to set password for $username account\n$cmd" ) ;
return undef ;
}
print PWD "$password\n$password\n" ;
unless ( close ( PWD ) ) {
warn ( "Unable to set password for $username account\n$cmd" ) ;
return undef ;
}
}
2017-06-10 13:29:47 +03:00
sub provision ($$$$$$$$$)
2007-03-21 18:57:07 +03:00
{
2017-06-10 13:29:47 +03:00
my ( $ self , $ prefix , $ domain , $ server , $ password , $ extra_options , $ dc_server_ip , $ dc_server_ipv6 , $ no_delete_prefix ) = @ _ ;
2007-04-18 04:12:39 +04:00
##
## setup the various environment variables we need
##
2018-02-26 16:56:27 +03:00
my $ samsid = Samba:: random_domain_sid ( ) ;
2012-03-02 04:44:56 +04:00
my $ swiface = Samba:: get_interface ( $ server ) ;
2007-03-21 18:57:07 +03:00
my % ret = ( ) ;
2017-12-08 05:20:36 +03:00
my % createuser_env = ( ) ;
2019-02-19 06:18:11 +03:00
my $ server_ip = Samba:: get_ipv4_addr ( $ server ) ;
my $ server_ipv6 = Samba:: get_ipv6_addr ( $ server ) ;
2007-09-30 13:08:10 +04:00
2009-01-28 19:28:51 +03:00
my $ unix_name = ( $ ENV { USER } or $ ENV { LOGNAME } or `PATH=/usr/ucb:$ENV{PATH} whoami` ) ;
chomp $ unix_name ;
my $ unix_uid = $> ;
my $ unix_gids_str = $ ) ;
my @ unix_gids = split ( " " , $ unix_gids_str ) ;
2007-03-21 18:57:07 +03:00
2007-04-18 04:12:39 +04:00
my $ prefix_abs = abs_path ( $ prefix ) ;
2009-01-28 19:28:51 +03:00
my $ bindir_abs = abs_path ( $ self - > { bindir } ) ;
2007-09-30 13:08:10 +04:00
my @ dirs = ( ) ;
my $ shrdir = "$prefix_abs/share" ;
push ( @ dirs , $ shrdir ) ;
2007-04-18 04:12:39 +04:00
my $ libdir = "$prefix_abs/lib" ;
2007-09-30 13:08:10 +04:00
push ( @ dirs , $ libdir ) ;
2007-04-18 04:12:39 +04:00
my $ piddir = "$prefix_abs/pid" ;
2007-09-30 13:08:10 +04:00
push ( @ dirs , $ piddir ) ;
2007-04-18 04:12:39 +04:00
my $ privatedir = "$prefix_abs/private" ;
2007-09-30 13:08:10 +04:00
push ( @ dirs , $ privatedir ) ;
2017-08-22 18:10:01 +03:00
my $ binddnsdir = "$prefix_abs/bind-dns" ;
push ( @ dirs , $ binddnsdir ) ;
2007-04-18 04:12:39 +04:00
my $ lockdir = "$prefix_abs/lockdir" ;
2007-09-30 13:08:10 +04:00
push ( @ dirs , $ lockdir ) ;
2010-03-18 00:55:00 +03:00
my $ eventlogdir = "$prefix_abs/lockdir/eventlog" ;
push ( @ dirs , $ eventlogdir ) ;
2007-04-18 04:12:39 +04:00
my $ logdir = "$prefix_abs/logs" ;
2007-09-30 13:08:10 +04:00
push ( @ dirs , $ logdir ) ;
2010-04-23 15:51:02 +04:00
my $ driver32dir = "$shrdir/W32X86" ;
push ( @ dirs , $ driver32dir ) ;
my $ driver64dir = "$shrdir/x64" ;
push ( @ dirs , $ driver64dir ) ;
2010-11-29 17:17:41 +03:00
my $ driver40dir = "$shrdir/WIN40" ;
push ( @ dirs , $ driver40dir ) ;
2010-05-29 02:09:14 +04:00
my $ ro_shrdir = "$shrdir/root-tmp" ;
push ( @ dirs , $ ro_shrdir ) ;
my $ msdfs_shrdir = "$shrdir/msdfsshare" ;
push ( @ dirs , $ msdfs_shrdir ) ;
my $ msdfs_deeppath = "$msdfs_shrdir/deeppath" ;
push ( @ dirs , $ msdfs_deeppath ) ;
2014-08-28 00:15:29 +04:00
my $ badnames_shrdir = "$shrdir/badnames" ;
push ( @ dirs , $ badnames_shrdir ) ;
2014-11-18 01:17:34 +03:00
my $ lease1_shrdir = "$shrdir/SMB2_10" ;
push ( @ dirs , $ lease1_shrdir ) ;
my $ lease2_shrdir = "$shrdir/SMB3_00" ;
push ( @ dirs , $ lease2_shrdir ) ;
2015-05-02 07:08:21 +03:00
my $ manglenames_shrdir = "$shrdir/manglenames" ;
push ( @ dirs , $ manglenames_shrdir ) ;
2015-07-09 23:57:58 +03:00
my $ widelinks_shrdir = "$shrdir/widelinks" ;
push ( @ dirs , $ widelinks_shrdir ) ;
my $ widelinks_linkdir = "$shrdir/widelinks_foo" ;
push ( @ dirs , $ widelinks_linkdir ) ;
2015-10-29 23:24:30 +03:00
my $ shadow_tstdir = "$shrdir/shadow" ;
push ( @ dirs , $ shadow_tstdir ) ;
my $ shadow_mntdir = "$shadow_tstdir/mount" ;
push ( @ dirs , $ shadow_mntdir ) ;
my $ shadow_basedir = "$shadow_mntdir/base" ;
push ( @ dirs , $ shadow_basedir ) ;
my $ shadow_shrdir = "$shadow_basedir/share" ;
push ( @ dirs , $ shadow_shrdir ) ;
2017-03-27 21:48:25 +03:00
my $ nosymlinks_shrdir = "$shrdir/nosymlinks" ;
push ( @ dirs , $ nosymlinks_shrdir ) ;
2017-06-23 21:12:22 +03:00
my $ local_symlinks_shrdir = "$shrdir/local_symlinks" ;
push ( @ dirs , $ local_symlinks_shrdir ) ;
2007-09-30 13:08:10 +04:00
# this gets autocreated by winbindd
my $ wbsockdir = "$prefix_abs/winbindd" ;
2007-03-21 18:57:07 +03:00
2011-01-08 08:28:45 +03:00
my $ nmbdsockdir = "$prefix_abs/nmbd" ;
2011-01-11 01:24:51 +03:00
unlink ( $ nmbdsockdir ) ;
2011-01-08 08:28:45 +03:00
2007-04-18 04:12:39 +04:00
##
## create the test directory layout
##
2009-02-04 13:26:46 +03:00
die ( "prefix_abs = ''" ) if $ prefix_abs eq "" ;
die ( "prefix_abs = '/'" ) if $ prefix_abs eq "/" ;
2007-04-20 15:40:44 +04:00
mkdir ( $ prefix_abs , 0777 ) ;
2007-04-18 04:12:39 +04:00
print "CREATE TEST ENVIRONMENT IN '$prefix'..." ;
2011-05-08 12:32:01 +04:00
if ( not defined ( $ no_delete_prefix ) or not $ no_delete_prefix ) {
system ( "rm -rf $prefix_abs/*" ) ;
}
2007-09-30 13:08:10 +04:00
mkdir ( $ _ , 0777 ) foreach ( @ dirs ) ;
2014-07-22 02:31:16 +04:00
my $ fs_specific_conf = $ self - > get_fs_specific_conf ( $ shrdir ) ;
2012-12-22 03:16:10 +04:00
##
## lockdir and piddir must be 0755
##
chmod 0755 , $ lockdir ;
chmod 0755 , $ piddir ;
2010-05-29 02:09:14 +04:00
##
## create ro and msdfs share layout
##
2010-05-29 02:38:21 +04:00
chmod 0755 , $ ro_shrdir ;
2010-05-29 02:09:14 +04:00
my $ unreadable_file = "$ro_shrdir/unreadable_file" ;
2011-05-08 08:54:50 +04:00
unless ( open ( UNREADABLE_FILE , ">$unreadable_file" ) ) {
warn ( "Unable to open $unreadable_file" ) ;
return undef ;
}
2010-05-29 02:09:14 +04:00
close ( UNREADABLE_FILE ) ;
2010-05-29 02:38:21 +04:00
chmod 0600 , $ unreadable_file ;
2010-05-29 02:09:14 +04:00
my $ msdfs_target = "$ro_shrdir/msdfs-target" ;
2011-05-08 08:54:50 +04:00
unless ( open ( MSDFS_TARGET , ">$msdfs_target" ) ) {
warn ( "Unable to open $msdfs_target" ) ;
return undef ;
}
2010-05-29 02:09:14 +04:00
close ( MSDFS_TARGET ) ;
2010-05-29 02:38:21 +04:00
chmod 0666 , $ msdfs_target ;
2015-02-27 17:52:47 +03:00
symlink "msdfs:$server_ip\\ro-tmp,$server_ipv6\\ro-tmp" ,
"$msdfs_shrdir/msdfs-src1" ;
2014-06-19 19:21:16 +04:00
symlink "msdfs:$server_ipv6\\ro-tmp" , "$msdfs_shrdir/deeppath/msdfs-src2" ;
2010-05-29 02:09:14 +04:00
2014-08-28 00:15:29 +04:00
##
## create bad names in $badnames_shrdir
##
## (An invalid name, would be mangled to 8.3).
my $ badname_target = "$badnames_shrdir/\340|\231\216\377\177" ;
unless ( open ( BADNAME_TARGET , ">$badname_target" ) ) {
warn ( "Unable to open $badname_target" ) ;
return undef ;
}
close ( BADNAME_TARGET ) ;
chmod 0666 , $ badname_target ;
## (A bad name, would not be mangled to 8.3).
my $ badname_target = "$badnames_shrdir/\240\276\346\327\377\177" ;
unless ( open ( BADNAME_TARGET , ">$badname_target" ) ) {
warn ( "Unable to open $badname_target" ) ;
return undef ;
}
close ( BADNAME_TARGET ) ;
chmod 0666 , $ badname_target ;
## (A bad good name).
my $ badname_target = "$badnames_shrdir/blank.txt" ;
unless ( open ( BADNAME_TARGET , ">$badname_target" ) ) {
warn ( "Unable to open $badname_target" ) ;
return undef ;
}
close ( BADNAME_TARGET ) ;
chmod 0666 , $ badname_target ;
2015-05-02 07:08:21 +03:00
##
## create mangleable directory names in $manglenames_shrdir
##
my $ manglename_target = "$manglenames_shrdir/foo:bar" ;
mkdir ( $ manglename_target , 0777 ) ;
2015-07-09 23:57:58 +03:00
##
## create symlinks for widelinks tests.
##
my $ widelinks_target = "$widelinks_linkdir/target" ;
unless ( open ( WIDELINKS_TARGET , ">$widelinks_target" ) ) {
warn ( "Unable to open $widelinks_target" ) ;
return undef ;
}
close ( WIDELINKS_TARGET ) ;
chmod 0666 , $ widelinks_target ;
##
## This link should get ACCESS_DENIED
##
symlink "$widelinks_target" , "$widelinks_shrdir/source" ;
##
## This link should be allowed
##
symlink "$widelinks_shrdir" , "$widelinks_shrdir/dot" ;
2007-09-30 13:08:10 +04:00
my $ conffile = "$libdir/server.conf" ;
2016-01-06 13:59:06 +03:00
my $ dfqconffile = "$libdir/dfq.conf" ;
2018-08-31 13:44:09 +03:00
my $ errorinjectconf = "$libdir/error_inject.conf" ;
my $ delayinjectconf = "$libdir/delay_inject.conf" ;
2007-03-21 18:57:07 +03:00
2017-11-07 13:40:11 +03:00
my $ nss_wrapper_pl = "$ENV{PERL} $self->{srcdir}/third_party/nss_wrapper/nss_wrapper.pl" ;
2009-01-28 19:28:51 +03:00
my $ nss_wrapper_passwd = "$privatedir/passwd" ;
my $ nss_wrapper_group = "$privatedir/group" ;
2013-06-27 18:12:47 +04:00
my $ nss_wrapper_hosts = "$ENV{SELFTEST_PREFIX}/hosts" ;
2014-09-04 16:33:05 +04:00
my $ resolv_conf = "$privatedir/resolv.conf" ;
2015-01-07 02:18:55 +03:00
my $ dns_host_file = "$ENV{SELFTEST_PREFIX}/dns_host_file" ;
2009-01-28 19:28:51 +03:00
2011-02-22 03:56:18 +03:00
my $ mod_printer_pl = "$ENV{PERL} $self->{srcdir}/source3/script/tests/printing/modprinter.pl" ;
2010-02-18 02:48:58 +03:00
2013-05-15 02:42:35 +04:00
my $ fake_snap_pl = "$ENV{PERL} $self->{srcdir}/source3/script/tests/fake_snap.pl" ;
2010-03-18 00:55:00 +03:00
my @ eventlog_list = ( "dns server" , "application" ) ;
2010-03-19 12:23:39 +03:00
##
## calculate uids and gids
##
my ( $ max_uid , $ max_gid ) ;
2015-07-28 21:28:20 +03:00
my ( $ uid_nobody , $ uid_root , $ uid_pdbtest , $ uid_pdbtest2 , $ uid_userdup ) ;
2015-11-18 00:14:36 +03:00
my ( $ uid_pdbtest_wkn ) ;
2016-02-06 12:30:29 +03:00
my ( $ uid_smbget ) ;
2015-12-04 16:50:56 +03:00
my ( $ uid_force_user ) ;
2012-11-20 19:48:23 +04:00
my ( $ gid_nobody , $ gid_nogroup , $ gid_root , $ gid_domusers , $ gid_domadmins ) ;
2015-11-18 00:14:36 +03:00
my ( $ gid_userdup , $ gid_everyone ) ;
2015-12-04 16:50:56 +03:00
my ( $ gid_force_user ) ;
2016-08-11 23:54:22 +03:00
my ( $ uid_user1 ) ;
my ( $ uid_user2 ) ;
2018-11-15 18:06:49 +03:00
my ( $ uid_gooduser ) ;
my ( $ uid_eviluser ) ;
2018-12-03 13:05:46 +03:00
my ( $ uid_slashuser ) ;
2010-03-19 12:23:39 +03:00
2018-12-03 13:05:46 +03:00
if ( $ unix_uid < 0xffff - 13 ) {
2010-03-19 12:23:39 +03:00
$ max_uid = 0xffff ;
} else {
$ max_uid = $ unix_uid ;
}
$ uid_root = $ max_uid - 1 ;
$ uid_nobody = $ max_uid - 2 ;
2012-06-27 11:51:55 +04:00
$ uid_pdbtest = $ max_uid - 3 ;
2014-05-16 06:30:43 +04:00
$ uid_pdbtest2 = $ max_uid - 4 ;
2015-07-28 21:28:20 +03:00
$ uid_userdup = $ max_uid - 5 ;
2015-11-18 00:14:36 +03:00
$ uid_pdbtest_wkn = $ max_uid - 6 ;
2015-12-04 16:50:56 +03:00
$ uid_force_user = $ max_uid - 7 ;
2016-02-06 12:30:29 +03:00
$ uid_smbget = $ max_uid - 8 ;
2016-08-11 23:54:22 +03:00
$ uid_user1 = $ max_uid - 9 ;
$ uid_user2 = $ max_uid - 10 ;
2018-11-15 18:06:49 +03:00
$ uid_gooduser = $ max_uid - 11 ;
$ uid_eviluser = $ max_uid - 12 ;
2018-12-03 13:05:46 +03:00
$ uid_slashuser = $ max_uid - 13 ;
2010-03-19 12:23:39 +03:00
2015-12-04 16:50:56 +03:00
if ( $ unix_gids [ 0 ] < 0xffff - 8 ) {
2010-03-19 12:23:39 +03:00
$ max_gid = 0xffff ;
} else {
$ max_gid = $ unix_gids [ 0 ] ;
}
$ gid_nobody = $ max_gid - 1 ;
$ gid_nogroup = $ max_gid - 2 ;
$ gid_root = $ max_gid - 3 ;
2010-11-09 00:39:51 +03:00
$ gid_domusers = $ max_gid - 4 ;
2012-11-20 19:48:23 +04:00
$ gid_domadmins = $ max_gid - 5 ;
2015-07-28 21:28:20 +03:00
$ gid_userdup = $ max_gid - 6 ;
2015-11-18 00:14:36 +03:00
$ gid_everyone = $ max_gid - 7 ;
2015-12-04 16:50:56 +03:00
$ gid_force_user = $ max_gid - 8 ;
2010-03-19 12:23:39 +03:00
##
## create conffile
##
2011-05-08 08:54:50 +04:00
unless ( open ( CONF , ">$conffile" ) ) {
warn ( "Unable to open $conffile" ) ;
return undef ;
}
2019-03-12 04:00:55 +03:00
my $ interfaces = Samba:: get_interfaces_config ( $ server ) ;
2007-04-18 04:12:39 +04:00
print CONF "
[ global ]
2009-01-28 19:28:51 +03:00
netbios name = $ server
2019-03-12 04:00:55 +03:00
interfaces = $ interfaces
2009-01-28 19:28:51 +03:00
bind interfaces only = yes
2013-09-11 19:56:02 +04:00
panic action = cd $ self - > { srcdir } && $ self - > { srcdir } /selftest/g db_backtrace % d % \ $ ( MAKE_TEST_BINARY )
2012-05-17 03:06:29 +04:00
smbd:suicide mode = yes
2009-01-28 19:28:51 +03:00
2019-07-08 12:31:27 +03:00
client min protocol = CORE
2019-07-08 12:55:13 +03:00
server min protocol = LANMAN1
2007-04-18 04:12:39 +04:00
workgroup = $ domain
2007-03-21 18:57:07 +03:00
2007-04-18 04:12:39 +04:00
private dir = $ privatedir
2017-08-22 18:10:01 +03:00
binddns dir = $ binddnsdir
2007-04-18 04:12:39 +04:00
pid directory = $ piddir
lock directory = $ lockdir
log file = $ logdir / log . \ % m
2012-02-13 10:47:11 +04:00
log level = 1
2011-03-18 12:03:05 +03:00
debug pid = yes
2011-04-04 03:22:03 +04:00
max log size = 0
2007-03-21 18:57:07 +03:00
2009-01-28 19:28:51 +03:00
state directory = $ lockdir
cache directory = $ lockdir
2007-04-18 04:12:39 +04:00
passdb backend = tdbsam
2009-01-28 19:28:51 +03:00
time server = yes
2010-03-19 12:23:39 +03:00
add user script = $ nss_wrapper_pl - - passwd_path $ nss_wrapper_passwd - - type passwd - - action add - - name % u - - gid $ gid_nogroup
2009-05-28 12:40:22 +04:00
add group script = $ nss_wrapper_pl - - group_path $ nss_wrapper_group - - type group - - action add - - name % g
2010-03-19 12:23:39 +03:00
add machine script = $ nss_wrapper_pl - - passwd_path $ nss_wrapper_passwd - - type passwd - - action add - - name % u - - gid $ gid_nogroup
2009-05-28 12:40:22 +04:00
add user to group script = $ nss_wrapper_pl - - passwd_path $ nss_wrapper_passwd - - type member - - action add - - member % u - - name % g - - group_path $ nss_wrapper_group
delete user script = $ nss_wrapper_pl - - passwd_path $ nss_wrapper_passwd - - type passwd - - action delete - - name % u
delete group script = $ nss_wrapper_pl - - group_path $ nss_wrapper_group - - type group - - action delete - - name % g
delete user from group script = $ nss_wrapper_pl - - passwd_path $ nss_wrapper_passwd - - type member - - action delete - - member % u - - name % g - - group_path $ nss_wrapper_group
2009-01-28 19:28:51 +03:00
2010-02-18 02:48:58 +03:00
addprinter command = $ mod_printer_pl - a - s $ conffile - -
deleteprinter command = $ mod_printer_pl - d - s $ conffile - -
2010-03-18 00:55:00 +03:00
eventlog list = application \ " dns server \ "
2009-01-28 19:28:51 +03:00
kernel oplocks = no
kernel change notify = no
2015-03-24 02:16:36 +03:00
logging = file
2009-01-28 19:28:51 +03:00
printing = bsd
printcap name = /dev/ null
2007-09-26 23:23:54 +04:00
2013-10-11 04:34:13 +04:00
winbindd socket directory = $ wbsockdir
2011-01-08 08:28:45 +03:00
nmbd:socket dir = $ nmbdsockdir
2011-03-10 17:58:05 +03:00
idmap config * : range = 100000 - 200000
2010-01-13 17:21:14 +03:00
winbind enum users = yes
winbind enum groups = yes
2014-03-31 11:47:18 +04:00
winbind separator = /
2016-12-01 10:18:58 +03:00
include system krb5 conf = no
2009-01-28 19:28:51 +03:00
# min receivefile size = 4000
2007-09-30 13:08:10 +04:00
2007-04-18 04:12:39 +04:00
read only = no
2010-11-11 04:54:57 +03:00
2007-04-18 04:12:39 +04:00
smbd:sharedelay = 100000
2012-03-15 20:28:38 +04:00
smbd:writetimeupdatedelay = 500000
2010-05-29 02:09:14 +04:00
map hidden = no
map system = no
map readonly = no
store dos attributes = yes
2013-03-10 13:25:53 +04:00
create mask = 755
2011-10-28 03:41:18 +04:00
dos filemode = yes
2014-10-25 00:57:04 +04:00
strict rename = yes
2015-11-11 23:28:09 +03:00
strict sync = yes
2019-07-08 16:26:25 +03:00
mangled names = yes
2018-08-10 20:38:28 +03:00
vfs objects = acl_xattr fake_acls xattr_tdb streams_depot time_audit full_audit
full_audit:syslog = no
full_audit:success = none
full_audit:failure = none
2009-01-28 19:28:51 +03:00
2010-03-25 02:55:13 +03:00
printing = vlp
print command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb print % p % s
lpq command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb lpq % p
lp rm command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb lprm % p % j
lp pause command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb lppause % p % j
lp resume command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb lpresume % p % j
queue pause command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb queuepause % p
queue resume command = $ bindir_abs /vlp tdbfile=$lockdir/ vlp . tdb queueresume % p
2010-03-27 00:58:42 +03:00
lpq cache time = 0
2013-10-14 15:53:22 +04:00
print notify backchannel = yes
2010-03-25 02:55:13 +03:00
2011-05-08 12:32:01 +04:00
ncalrpc dir = $ prefix_abs / ncalrpc
2011-04-26 03:49:08 +04:00
2011-07-27 09:42:45 +04:00
# The samba3.blackbox.smbclient_s3 test uses this to test that
# sending messages works, and that the %m sub works.
2011-06-09 09:22:19 +04:00
message command = mv % s $ shrdir / message . % m
2013-05-15 02:42:35 +04:00
# fsrvp server requires registry shares
registry shares = yes
2015-06-12 18:37:30 +03:00
# Used by RPC SRVSVC tests
add share command = $ bindir_abs / smbaddshare
change share command = $ bindir_abs / smbchangeshare
delete share command = $ bindir_abs / smbdeleteshare
2015-06-10 16:30:04 +03:00
# fruit:copyfile is a global option
fruit:copyfile = yes
2015-10-29 23:24:30 +03:00
#this does not mean that we use non-secure test env,
#it just means we ALLOW one to be configured.
allow insecure wide links = yes
2009-01-28 22:30:16 +03:00
# Begin extra options
$ extra_options
# End extra options
2009-01-28 19:28:51 +03:00
#Include user defined custom parameters if set
2009-01-29 00:15:44 +03:00
" ;
if ( defined ( $ ENV { INCLUDE_CUSTOM_CONF } ) ) {
print CONF "\t$ENV{INCLUDE_CUSTOM_CONF}\n" ;
}
2009-01-28 19:28:51 +03:00
2009-01-29 00:15:44 +03:00
print CONF "
2009-01-28 19:28:51 +03:00
[ tmp ]
path = $ shrdir
2011-07-29 06:12:36 +04:00
comment = smb username is [ % U ]
2014-02-11 22:39:04 +04:00
[ tmpsort ]
path = $ shrdir
comment = Load dirsort module
vfs objects = dirsort acl_xattr fake_acls xattr_tdb streams_depot
2012-08-17 10:50:21 +04:00
[ tmpenc ]
path = $ shrdir
comment = encrypt smb username is [ % U ]
smb encrypt = required
2013-05-22 10:13:21 +04:00
vfs objects = dirsort
2011-02-18 10:52:00 +03:00
[ tmpguest ]
path = $ shrdir
guest ok = yes
[ guestonly ]
path = $ shrdir
guest only = yes
guest ok = yes
[ forceuser ]
path = $ shrdir
force user = $ unix_name
guest ok = yes
2015-01-14 00:49:58 +03:00
[ forceuser_unixonly ]
2015-11-18 00:14:36 +03:00
comment = force a user with unix user SID and group SID
2015-01-14 00:49:58 +03:00
path = $ shrdir
force user = pdbtest
guest ok = yes
2015-11-18 00:14:36 +03:00
[ forceuser_wkngroup ]
comment = force a user with well - known group SID
path = $ shrdir
force user = pdbtest_wkn
guest ok = yes
2011-02-18 10:52:00 +03:00
[ forcegroup ]
path = $ shrdir
force group = nogroup
guest ok = yes
2010-05-29 02:09:14 +04:00
[ ro - tmp ]
path = $ ro_shrdir
guest ok = yes
2012-12-20 16:05:55 +04:00
[ write - list - tmp ]
path = $ shrdir
read only = yes
write list = $ unix_name
[ valid - users - tmp ]
path = $ shrdir
valid users = $ unix_name
2016-02-29 23:09:57 +03:00
access based share enum = yes
2010-05-29 02:09:14 +04:00
[ msdfs - share ]
path = $ msdfs_shrdir
msdfs root = yes
2015-02-27 17:52:47 +03:00
msdfs shuffle referrals = yes
2010-05-29 02:09:14 +04:00
guest ok = yes
2007-04-18 04:12:39 +04:00
[ hideunread ]
copy = tmp
hide unreadable = yes
2010-05-29 02:09:14 +04:00
[ tmpcase ]
copy = tmp
case sensitive = yes
2007-04-18 04:12:39 +04:00
[ hideunwrite ]
copy = tmp
hide unwriteable files = yes
2012-08-09 17:27:50 +04:00
[ durable ]
copy = tmp
kernel share modes = no
kernel oplocks = no
posix locking = no
2013-11-18 17:54:26 +04:00
[ fs_specific ]
copy = tmp
$ fs_specific_conf
2007-04-18 04:12:39 +04:00
[ print1 ]
copy = tmp
printable = yes
2009-04-23 01:54:10 +04:00
2007-04-18 04:12:39 +04:00
[ print2 ]
copy = print1
[ print3 ]
copy = print1
2012-11-29 15:10:45 +04:00
default devmode = no
2010-09-02 15:39:12 +04:00
[ lp ]
2007-04-18 04:12:39 +04:00
copy = print1
2013-04-14 14:04:45 +04:00
2017-10-23 14:35:49 +03:00
[ nfs4acl_simple_40 ]
2013-04-14 14:04:45 +04:00
path = $ shrdir
comment = smb username is [ % U ]
2013-04-28 21:06:59 +04:00
nfs4:mode = simple
2017-10-23 14:35:49 +03:00
nfs4acl_xattr:version = 40
2013-05-22 10:13:21 +04:00
vfs objects = nfs4acl_xattr xattr_tdb
2013-04-28 21:06:59 +04:00
2017-10-23 14:35:49 +03:00
[ nfs4acl_special_40 ]
2013-04-28 21:06:59 +04:00
path = $ shrdir
comment = smb username is [ % U ]
nfs4:mode = special
2017-10-23 14:35:49 +03:00
nfs4acl_xattr:version = 40
2013-05-22 10:13:21 +04:00
vfs objects = nfs4acl_xattr xattr_tdb
2013-04-14 14:04:45 +04:00
2017-10-23 15:05:19 +03:00
[ nfs4acl_simple_41 ]
path = $ shrdir
comment = smb username is [ % U ]
nfs4:mode = simple
vfs objects = nfs4acl_xattr xattr_tdb
2017-09-07 18:29:03 +03:00
[ nfs4acl_xdr_40 ]
path = $ shrdir
comment = smb username is [ % U ]
vfs objects = nfs4acl_xattr xattr_tdb
nfs4:mode = simple
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:version = 40
2017-10-19 15:24:03 +03:00
[ nfs4acl_xdr_41 ]
path = $ shrdir
comment = smb username is [ % U ]
vfs objects = nfs4acl_xattr xattr_tdb
nfs4:mode = simple
nfs4acl_xattr:encoding = xdr
nfs4acl_xattr:version = 41
2018-11-26 22:51:14 +03:00
[ nfs4acl_nfs_40 ]
path = $ shrdir
comment = smb username is [ % U ]
vfs objects = nfs4acl_xattr xattr_tdb
nfs4:mode = simple
nfs4acl_xattr:encoding = nfs
nfs4acl_xattr:version = 40
nfs4acl_xattr:xattr_name = security . nfs4acl_xdr
[ nfs4acl_nfs_41 ]
path = $ shrdir
comment = smb username is [ % U ]
vfs objects = nfs4acl_xattr xattr_tdb
nfs4:mode = simple
nfs4acl_xattr:encoding = nfs
nfs4acl_xattr:version = 41
nfs4acl_xattr:xattr_name = security . nfs4acl_xdr
2011-10-28 23:15:51 +04:00
[ xcopy_share ]
path = $ shrdir
comment = smb username is [ % U ]
create mask = 777
force create mode = 777
2012-06-05 07:43:09 +04:00
[ posix_share ]
path = $ shrdir
comment = smb username is [ % U ]
create mask = 0777
force create mode = 0
directory mask = 0777
force directory mode = 0
2016-07-19 19:24:38 +03:00
vfs objects = xattr_tdb streams_depot
2013-12-06 02:20:06 +04:00
[ aio ]
copy = tmp
aio read size = 1
aio write size = 1
2012-06-05 07:43:09 +04:00
2010-04-23 15:51:02 +04:00
[ print \ $]
copy = tmp
2014-07-08 07:47:02 +04:00
[ vfs_fruit ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = catia fruit streams_xattr acl_xattr xattr_tdb
2016-11-08 14:35:12 +03:00
fruit:resource = file
2014-07-08 07:47:02 +04:00
fruit:metadata = netatalk
fruit:locking = netatalk
fruit:encoding = native
2017-11-17 15:52:25 +03:00
fruit:veto_appledouble = no
2014-08-28 00:15:29 +04:00
2018-03-16 23:55:26 +03:00
[ vfs_fruit_xattr ]
path = $ shrdir
# This is used by vfs.fruit tests that require real fs xattr
vfs objects = catia fruit streams_xattr acl_xattr
fruit:resource = file
fruit:metadata = netatalk
fruit:locking = netatalk
fruit:encoding = native
fruit:veto_appledouble = no
2016-11-15 17:25:14 +03:00
[ vfs_fruit_metadata_stream ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = fruit streams_xattr acl_xattr xattr_tdb
2016-11-15 17:25:14 +03:00
fruit:resource = file
fruit:metadata = stream
2017-11-17 15:52:25 +03:00
fruit:veto_appledouble = no
2016-11-15 17:25:14 +03:00
2016-12-02 09:42:07 +03:00
[ vfs_fruit_stream_depot ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = fruit streams_depot acl_xattr xattr_tdb
2016-12-02 09:42:07 +03:00
fruit:resource = stream
fruit:metadata = stream
2017-11-17 15:52:25 +03:00
fruit:veto_appledouble = no
2016-12-02 09:42:07 +03:00
2016-12-11 21:06:46 +03:00
[ vfs_wo_fruit ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = streams_xattr acl_xattr xattr_tdb
2016-12-11 21:06:46 +03:00
[ vfs_wo_fruit_stream_depot ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = streams_depot acl_xattr xattr_tdb
2016-12-11 21:06:46 +03:00
2018-01-02 21:09:04 +03:00
[ vfs_fruit_timemachine ]
path = $ shrdir
2018-03-16 23:57:31 +03:00
vfs objects = fruit streams_xattr acl_xattr xattr_tdb
2018-01-02 21:09:04 +03:00
fruit:resource = file
fruit:metadata = stream
fruit:time machine = yes
fruit:time machine max size = 32 K
2018-10-04 15:28:15 +03:00
[ vfs_fruit_wipe_intentionally_left_blank_rfork ]
path = $ shrdir
vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:wipe_intentionally_left_blank_rfork = true
fruit:delete_empty_adfiles = false
fruit:veto_appledouble = no
[ vfs_fruit_delete_empty_adfiles ]
path = $ shrdir
vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:wipe_intentionally_left_blank_rfork = true
fruit:delete_empty_adfiles = true
fruit:veto_appledouble = no
2019-06-30 15:24:59 +03:00
[ vfs_fruit_zero_fileid ]
path = $ shrdir
vfs objects = fruit streams_xattr acl_xattr xattr_tdb
fruit:resource = file
fruit:metadata = stream
fruit:zero_file_id = yes
2014-08-28 00:15:29 +04:00
[ badname - tmp ]
path = $ badnames_shrdir
guest ok = yes
2014-11-18 01:17:34 +03:00
2015-05-02 07:08:21 +03:00
[ manglenames_share ]
path = $ manglenames_shrdir
guest ok = yes
2014-11-18 01:17:34 +03:00
[ dynamic_share ]
path = $ shrdir / % R
guest ok = yes
2013-05-15 02:42:35 +04:00
2015-07-09 23:57:58 +03:00
[ widelinks_share ]
path = $ widelinks_shrdir
wide links = no
guest ok = yes
2013-05-15 02:42:35 +04:00
[ fsrvp_share ]
path = $ shrdir
comment = fake shapshots using rsync
vfs objects = shell_snap shadow_copy2
shell_snap:check path command = $ fake_snap_pl - - check
shell_snap:create command = $ fake_snap_pl - - create
shell_snap:delete command = $ fake_snap_pl - - delete
# a relative path here fails, the snapshot dir is no longer found
shadow:snapdir = $ shrdir / . snapshots
2015-10-29 23:24:30 +03:00
[ shadow1 ]
path = $ shadow_shrdir
comment = previous versions snapshots under mount point
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
[ shadow2 ]
path = $ shadow_shrdir
comment = previous versions snapshots outside mount point
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
shadow:snapdir = $ shadow_tstdir / . snapshots
[ shadow3 ]
path = $ shadow_shrdir
comment = previous versions with subvolume snapshots , snapshots under base dir
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
[ shadow4 ]
path = $ shadow_shrdir
comment = previous versions with subvolume snapshots , snapshots outside mount point
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_tstdir / . snapshots
[ shadow5 ]
path = $ shadow_shrdir
comment = previous versions at volume root snapshots under mount point
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_shrdir
[ shadow6 ]
path = $ shadow_shrdir
comment = previous versions at volume root snapshots outside mount point
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_shrdir
shadow:snapdir = $ shadow_tstdir / . snapshots
[ shadow7 ]
path = $ shadow_shrdir
comment = previous versions snapshots everywhere
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
shadow:snapdirseverywhere = yes
2015-11-03 12:15:52 +03:00
[ shadow8 ]
path = $ shadow_shrdir
comment = previous versions using snapsharepath
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
shadow:snapdir = $ shadow_tstdir / . snapshots
shadow:snapsharepath = share
2016-07-12 12:33:29 +03:00
[ shadow_fmt0 ]
comment = Testing shadow:format with default option
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:format = \ @ GMT - % Y . % m . % d - % H . % M . % S
[ shadow_fmt1 ]
comment = Testing shadow:format with only date component
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:format = \ @ GMT - % Y - % m - % d
[ shadow_fmt2 ]
comment = Testing shadow:format with some hardcoded prefix
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:format = snap \ @ GMT - % Y . % m . % d - % H . % M . % S
[ shadow_fmt3 ]
comment = Testing shadow:format with modified format
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:format = \ @ GMT - % Y . % m . % d - % H_ % M_ % S - snap
2016-07-13 19:15:27 +03:00
[ shadow_fmt4 ]
comment = Testing shadow:snapprefix regex
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:snapprefix = \ ^ s[a-z] * p \ $
shadow:format = _GMT - % Y . % m . % d - % H . % M . % S
[ shadow_fmt5 ]
comment = Testing shadow:snapprefix with delim regex
vfs object = shadow_copy2
path = $ shadow_shrdir
read only = no
guest ok = yes
shadow:mountpoint = $ shadow_mntdir
shadow:basedir = $ shadow_basedir
shadow:snapdir = $ shadow_basedir / . snapshots
shadow:delimiter = \ @ GMT
shadow:snapprefix = [ a - z ] *
shadow:format = \ @ GMT - % Y . % m . % d - % H . % M . % S
2015-10-29 23:24:30 +03:00
[ shadow_wl ]
path = $ shadow_shrdir
comment = previous versions with wide links allowed
vfs objects = shadow_copy2
shadow:mountpoint = $ shadow_mntdir
wide links = yes
2018-11-23 12:18:44 +03:00
[ shadow_write ]
path = $ shadow_tstdir
comment = previous versions snapshots under mount point
2018-11-23 16:36:56 +03:00
vfs objects = shadow_copy2 streams_xattr error_inject
2018-11-23 12:18:44 +03:00
aio write size = 0
error_inject:pwrite = EBADF
shadow:mountpoint = $ shadow_tstdir
2016-01-06 13:59:06 +03:00
[ dfq ]
path = $ shrdir / dfree
2016-08-11 23:54:22 +03:00
vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
2016-01-06 13:59:06 +03:00
admin users = $ unix_name
include = $ dfqconffile
2018-05-23 21:07:54 +03:00
[ dfq_cache ]
path = $ shrdir / dfree
vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
admin users = $ unix_name
include = $ dfqconffile
dfree cache time = 60
2016-08-11 23:54:22 +03:00
[ dfq_owner ]
path = $ shrdir / dfree
vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
inherit owner = yes
include = $ dfqconffile
2017-03-21 11:29:59 +03:00
[ quotadir ]
path = $ shrdir / quota
admin users = $ unix_name
2016-08-25 17:30:24 +03:00
[ acl_xattr_ign_sysacl_posix ]
copy = tmp
acl_xattr:ignore system acls = yes
acl_xattr:default acl style = posix
[ acl_xattr_ign_sysacl_windows ]
copy = tmp
acl_xattr:ignore system acls = yes
acl_xattr:default acl style = windows
2016-12-15 15:05:50 +03:00
[ mangle_illegal ]
copy = tmp
mangled names = illegal
2017-03-01 20:13:35 +03:00
2017-03-27 21:48:25 +03:00
[ nosymlinks ]
copy = tmp
path = $ nosymlinks_shrdir
follow symlinks = no
2017-06-23 21:12:22 +03:00
[ local_symlinks ]
copy = tmp
path = $ local_symlinks_shrdir
follow symlinks = yes
2017-03-01 20:13:35 +03:00
[ kernel_oplocks ]
copy = tmp
kernel oplocks = yes
vfs objects = streams_xattr xattr_tdb
2017-02-24 00:20:39 +03:00
2018-04-11 20:33:22 +03:00
[ streams_xattr ]
copy = tmp
vfs objects = streams_xattr xattr_tdb
2017-02-24 00:20:39 +03:00
[ compound_find ]
copy = tmp
smbd:find async delay usec = 10000
2017-12-13 21:34:05 +03:00
[ error_inject ]
copy = tmp
vfs objects = error_inject
2018-08-31 13:44:09 +03:00
include = $ errorinjectconf
2018-08-30 20:15:19 +03:00
[ delay_inject ]
copy = tmp
vfs objects = delay_inject
kernel share modes = no
kernel oplocks = no
posix locking = no
2018-08-31 13:44:09 +03:00
include = $ delayinjectconf
2018-10-28 21:29:26 +03:00
[ aio_delay_inject ]
copy = tmp
vfs objects = delay_inject
delay_inject:pread_send = 2000
delay_inject:pwrite_send = 2000
2018-11-02 22:03:51 +03:00
[ delete_readonly ]
path = $ prefix_abs / share
delete readonly = yes
2007-04-18 04:12:39 +04:00
" ;
close ( CONF ) ;
2016-01-06 13:59:06 +03:00
2018-02-26 16:56:27 +03:00
my $ net = Samba:: bindir_path ( $ self , "net" ) ;
my $ cmd = "" ;
$ cmd . = "SMB_CONF_PATH=\"$conffile\" " ;
$ cmd . = "$net setlocalsid $samsid" ;
if ( system ( $ cmd ) != 0 ) {
warn ( "Join failed\n$cmd" ) ;
return undef ;
}
2018-08-31 13:44:09 +03:00
unless ( open ( ERRORCONF , ">$errorinjectconf" ) ) {
warn ( "Unable to open $errorinjectconf" ) ;
return undef ;
}
close ( ERRORCONF ) ;
unless ( open ( DELAYCONF , ">$delayinjectconf" ) ) {
warn ( "Unable to open $delayinjectconf" ) ;
return undef ;
}
close ( DELAYCONF ) ;
2016-01-06 13:59:06 +03:00
unless ( open ( DFQCONF , ">$dfqconffile" ) ) {
warn ( "Unable to open $dfqconffile" ) ;
return undef ;
}
close ( DFQCONF ) ;
2007-03-21 18:57:07 +03:00
2007-04-18 04:12:39 +04:00
##
## create a test account
##
2011-05-08 08:54:50 +04:00
unless ( open ( PASSWD , ">$nss_wrapper_passwd" ) ) {
warn ( "Unable to open $nss_wrapper_passwd" ) ;
return undef ;
}
2010-03-18 14:12:58 +03:00
print PASSWD " nobody:x: $ uid_nobody: $ gid_nobody:nobody gecos: $ prefix_abs: /bin/ false
2009-01-28 19:28:51 +03:00
$ unix_name:x: $ unix_uid: $ unix_gids [ 0 ] : $ unix_name gecos: $ prefix_abs: /bin/ false
2012-06-27 11:51:55 +04:00
pdbtest:x: $ uid_pdbtest: $ gid_nogroup:pdbtest gecos: $ prefix_abs: /bin/ false
2014-05-16 06:30:43 +04:00
pdbtest2:x: $ uid_pdbtest2: $ gid_nogroup:pdbtest gecos: $ prefix_abs: /bin/ false
2015-07-28 21:28:20 +03:00
userdup:x: $ uid_userdup: $ gid_userdup:userdup gecos: $ prefix_abs: /bin/ false
2015-11-18 00:14:36 +03:00
pdbtest_wkn:x: $ uid_pdbtest_wkn: $ gid_everyone:pdbtest_wkn gecos: $ prefix_abs: /bin/ false
2015-12-04 16:50:56 +03:00
force_user:x: $ uid_force_user: $ gid_force_user:force user gecos: $ prefix_abs: /bin/ false
2016-02-06 12:30:29 +03:00
smbget_user:x: $ uid_smbget: $ gid_domusers:smbget_user gecos: $ prefix_abs: /bin/ false
2016-08-11 23:54:22 +03:00
user1:x: $ uid_user1: $ gid_nogroup:user1 gecos: $ prefix_abs: /bin/ false
user2:x: $ uid_user2: $ gid_nogroup:user2 gecos: $ prefix_abs: /bin/ false
2018-11-15 18:06:49 +03:00
gooduser:x: $ uid_gooduser: $ gid_domusers:gooduser gecos: $ prefix_abs: /bin/ false
eviluser:x: $ uid_eviluser: $ gid_domusers:eviluser gecos:: /bin/ false
2018-12-03 13:05:46 +03:00
slashuser:x: $ uid_slashuser: $ gid_domusers:slashuser gecos: /:/ bin / false
2009-01-28 19:28:51 +03:00
" ;
2010-03-18 14:12:58 +03:00
if ( $ unix_uid != 0 ) {
2013-07-01 15:02:46 +04:00
print PASSWD " root:x: $ uid_root: $ gid_root:root gecos: $ prefix_abs: /bin/ false
" ;
2010-03-18 14:12:58 +03:00
}
2009-01-28 19:28:51 +03:00
close ( PASSWD ) ;
2011-05-08 08:54:50 +04:00
unless ( open ( GROUP , ">$nss_wrapper_group" ) ) {
warn ( "Unable to open $nss_wrapper_group" ) ;
return undef ;
}
2010-03-18 14:12:58 +03:00
print GROUP " nobody:x: $ gid_nobody:
nogroup:x: $ gid_nogroup:nobody
2009-01-28 19:28:51 +03:00
$ unix_name - group:x: $ unix_gids [ 0 ] :
2010-11-09 00:39:51 +03:00
domusers:X: $ gid_domusers:
2012-11-20 19:48:23 +04:00
domadmins:X: $ gid_domadmins:
2015-07-28 21:28:20 +03:00
userdup:x: $ gid_userdup: $ unix_name
2015-11-18 00:14:36 +03:00
everyone:x: $ gid_everyone:
2015-12-04 16:50:56 +03:00
force_user:x: $ gid_force_user:
2009-01-28 19:28:51 +03:00
" ;
2010-03-18 14:12:58 +03:00
if ( $ unix_gids [ 0 ] != 0 ) {
2013-07-01 15:02:46 +04:00
print GROUP " root:x: $ gid_root:
" ;
2010-03-18 14:12:58 +03:00
}
2009-01-28 19:28:51 +03:00
close ( GROUP ) ;
2013-06-27 18:12:47 +04:00
## hosts
my $ hostname = lc ( $ server ) ;
unless ( open ( HOSTS , ">>$nss_wrapper_hosts" ) ) {
warn ( "Unable to open $nss_wrapper_hosts" ) ;
return undef ;
}
2014-06-19 19:21:16 +04:00
print HOSTS "${server_ip} ${hostname}.samba.example.com ${hostname}\n" ;
print HOSTS "${server_ipv6} ${hostname}.samba.example.com ${hostname}\n" ;
2013-06-27 18:12:47 +04:00
close ( HOSTS ) ;
2014-09-04 16:33:05 +04:00
## hosts
unless ( open ( RESOLV_CONF , ">$resolv_conf" ) ) {
warn ( "Unable to open $resolv_conf" ) ;
return undef ;
}
if ( defined ( $ dc_server_ip ) or defined ( $ dc_server_ipv6 ) ) {
if ( defined ( $ dc_server_ip ) ) {
print RESOLV_CONF "nameserver $dc_server_ip\n" ;
}
if ( defined ( $ dc_server_ipv6 ) ) {
print RESOLV_CONF "nameserver $dc_server_ipv6\n" ;
}
} else {
print RESOLV_CONF "nameserver ${server_ip}\n" ;
print RESOLV_CONF "nameserver ${server_ipv6}\n" ;
}
close ( RESOLV_CONF ) ;
2013-06-27 18:12:47 +04:00
2010-03-18 00:55:00 +03:00
foreach my $ evlog ( @ eventlog_list ) {
my $ evlogtdb = "$eventlogdir/$evlog.tdb" ;
open ( EVENTLOG , ">$evlogtdb" ) or die ( "Unable to open $evlogtdb" ) ;
close ( EVENTLOG ) ;
}
2017-12-08 05:20:36 +03:00
$ createuser_env { NSS_WRAPPER_PASSWD } = $ nss_wrapper_passwd ;
$ createuser_env { NSS_WRAPPER_GROUP } = $ nss_wrapper_group ;
$ createuser_env { NSS_WRAPPER_HOSTS } = $ nss_wrapper_hosts ;
$ createuser_env { NSS_WRAPPER_HOSTNAME } = "${hostname}.samba.example.com" ;
2014-09-04 16:33:05 +04:00
if ( $ ENV { SAMBA_DNS_FAKING } ) {
2017-12-08 05:20:36 +03:00
$ createuser_env { RESOLV_WRAPPER_HOSTS } = $ dns_host_file ;
2018-05-30 18:03:55 +03:00
} else {
$ createuser_env { RESOLV_WRAPPER_CONF } = $ resolv_conf ;
2014-09-04 16:33:05 +04:00
}
2009-01-28 19:28:51 +03:00
2017-12-08 05:20:36 +03:00
createuser ( $ self , $ unix_name , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create user" ) ;
createuser ( $ self , "force_user" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create force_user" ) ;
createuser ( $ self , "smbget_user" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create smbget_user" ) ;
createuser ( $ self , "user1" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create user1" ) ;
createuser ( $ self , "user2" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create user2" ) ;
2018-11-15 18:06:49 +03:00
createuser ( $ self , "gooduser" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create gooduser" ) ;
createuser ( $ self , "eviluser" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create eviluser" ) ;
2018-12-03 13:05:46 +03:00
createuser ( $ self , "slashuser" , $ password , $ conffile , \ % createuser_env ) || die ( "Unable to create slashuser" ) ;
2007-04-18 04:12:39 +04:00
2012-09-26 04:02:43 +04:00
open ( DNS_UPDATE_LIST , ">$prefix/dns_update_list" ) or die ( "Unable to open $$prefix/dns_update_list" ) ;
2014-06-19 19:21:16 +04:00
print DNS_UPDATE_LIST "A $server. $server_ip\n" ;
print DNS_UPDATE_LIST "AAAA $server. $server_ipv6\n" ;
2012-09-26 04:02:43 +04:00
close ( DNS_UPDATE_LIST ) ;
2016-08-11 23:54:22 +03:00
print "DONE\n" ;
2007-04-18 04:12:39 +04:00
$ ret { SERVER_IP } = $ server_ip ;
2014-06-19 19:21:16 +04:00
$ ret { SERVER_IPV6 } = $ server_ipv6 ;
2007-04-18 04:12:39 +04:00
$ ret { NMBD_TEST_LOG } = "$prefix/nmbd_test.log" ;
2009-01-29 00:15:44 +03:00
$ ret { NMBD_TEST_LOG_POS } = 0 ;
2007-09-30 13:08:10 +04:00
$ ret { WINBINDD_TEST_LOG } = "$prefix/winbindd_test.log" ;
2009-01-29 00:15:44 +03:00
$ ret { WINBINDD_TEST_LOG_POS } = 0 ;
2007-04-18 04:12:39 +04:00
$ ret { SMBD_TEST_LOG } = "$prefix/smbd_test.log" ;
2009-01-29 00:15:44 +03:00
$ ret { SMBD_TEST_LOG_POS } = 0 ;
2007-04-18 04:12:39 +04:00
$ ret { SERVERCONFFILE } = $ conffile ;
2019-03-14 07:38:22 +03:00
$ ret { TESTENV_DIR } = $ prefix_abs ;
2007-04-18 04:12:39 +04:00
$ ret { CONFIGURATION } = "-s $conffile" ;
2017-02-17 02:23:43 +03:00
$ ret { LOCK_DIR } = $ lockdir ;
2007-04-18 04:12:39 +04:00
$ ret { SERVER } = $ server ;
2009-01-28 19:28:51 +03:00
$ ret { USERNAME } = $ unix_name ;
2010-06-02 17:35:33 +04:00
$ ret { USERID } = $ unix_uid ;
2007-04-18 04:12:39 +04:00
$ ret { DOMAIN } = $ domain ;
2018-02-26 16:56:27 +03:00
$ ret { SAMSID } = $ samsid ;
2007-04-18 04:12:39 +04:00
$ ret { NETBIOSNAME } = $ server ;
$ ret { PASSWORD } = $ password ;
$ ret { PIDDIR } = $ piddir ;
2014-02-20 13:34:49 +04:00
$ ret { SELFTEST_WINBINDD_SOCKET_DIR } = $ wbsockdir ;
2011-01-08 08:28:45 +03:00
$ ret { NMBD_SOCKET_DIR } = $ nmbdsockdir ;
2009-01-29 00:15:44 +03:00
$ ret { SOCKET_WRAPPER_DEFAULT_IFACE } = $ swiface ;
2009-01-28 19:28:51 +03:00
$ ret { NSS_WRAPPER_PASSWD } = $ nss_wrapper_passwd ;
$ ret { NSS_WRAPPER_GROUP } = $ nss_wrapper_group ;
2013-06-27 18:12:47 +04:00
$ ret { NSS_WRAPPER_HOSTS } = $ nss_wrapper_hosts ;
2014-10-29 19:40:22 +03:00
$ ret { NSS_WRAPPER_HOSTNAME } = "${hostname}.samba.example.com" ;
2013-06-12 17:42:01 +04:00
$ ret { NSS_WRAPPER_MODULE_SO_PATH } = Samba:: nss_wrapper_winbind_so_path ( $ self ) ;
$ ret { NSS_WRAPPER_MODULE_FN_PREFIX } = "winbind" ;
2014-09-04 16:33:05 +04:00
if ( $ ENV { SAMBA_DNS_FAKING } ) {
$ ret { RESOLV_WRAPPER_HOSTS } = $ dns_host_file ;
} else {
$ ret { RESOLV_WRAPPER_CONF } = $ resolv_conf ;
}
2010-06-02 17:35:33 +04:00
$ ret { LOCAL_PATH } = "$shrdir" ;
2013-04-22 14:35:01 +04:00
$ ret { LOGDIR } = $ logdir ;
2009-01-28 19:28:51 +03:00
2015-10-25 16:02:17 +03:00
#
# Avoid hitting system krb5.conf -
# An env that needs Kerberos will reset this to the real
# value.
#
$ ret { KRB5_CONFIG } = abs_path ( $ prefix ) . "/no_krb5.conf" ;
2016-09-22 19:46:28 +03:00
# Define KRB5CCNAME for each environment we set up
$ ret { KRB5_CCACHE } = abs_path ( $ prefix ) . "/krb5ccache" ;
$ ENV { KRB5CCNAME } = $ ret { KRB5_CCACHE } ;
2007-04-18 04:12:39 +04:00
return \ % ret ;
2007-03-21 18:57:07 +03:00
}
2012-11-23 03:09:43 +04:00
sub wait_for_start ($$$$$)
2007-03-21 18:57:07 +03:00
{
2012-11-23 03:09:43 +04:00
my ( $ self , $ envvars , $ nmbd , $ winbindd , $ smbd ) = @ _ ;
2018-01-08 20:38:08 +03:00
my $ cmd ;
2018-01-08 16:28:40 +03:00
my $ netcmd ;
2012-11-23 03:18:44 +04:00
my $ ret ;
2012-11-23 03:09:43 +04:00
if ( $ nmbd eq "yes" ) {
2014-07-25 18:45:29 +04:00
my $ count = 0 ;
# give time for nbt server to register its names
print "checking for nmbd\n" ;
# This will return quickly when things are up, but be slow if we need to wait for (eg) SSL init
my $ nmblookup = Samba:: bindir_path ( $ self , "nmblookup" ) ;
do {
$ ret = system ( "$nmblookup $envvars->{CONFIGURATION} $envvars->{SERVER}" ) ;
if ( $ ret != 0 ) {
sleep ( 1 ) ;
} else {
system ( "$nmblookup $envvars->{CONFIGURATION} -U $envvars->{SERVER_IP} __SAMBA__" ) ;
system ( "$nmblookup $envvars->{CONFIGURATION} __SAMBA__" ) ;
system ( "$nmblookup $envvars->{CONFIGURATION} -U 127.255.255.255 __SAMBA__" ) ;
system ( "$nmblookup $envvars->{CONFIGURATION} -U $envvars->{SERVER_IP} $envvars->{SERVER}" ) ;
}
$ count + + ;
} while ( $ ret != 0 && $ count < 10 ) ;
if ( $ count == 10 ) {
print "NMBD not reachable after 10 retries\n" ;
teardown_env ( $ self , $ envvars ) ;
return 0 ;
}
2012-11-23 03:09:43 +04:00
}
2011-04-07 07:07:23 +04:00
2012-11-23 03:18:44 +04:00
if ( $ winbindd eq "yes" ) {
print "checking for winbindd\n" ;
my $ count = 0 ;
2018-01-08 20:38:08 +03:00
$ cmd = "SELFTEST_WINBINDD_SOCKET_DIR='$envvars->{SELFTEST_WINBINDD_SOCKET_DIR}' " ;
2017-12-08 05:20:36 +03:00
$ cmd . = "NSS_WRAPPER_PASSWD='$envvars->{NSS_WRAPPER_PASSWD}' " ;
$ cmd . = "NSS_WRAPPER_GROUP='$envvars->{NSS_WRAPPER_GROUP}' " ;
$ cmd . = Samba:: bindir_path ( $ self , "wbinfo" ) . " --ping-dc" ;
2012-11-23 03:18:44 +04:00
do {
if ( $ ret != 0 ) {
2017-12-08 05:20:36 +03:00
$ ret = system ( $ cmd ) ;
2016-06-16 02:00:13 +03:00
sleep ( 1 ) ;
2012-11-23 03:18:44 +04:00
}
$ count + + ;
2016-06-16 02:00:13 +03:00
} while ( $ ret != 0 && $ count < 20 ) ;
if ( $ count == 20 ) {
2012-11-23 03:18:44 +04:00
print "WINBINDD not reachable after 20 seconds\n" ;
teardown_env ( $ self , $ envvars ) ;
return 0 ;
}
}
2012-11-23 03:09:43 +04:00
if ( $ smbd eq "yes" ) {
# make sure smbd is also up set
print "wait for smbd\n" ;
2007-04-18 18:02:26 +04:00
2012-11-23 03:09:43 +04:00
my $ count = 0 ;
do {
2015-06-05 06:18:19 +03:00
$ ret = system ( Samba:: bindir_path ( $ self , "smbclient" ) . " $envvars->{CONFIGURATION} -L $envvars->{SERVER} -U% -p 139" ) ;
2012-11-23 03:09:43 +04:00
if ( $ ret != 0 ) {
2016-07-12 14:16:27 +03:00
sleep ( 1 ) ;
2012-11-23 03:09:43 +04:00
}
$ count + +
2016-07-12 14:16:27 +03:00
} while ( $ ret != 0 && $ count < 20 ) ;
if ( $ count == 20 ) {
2012-11-23 03:09:43 +04:00
print "SMBD failed to start up in a reasonable time (20sec)\n" ;
teardown_env ( $ self , $ envvars ) ;
return 0 ;
2011-04-07 07:07:23 +04:00
}
}
2012-11-23 03:09:43 +04:00
2010-11-09 00:39:51 +03:00
# Ensure we have domain users mapped.
2018-01-08 16:28:40 +03:00
$ netcmd = "NSS_WRAPPER_PASSWD='$envvars->{NSS_WRAPPER_PASSWD}' " ;
$ netcmd . = "NSS_WRAPPER_GROUP='$envvars->{NSS_WRAPPER_GROUP}' " ;
$ netcmd . = Samba:: bindir_path ( $ self , "net" ) . " $envvars->{CONFIGURATION} " ;
2018-05-07 17:20:30 +03:00
$ cmd = $ netcmd . "groupmap delete ntgroup=domusers" ;
$ ret = system ( $ cmd ) ;
2018-01-08 16:28:40 +03:00
$ cmd = $ netcmd . "groupmap add rid=513 unixgroup=domusers type=domain" ;
$ ret = system ( $ cmd ) ;
2011-04-12 03:05:34 +04:00
if ( $ ret != 0 ) {
2018-01-08 16:28:40 +03:00
print ( "\"$cmd\" failed\n" ) ;
return 1 ;
2011-04-12 03:05:34 +04:00
}
2018-01-08 16:28:40 +03:00
2018-05-07 17:20:30 +03:00
$ cmd = $ netcmd . "groupmap delete ntgroup=domadmins" ;
$ ret = system ( $ cmd ) ;
2018-01-08 16:28:40 +03:00
$ cmd = $ netcmd . "groupmap add rid=512 unixgroup=domadmins type=domain" ;
$ ret = system ( $ cmd ) ;
2015-11-18 00:14:36 +03:00
if ( $ ret != 0 ) {
2018-01-08 16:28:40 +03:00
print ( "\"$cmd\" failed\n" ) ;
return 1 ;
2015-11-18 00:14:36 +03:00
}
2018-01-08 16:28:40 +03:00
2018-05-07 17:20:30 +03:00
$ cmd = $ netcmd . "groupmap delete ntgroup=everyone" ;
$ ret = system ( $ cmd ) ;
2018-01-08 16:28:40 +03:00
$ cmd = $ netcmd . "groupmap add sid=S-1-1-0 unixgroup=everyone type=builtin" ;
$ ret = system ( $ cmd ) ;
2012-11-20 19:48:23 +04:00
if ( $ ret != 0 ) {
2018-01-08 16:28:40 +03:00
print ( "\"$cmd\" failed\n" ) ;
return 1 ;
2012-11-20 19:48:23 +04:00
}
2010-11-09 00:39:51 +03:00
2018-01-08 20:38:08 +03:00
# note: creating builtin groups requires winbindd for the
# unix id allocator
my $ create_builtin_users = "no" ;
2012-11-23 04:35:30 +04:00
if ( $ winbindd eq "yes" ) {
2018-01-08 20:38:08 +03:00
$ cmd = "SELFTEST_WINBINDD_SOCKET_DIR='$envvars->{SELFTEST_WINBINDD_SOCKET_DIR}' " ;
$ cmd . = "NSS_WRAPPER_PASSWD='$envvars->{NSS_WRAPPER_PASSWD}' " ;
$ cmd . = "NSS_WRAPPER_GROUP='$envvars->{NSS_WRAPPER_GROUP}' " ;
$ cmd . = Samba:: bindir_path ( $ self , "wbinfo" ) . " --sid-to-gid=S-1-5-32-545" ;
my $ wbinfo_out = qx( $cmd 2>&1 ) ;
if ( $? != 0 ) {
# wbinfo doesn't give us a better error code then
# WBC_ERR_DOMAIN_NOT_FOUND, but at least that's
# different then WBC_ERR_WINBIND_NOT_AVAILABLE
if ( $ wbinfo_out !~ /WBC_ERR_DOMAIN_NOT_FOUND/ ) {
print ( "Failed to run \"wbinfo --sid-to-gid=S-1-5-32-545\": $wbinfo_out" ) ;
teardown_env ( $ self , $ envvars ) ;
return 0 ;
}
$ create_builtin_users = "yes" ;
}
}
if ( $ create_builtin_users eq "yes" ) {
2018-01-09 12:40:41 +03:00
$ cmd = "SELFTEST_WINBINDD_SOCKET_DIR='$envvars->{SELFTEST_WINBINDD_SOCKET_DIR}' " ;
2018-01-15 05:25:10 +03:00
$ cmd . = "NSS_WRAPPER_PASSWD='$envvars->{NSS_WRAPPER_PASSWD}' " ;
$ cmd . = "NSS_WRAPPER_GROUP='$envvars->{NSS_WRAPPER_GROUP}' " ;
2018-01-09 12:40:41 +03:00
$ cmd . = Samba:: bindir_path ( $ self , "net" ) . " $envvars->{CONFIGURATION} " ;
$ cmd . = "sam createbuiltingroup Users" ;
$ ret = system ( $ cmd ) ;
2012-11-23 04:35:30 +04:00
if ( $ ret != 0 ) {
print "Failed to create BUILTIN\\Users group\n" ;
2018-01-08 20:45:01 +03:00
teardown_env ( $ self , $ envvars ) ;
2012-11-23 04:35:30 +04:00
return 0 ;
}
2018-01-09 12:45:59 +03:00
$ cmd = Samba:: bindir_path ( $ self , "net" ) . " $envvars->{CONFIGURATION} " ;
$ cmd . = "cache del IDMAP/SID2XID/S-1-5-32-545" ;
system ( $ cmd ) ;
2018-01-09 12:46:40 +03:00
$ cmd = "SELFTEST_WINBINDD_SOCKET_DIR='$envvars->{SELFTEST_WINBINDD_SOCKET_DIR}' " ;
2018-01-15 05:25:10 +03:00
$ cmd . = "NSS_WRAPPER_PASSWD='$envvars->{NSS_WRAPPER_PASSWD}' " ;
$ cmd . = "NSS_WRAPPER_GROUP='$envvars->{NSS_WRAPPER_GROUP}' " ;
2018-01-09 12:46:40 +03:00
$ cmd . = Samba:: bindir_path ( $ self , "wbinfo" ) . " --sid-to-gid=S-1-5-32-545" ;
$ ret = system ( $ cmd ) ;
2018-01-08 20:45:01 +03:00
if ( $ ret != 0 ) {
print "Missing \"BUILTIN\\Users\", did net sam createbuiltingroup Users fail?\n" ;
2012-11-23 04:35:30 +04:00
teardown_env ( $ self , $ envvars ) ;
return 0 ;
}
}
2007-04-18 18:02:26 +04:00
print $ self - > getlog_env ( $ envvars ) ;
2011-04-12 03:05:34 +04:00
return 1 ;
2007-03-21 18:57:07 +03:00
}
1 ;