mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
testprogs/blackbox: PY3 bulk change for python scripts use correct python
Change all instance where python scripts are called so that the correct python version as specified by $PYTHON is used Signed-off-by: Noel Power <noel.power@suse.com> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
parent
5b4c664856
commit
0ef6e3da4b
@ -33,7 +33,7 @@ failed=0
|
||||
|
||||
# Create a test user
|
||||
subunit_start_test "Create_User"
|
||||
output=$(${STpath}/source4/scripting/bin/samba-tool user create sambatool1 --random-password \
|
||||
output=$($PYTHON ${STpath}/source4/scripting/bin/samba-tool user create sambatool1 --random-password \
|
||||
-H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD")
|
||||
status=$?
|
||||
if [ "x$status" = "x0" ]; then
|
||||
@ -45,7 +45,7 @@ fi
|
||||
|
||||
# Edit test user
|
||||
subunit_start_test "Edit_User"
|
||||
output=$(${STpath}/source4/scripting/bin/samba-tool user edit sambatool1 --editor=$tmpeditor \
|
||||
output=$($PYTHON ${STpath}/source4/scripting/bin/samba-tool user edit sambatool1 --editor=$tmpeditor \
|
||||
-H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD")
|
||||
status=$?
|
||||
if [ "x$status" = "x0" ]; then
|
||||
@ -57,7 +57,7 @@ fi
|
||||
|
||||
# Delete test user
|
||||
subunit_start_test "Delete_User"
|
||||
output=$(${STpath}/source4/scripting/bin/samba-tool user delete sambatool1 \
|
||||
output=$($PYTHON ${STpath}/source4/scripting/bin/samba-tool user delete sambatool1 \
|
||||
-H "ldap://$SERVER" "-U$USERNAME" "--password=$PASSWORD")
|
||||
status=$?
|
||||
if [ "x$status" = "x0" ]; then
|
||||
|
@ -14,42 +14,42 @@ ARGS=$@
|
||||
. `dirname $0`/subunit.sh
|
||||
|
||||
dbcheck() {
|
||||
$BINDIR/samba-tool dbcheck --cross-ncs $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --cross-ncs $ARGS
|
||||
}
|
||||
|
||||
# This list of attributes can be freely extended
|
||||
dbcheck_fix_one_way_links() {
|
||||
$BINDIR/samba-tool dbcheck --quiet --fix --yes fix_all_string_dn_component_mismatch --attrs="lastKnownParent defaultObjectCategory fromServer rIDSetReferences" --cross-ncs $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --quiet --fix --yes fix_all_string_dn_component_mismatch --attrs="lastKnownParent defaultObjectCategory fromServer rIDSetReferences" --cross-ncs $ARGS
|
||||
}
|
||||
|
||||
# This list of attributes can be freely extended
|
||||
dbcheck_fix_stale_links() {
|
||||
$BINDIR/samba-tool dbcheck --quiet --fix --yes remove_plausible_deleted_DN_links --attrs="member msDS-NC-Replica-Locations msDS-NC-RO-Replica-Locations" --cross-ncs $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --quiet --fix --yes remove_plausible_deleted_DN_links --attrs="member msDS-NC-Replica-Locations msDS-NC-RO-Replica-Locations" --cross-ncs $ARGS
|
||||
}
|
||||
|
||||
# This list of attributes can be freely extended
|
||||
dbcheck_fix_crosspartition_backlinks() {
|
||||
# we may not know the target yet when we receive a cross-partition link,
|
||||
# which can result in a missing backlink
|
||||
$BINDIR/samba-tool dbcheck --quiet --fix --yes fix_all_missing_backlinks --attrs="serverReference" --cross-ncs $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --quiet --fix --yes fix_all_missing_backlinks --attrs="serverReference" --cross-ncs $ARGS
|
||||
}
|
||||
|
||||
# This test shows that this does not do anything to a current
|
||||
# provision (that would be a bug)
|
||||
dbcheck_reset_well_known_acls() {
|
||||
$BINDIR/samba-tool dbcheck --cross-ncs --reset-well-known-acls $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --cross-ncs --reset-well-known-acls $ARGS
|
||||
}
|
||||
|
||||
reindex() {
|
||||
$BINDIR/samba-tool dbcheck --reindex $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --reindex $ARGS
|
||||
}
|
||||
|
||||
fixed_attrs() {
|
||||
$BINDIR/samba-tool dbcheck --attrs=cn $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --attrs=cn $ARGS
|
||||
}
|
||||
|
||||
force_modules() {
|
||||
$BINDIR/samba-tool dbcheck --force-modules $ARGS
|
||||
$PYTHON $BINDIR/samba-tool dbcheck --force-modules $ARGS
|
||||
}
|
||||
|
||||
dbcheck_fix_one_way_links
|
||||
|
@ -45,8 +45,8 @@ test_drs() {
|
||||
shift
|
||||
shift
|
||||
echo "test: $name"
|
||||
echo $VALGRIND $samba4bindir/samba-tool drs $function $SERVER -k yes $@
|
||||
$VALGRIND $samba4bindir/samba-tool drs $function $SERVER -k yes $@
|
||||
echo $VALGRIND $PYTHON $samba4bindir/samba-tool drs $function $SERVER -k yes $@
|
||||
$VALGRIND $PYTHON $samba4bindir/samba-tool drs $function $SERVER -k yes $@
|
||||
status=$?
|
||||
if [ x$status = x0 ]; then
|
||||
echo "success: $name"
|
||||
@ -77,7 +77,7 @@ test_drs bind "Test drs bind with with kerberos ccache" || failed=`expr $failed
|
||||
#check that drs options works before we change the password (prime the ccache)
|
||||
test_drs options "Test drs options with with kerberos ccache" || failed=`expr $failed + 1`
|
||||
|
||||
testit "change dc password" $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "change dc password" $PYTHON $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
#This is important because it shows that the old ticket remains valid (as it must) for incoming connections after the DC password is changed
|
||||
test_smbclient "Test login with kerberos ccache after password change" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
@ -88,7 +88,7 @@ test_drs bind "Test drs bind with new password" || failed=`expr $failed + 1`
|
||||
#check that drs options works after we change the password
|
||||
test_drs options "Test drs options with new password" || failed=`expr $failed + 1`
|
||||
|
||||
testit "change dc password (2nd time)" $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "change dc password (2nd time)" $PYTHON $samba4srcdir/scripting/devel/chgtdcpass -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
# This is important because it shows that the old ticket is discarded if the server rejects it (as it must) after the password was changed twice in succession.
|
||||
# This also ensures we handle the case where the domain is re-provisioned etc
|
||||
|
@ -61,24 +61,24 @@ test_keytab() {
|
||||
USERPASS=testPaSS@01%
|
||||
unc="//$SERVER/tmp"
|
||||
|
||||
testit "create user locally" $VALGRIND $newuser nettestuser $USERPASS $@ || failed=`expr $failed + 1`
|
||||
testit "create user locally" $VALGRIND $PYTHON $newuser nettestuser $USERPASS $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "dump keytab from domain" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain" "$PREFIX/tmpkeytab" "$SERVER\\\$" 5
|
||||
testit "dump keytab from domain (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain (2nd time)" "$PREFIX/tmpkeytab" "$SERVER\\\$" 5
|
||||
|
||||
testit "dump keytab from domain for cifs principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for cifs principal" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain for cifs principal" "$PREFIX/tmpkeytab-server" "cifs/$SERVER_FQDN" 5
|
||||
testit "dump keytab from domain for cifs principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for cifs principal (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain for cifs principal (2nd time)" "$PREFIX/tmpkeytab-server" "cifs/$SERVER_FQDN" 5
|
||||
|
||||
testit "dump keytab from domain for user principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for user principal" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser $@ || failed=`expr $failed + 1`
|
||||
test_keytab "dump keytab from domain for user principal" "$PREFIX/tmpkeytab-2" "nettestuser@$REALM" 5
|
||||
testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser@$REALM $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-2 --principal=nettestuser@$REALM $@ || failed=`expr $failed + 1`
|
||||
test_keytab "dump keytab from domain for user principal (2nd time)" "$PREFIX/tmpkeytab-2" "nettestuser@$REALM" 5
|
||||
|
||||
testit "dump keytab from domain for user principal with SPN as UPN" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-3 --principal=http/testupnspn.$DNSDOMAIN $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for user principal with SPN as UPN" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-3 --principal=http/testupnspn.$DNSDOMAIN $@ || failed=`expr $failed + 1`
|
||||
test_keytab "dump keytab from domain for user principal" "$PREFIX/tmpkeytab-3" "http/testupnspn.$DNSDOMAIN@$REALM" 5
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmpuserccache"
|
||||
@ -104,7 +104,7 @@ testit "kinit with SPN from keytab" $VALGRIND $samba4kinit -k -t $PREFIX/tmpkeyt
|
||||
KRB5CCNAME="$PREFIX/tmpadminccache"
|
||||
export KRB5CCNAME
|
||||
|
||||
testit "del user" $VALGRIND $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "del user" $VALGRIND $PYTHON $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-server $PREFIX/tmpspnupnccache
|
||||
exit $failed
|
||||
|
@ -77,22 +77,22 @@ test_keytab() {
|
||||
TEST_USER=nettestuser
|
||||
TEST_PASSWORD=testPaSS@01%
|
||||
|
||||
testit "create local user $TEST_USER" $VALGRIND $samba_newuser $TEST_USER $TEST_PASSWORD $@ || failed=`expr $failed + 1`
|
||||
testit "create local user $TEST_USER" $VALGRIND $PYTHON $samba_newuser $TEST_USER $TEST_PASSWORD $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "dump keytab from domain" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-all $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-all $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain" "$PREFIX/tmpkeytab-all" "$SERVER\\\$" 5
|
||||
|
||||
testit "dump keytab from domain (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-all $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-all $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain (2nd time)" "$PREFIX/tmpkeytab-all" "$SERVER\\\$" 5
|
||||
|
||||
testit "dump keytab from domain for cifs service principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for cifs service principal" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain for cifs service principal" "$PREFIX/tmpkeytab-server" "cifs/$SERVER_FQDN" 5
|
||||
testit "dump keytab from domain for cifs service principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for cifs service principal (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-server --principal=cifs/$SERVER_FQDN $@ || failed=`expr $failed + 1`
|
||||
test_keytab "read keytab from domain for cifs service principal (2nd time)" "$PREFIX/tmpkeytab-server" "cifs/$SERVER_FQDN" 5
|
||||
|
||||
testit "dump keytab from domain for user principal" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-user-princ --principal=$TEST_USER $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for user principal" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-user-princ --principal=$TEST_USER $@ || failed=`expr $failed + 1`
|
||||
test_keytab "dump keytab from domain for user principal" "$PREFIX/tmpkeytab-user-princ" "$TEST_USER@$REALM" 5
|
||||
testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $samba_tool domain exportkeytab $PREFIX/tmpkeytab-user-princ --principal=$TEST_USER@$REALM $@ || failed=`expr $failed + 1`
|
||||
testit "dump keytab from domain for user principal (2nd time)" $VALGRIND $PYTHON $samba_tool domain exportkeytab $PREFIX/tmpkeytab-user-princ --principal=$TEST_USER@$REALM $@ || failed=`expr $failed + 1`
|
||||
test_keytab "dump keytab from domain for user principal (2nd time)" "$PREFIX/tmpkeytab-user-princ" "$TEST_USER@$REALM" 5
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmpuserccache"
|
||||
@ -117,7 +117,7 @@ echo "$samba_kinit -k -t $PREFIX/tmpkeytab-server cifs/$SERVER_FQDN"
|
||||
testit "kinit with SPN from keytab" $VALGRIND $samba_kinit -k -t $PREFIX/tmpkeytab-server cifs/$SERVER_FQDN || failed=`expr $failed + 1`
|
||||
|
||||
# cleanup
|
||||
testit "delete user $TEST_USER" $VALGRIND $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "delete user $TEST_USER" $VALGRIND $PYTHON $samba_tool user delete nettestuser -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
$samba_kdestroy
|
||||
rm -f $PREFIX/tmpadminccache $PREFIX/tmpuserccache $PREFIX/tmpkeytab $PREFIX/tmpkeytab-2 $PREFIX/tmpkeytab-server
|
||||
|
@ -63,7 +63,7 @@ ADMIN_KRB5CCNAME="FILE:$KRB5CCNAME_PATH"
|
||||
export KRB5CCNAME
|
||||
rm -rf $KRB5CCNAME_PATH
|
||||
|
||||
testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $PYTHON $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
echo $PASSWORD > $PREFIX/tmppassfile
|
||||
testit "kinit with password" $samba4kinit $enctype --password-file=$PREFIX/tmppassfile --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
|
||||
@ -79,11 +79,11 @@ testit "kinit renew ticket" $samba4kinit $enctype --request-pac -R
|
||||
|
||||
test_smbclient "Test login with kerberos ccache" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "check time with kerberos ccache" $VALGRIND $samba_tool time $SERVER $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "check time with kerberos ccache" $VALGRIND $PYTHON $samba_tool time $SERVER $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
USERPASS=testPass@12%
|
||||
echo $USERPASS > $PREFIX/tmpuserpassfile
|
||||
testit "add user with kerberos ccache" $VALGRIND $samba_tool user create nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "add user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user create nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
echo "Getting defaultNamingContext"
|
||||
BASEDN=`$ldbsearch $options --basedn='' -H ldap://$SERVER -s base DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}'`
|
||||
@ -99,9 +99,9 @@ EOF
|
||||
|
||||
testit "modify servicePrincipalName and userPrincpalName" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "set user password with kerberos ccache" $VALGRIND $samba_tool user setpassword nettestuser --newpassword=$USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "set user password with kerberos ccache" $VALGRIND $PYTHON $samba_tool user setpassword nettestuser --newpassword=$USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "enable user with kerberos cache" $VALGRIND $enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "enable user with kerberos cache" $VALGRIND $PYTHON $enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME_PATH="$PREFIX/tmpuserccache"
|
||||
KRB5CCNAME="FILE:$KRB5CCNAME_PATH"
|
||||
@ -113,7 +113,7 @@ testit "kinit with user password" $samba4kinit $enctype --password-file=$PREFIX/
|
||||
test_smbclient "Test login with user kerberos ccache" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
NEWUSERPASS=testPaSS@34%
|
||||
testit "change user password with 'samba-tool user password' (rpc)" $VALGRIND $samba_tool user password -W$DOMAIN -Unettestuser%$USERPASS $CONFIGURATION -k no --newpassword=$NEWUSERPASS $@ || failed=`expr $failed + 1`
|
||||
testit "change user password with 'samba-tool user password' (rpc)" $VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -Unettestuser%$USERPASS $CONFIGURATION -k no --newpassword=$NEWUSERPASS $@ || failed=`expr $failed + 1`
|
||||
|
||||
echo $NEWUSERPASS > $PREFIX/tmpuserpassfile
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
@ -247,13 +247,13 @@ lowerrealm=$(echo $REALM | tr '[A-Z]' '[a-z]')
|
||||
test_smbclient "Test login with user kerberos lowercase realm" 'ls' "$unc" -k yes -Unettestuser@$lowerrealm%$NEWUSERPASS || failed=`expr $failed + 1`
|
||||
test_smbclient "Test login with user kerberos lowercase realm 2" 'ls' "$unc" -k yes -Unettestuser@$REALM%$NEWUSERPASS --realm=$lowerrealm || failed=`expr $failed + 1`
|
||||
|
||||
testit "del user with kerberos ccache" $VALGRIND $samba_tool user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "del user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
testit "kinit with machineaccountccache script" $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1`
|
||||
testit "kinit with machineaccountccache script" $PYTHON $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1`
|
||||
test_smbclient "Test machine account login with kerberos ccache" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "reset password policies" $VALGRIND $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
testit "reset password policies" $VALGRIND $PYTHON $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $PREFIX/tmpccache tmpccfile tmppassfile tmpuserpassfile tmpuserccache tmpkpasswdscript
|
||||
exit $failed
|
||||
|
@ -68,7 +68,7 @@ ADMIN_KRB5CCNAME="FILE:$KRB5CCNAME_PATH"
|
||||
export KRB5CCNAME
|
||||
rm -rf $KRB5CCNAME_PATH
|
||||
|
||||
testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $PYTHON $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
cat > $PREFIX/tmpkinitscript <<EOF
|
||||
expect Password for
|
||||
@ -105,11 +105,11 @@ $samba_kdestroy
|
||||
###########################################################
|
||||
|
||||
testit "kinit with password" $samba_texpect $PREFIX/tmpkinitscript $samba_kinit $USERNAME@$REALM || failed=`expr $failed + 1`
|
||||
testit "check time with kerberos ccache" $VALGRIND $samba_tool time $SERVER $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "check time with kerberos ccache" $VALGRIND $PYTHON $samba_tool time $SERVER $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
USERPASS="testPass@12%"
|
||||
|
||||
testit "add user with kerberos ccache" $VALGRIND $samba_tool user create nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "add user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user create nettestuser $USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
echo "Getting defaultNamingContext"
|
||||
BASEDN=`$ldbsearch $options --basedn='' -H ldap://$SERVER -s base DUMMY=x defaultNamingContext | grep defaultNamingContext | awk '{print $2}'`
|
||||
@ -125,9 +125,9 @@ EOF
|
||||
|
||||
testit "modify servicePrincipalName and userPrincpalName" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "set user password with kerberos ccache" $VALGRIND $samba_tool user setpassword nettestuser --newpassword=$USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "set user password with kerberos ccache" $VALGRIND $PYTHON $samba_tool user setpassword nettestuser --newpassword=$USERPASS $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
testit "enable user with kerberos cache" $VALGRIND $samba_enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "enable user with kerberos cache" $VALGRIND $PYTHON $samba_enableaccount nettestuser -H ldap://$SERVER -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
###########################################################
|
||||
### Test kinit with user credentials
|
||||
@ -150,7 +150,7 @@ test_smbclient "Test login with user kerberos ccache" 'ls' -k yes || failed=`exp
|
||||
### Change password
|
||||
|
||||
NEWUSERPASS="testPaSS@34%"
|
||||
testit "change user password with 'samba-tool user password' (rpc)" $VALGRIND $samba_tool user password -W$DOMAIN -Unettestuser%$USERPASS $CONFIGURATION -k no --newpassword=$NEWUSERPASS $@ || failed=`expr $failed + 1`
|
||||
testit "change user password with 'samba-tool user password' (rpc)" $VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -Unettestuser%$USERPASS $CONFIGURATION -k no --newpassword=$NEWUSERPASS $@ || failed=`expr $failed + 1`
|
||||
|
||||
cat > $PREFIX/tmpkinituserpassscript <<EOF
|
||||
expect Password for
|
||||
@ -287,17 +287,17 @@ lowerrealm=$(echo $REALM | tr '[A-Z]' '[a-z]')
|
||||
test_smbclient "Test login with user kerberos lowercase realm" 'ls' -k yes -Unettestuser@$lowerrealm%$NEWUSERPASS || failed=`expr $failed + 1`
|
||||
test_smbclient "Test login with user kerberos lowercase realm 2" 'ls' -k yes -Unettestuser@$REALM%$NEWUSERPASS --realm=$lowerrealm || failed=`expr $failed + 1`
|
||||
|
||||
testit "del user with kerberos ccache" $VALGRIND $samba_tool user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "del user with kerberos ccache" $VALGRIND $PYTHON $samba_tool user delete nettestuser $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
###########################################################
|
||||
### Test login with machine account
|
||||
###########################################################
|
||||
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
testit "kinit with machineaccountccache script" $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1`
|
||||
testit "kinit with machineaccountccache script" $PYTHON $machineaccountccache $CONFIGURATION $KRB5CCNAME || failed=`expr $failed + 1`
|
||||
test_smbclient "Test machine account login with kerberos ccache" 'ls' -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "reset password policies" $VALGRIND $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
testit "reset password policies" $VALGRIND $PYTHON $samba_tool domain passwordsettings set $ADMIN_LDBMODIFY_CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
### Cleanup
|
||||
|
||||
|
@ -76,7 +76,7 @@ testit "kinit renew ticket" $samba4kinit $enctype --request-pac -R
|
||||
|
||||
test_smbclient "Test login with kerberos ccache" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "check time with kerberos ccache" $VALGRIND $samba_tool time $SERVER.$REALM $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
testit "check time with kerberos ccache" $VALGRIND $PYTHON $samba_tool time $SERVER.$REALM $CONFIGURATION -k yes $@ || failed=`expr $failed + 1`
|
||||
|
||||
lowerrealm=$(echo $TRUST_REALM | tr '[A-Z]' '[a-z]')
|
||||
test_smbclient "Test login with user kerberos lowercase realm" 'ls' "$unc" -k yes -U$TRUST_USERNAME@$lowerrealm%$TRUST_PASSWORD || failed=`expr $failed + 1`
|
||||
@ -86,7 +86,7 @@ test_smbclient "Test login with user kerberos lowercase realm 2" 'ls' "$unc" -k
|
||||
SMBCLIENT_UNC="//$TRUST_SERVER.$TRUST_REALM/tmp"
|
||||
test_smbclient "Test user login with the first outgoing secret" 'ls' "$unc" -k yes -U$USERNAME@$REALM%$PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "setpassword should not work" $VALGRIND $samba_tool user setpassword "${TRUST_DOMAIN}\$" --random-password || failed=`expr $failed + 1`
|
||||
testit_expect_failure "setpassword should not work" $VALGRIND $PYTHON $samba_tool user setpassword "${TRUST_DOMAIN}\$" --random-password || failed=`expr $failed + 1`
|
||||
|
||||
testit "wbinfo ping dc" $VALGRIND $wbinfo --ping-dc --domain=$TRUST_DOMAIN || failed=`expr $failed + 1`
|
||||
testit "wbinfo change outgoing trust pw" $VALGRIND $wbinfo --change-secret --domain=$TRUST_DOMAIN || failed=`expr $failed + 1`
|
||||
|
@ -53,7 +53,7 @@ CONFIG="--configfile=$PREFIX/etc/smb.conf"
|
||||
export CONFIG
|
||||
|
||||
testit "reset password policies beside of minimum password age of 0 days" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
TEST_USERNAME="$(mktemp -u alice-XXXXXX)"
|
||||
TEST_PRINCIPAL="$TEST_USERNAME@$REALM"
|
||||
@ -63,7 +63,7 @@ TEST_PASSWORD_SHORT="secret"
|
||||
TEST_PASSWORD_WEAK="Supersecret"
|
||||
|
||||
testit "create user locally" \
|
||||
$VALGRIND $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmpuserccache"
|
||||
export KRB5CCNAME
|
||||
@ -75,7 +75,7 @@ test_smbclient "Test login with user kerberos ccache" \
|
||||
"ls" "$SMB_UNC" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "change user password with 'samba-tool user password' (unforced)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD_OLD=$TEST_PASSWORD
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
@ -147,7 +147,7 @@ TEST_PASSWORD_NEW="testPaSS@03%"
|
||||
###########################################################
|
||||
|
||||
testit "set password on user locally" \
|
||||
$VALGRIND $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
TEST_PASSWORD_NEW="testPaSS@04%"
|
||||
@ -208,10 +208,10 @@ test_smbclient "Test login with smbclient (ntlm)" \
|
||||
###########################################################
|
||||
|
||||
testit "reset password policies" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
testit "delete user" \
|
||||
$VALGRIND $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $PREFIX/tmpuserccache $PREFIX/tmpkpasswdscript $PREFIX/tmpkinitscript
|
||||
exit $failed
|
||||
|
@ -52,7 +52,7 @@ CONFIG="--configfile=$PREFIX/etc/smb.conf"
|
||||
export CONFIG
|
||||
|
||||
testit "reset password policies beside of minimum password age of 0 days" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
TEST_USERNAME="samson"
|
||||
TEST_PASSWORD="testPaSS@00%"
|
||||
@ -62,7 +62,7 @@ TEST_PASSWORD_WEAK="Supersecret"
|
||||
TEST_PRINCIPAL="$TEST_USERNAME@$REALM"
|
||||
|
||||
testit "create user locally" \
|
||||
$VALGRIND $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmpuserccache"
|
||||
export KRB5CCNAME
|
||||
@ -74,7 +74,7 @@ test_smbclient "Test login with user kerberos ccache" \
|
||||
"ls" "$SMB_UNC" -k yes || failed=`expr $failed + 1`
|
||||
|
||||
testit "change user password with 'samba-tool user password' (unforced)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD_OLD=$TEST_PASSWORD
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
@ -164,7 +164,7 @@ test_smbclient "Test login with user kerberos" 'ls' "$SMB_UNC" -k yes -U$TEST_PR
|
||||
###########################################################
|
||||
|
||||
testit "set password on user locally" \
|
||||
$VALGRIND $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
TEST_PASSWORD_NEW="testPaSS@04%"
|
||||
@ -219,10 +219,10 @@ test_smbclient "Test login with smbclient (ntlm)" \
|
||||
###########################################################
|
||||
|
||||
testit "reset password policies" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
testit "delete user" \
|
||||
$VALGRIND $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $PREFIX/tmpuserccache $PREFIX/tmpkpasswdscript $PREFIX/tmpkinitscript
|
||||
exit $failed
|
||||
|
@ -25,7 +25,7 @@ CONFIG="--configfile=$PREFIX/etc/smb.conf"
|
||||
|
||||
TESTUSER="ktpassUser"
|
||||
|
||||
testit "user create" $samba_tool user create $CONFIG $TESTUSER testp@ssw0Rd || failed=`expr $failed + 1`
|
||||
testit "user create" $PYTHON $samba_tool user create $CONFIG $TESTUSER testp@ssw0Rd || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmpccache"
|
||||
export KRB5CCNAME
|
||||
|
@ -59,7 +59,7 @@ CONFIG="--configfile=$PREFIX/etc/smb.conf"
|
||||
export CONFIG
|
||||
|
||||
testit "reset password policies beside of minimum password age of 0 days" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
TEST_USERNAME="$(mktemp -u alice-XXXXXX)"
|
||||
TEST_PASSWORD="testPaSS@00%"
|
||||
@ -70,7 +70,7 @@ TEST_PASSWORD_WEAK="Supersecret"
|
||||
TEST_PRINCIPAL="$TEST_USERNAME@$REALM"
|
||||
|
||||
testit "create user locally" \
|
||||
$VALGRIND $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $newuser $CONFIG $TEST_USERNAME $TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
###########################################################
|
||||
### Test normal operation as user
|
||||
@ -95,7 +95,7 @@ rm -f $KRB5CCNAME_PATH
|
||||
###########################################################
|
||||
|
||||
testit "change user password with 'samba-tool user password' (unforced)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD_OLD=$TEST_PASSWORD
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
@ -112,7 +112,7 @@ test_smbclient "Test login with user kerberos ccache" \
|
||||
###########################################################
|
||||
|
||||
testit "change user (non-ascii) password with 'samba-tool user password' (unforced)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NON_ASCII || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NON_ASCII || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD_OLD=$TEST_PASSWORD_NEW
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NON_ASCII
|
||||
@ -155,7 +155,7 @@ TEST_PASSWORD_NEW="testPaSS@03%"
|
||||
test_smbclient "Test login with user (ntlm)" \
|
||||
"ls" "$SMB_UNC" -k no -U$TEST_PRINCIPAL%$TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
testit "set password on user locally" $VALGRIND $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
testit "set password on user locally" $VALGRIND $PYTHON $samba_tool user setpassword $TEST_USERNAME $CONFIG --newpassword=$TEST_PASSWORD_NEW --must-change-at-next-login || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
TEST_PASSWORD_NEW="testPaSS@04%"
|
||||
@ -164,7 +164,7 @@ test_smbclient_expect_failure "Test login with user (NT_STATUS_PASSWORD_MUST_CHA
|
||||
"ls" "$SMB_UNC" -k no -U$TEST_PRINCIPAL%$TEST_PASSWORD && failed=`expr $failed + 1`
|
||||
|
||||
testit "change user password with 'samba-tool user password' (after must change flag set)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN -U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN -U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD -k no --newpassword=$TEST_PASSWORD_NEW || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_NEW
|
||||
TEST_PASSWORD_NEW="testPaSS@05%"
|
||||
@ -194,13 +194,13 @@ test_smbclient "Test login with user kerberos" \
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
|
||||
testit_expect_failure "try to set a non-complex password (command should not succeed)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_WEAK" && failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_WEAK" && failed=`expr $failed + 1`
|
||||
|
||||
testit "allow non-complex passwords" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=off || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=off || failed=`expr $failed + 1`
|
||||
|
||||
testit "try to set a non-complex password (command should succeed)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_WEAK" || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_WEAK" || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_WEAK
|
||||
|
||||
@ -208,31 +208,31 @@ test_smbclient "test login with non-complex password" \
|
||||
"ls" "$SMB_UNC" -k no -U$TEST_PRINCIPAL%$TEST_PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "try to set a short password (command should not succeed)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_SHORT" && failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_SHORT" && failed=`expr $failed + 1`
|
||||
|
||||
testit "allow short passwords (length 1)" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --min-pwd-length=1 || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --min-pwd-length=1 || failed=`expr $failed + 1`
|
||||
|
||||
testit "try to set a short password (command should succeed)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_SHORT" || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_SHORT" || failed=`expr $failed + 1`
|
||||
|
||||
TEST_PASSWORD=$TEST_PASSWORD_SHORT
|
||||
TEST_PASSWORD_NEW="testPaSS@07%"
|
||||
|
||||
testit "require minimum password age of 1 day" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --min-pwd-age=1 || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --min-pwd-age=1 || failed=`expr $failed + 1`
|
||||
|
||||
testit "show password settings" \
|
||||
$VALGRIND $samba_tool domain passwordsettings show $CONFIG || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings show $CONFIG || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "try to change password too quickly (command should not succeed)" \
|
||||
$VALGRIND $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_NEW" && failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user password -W$DOMAIN "-U$DOMAIN/$TEST_USERNAME%$TEST_PASSWORD" -k no --newpassword="$TEST_PASSWORD_NEW" && failed=`expr $failed + 1`
|
||||
|
||||
testit "reset password policies" \
|
||||
$VALGRIND $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool domain passwordsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
|
||||
|
||||
testit "delete user $TEST_USERNAME" \
|
||||
$VALGRIND $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
$VALGRIND $PYTHON $samba_tool user delete $TEST_USERNAME -U"$USERNAME%$PASSWORD" $CONFIG -k no || failed=`expr $failed + 1`
|
||||
|
||||
rm -f $PREFIX/tmpuserpassfile $PREFIX/tmpsmbpasswdscript
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
|
@ -65,7 +65,7 @@ PKUSER="--pk-user=FILE:$PREFIX/pkinit/USER-${USER_PRINCIPAL_NAME}-cert.pem,$PREF
|
||||
# STEP1:
|
||||
# Now we set the UF_SMARTCARD_REQUIRED bit
|
||||
# This means we have a normal enabled account *without* a known password
|
||||
testit "STEP1 samba-tool user create $USERNAME --smartcard-required" ${samba_tool} user create $USERNAME --smartcard-required || failed=`expr $failed + 1`
|
||||
testit "STEP1 samba-tool user create $USERNAME --smartcard-required" $PYTHON ${samba_tool} user create $USERNAME --smartcard-required || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "STEP1 kinit with password" $samba4kinit $enctype --password-file=$PASSFILE_PATH --request-pac $USERNAME@$REALM && failed=`expr $failed + 1`
|
||||
testit_expect_failure "STEP1 Test login with NTLM" $smbclient "$unc" -c 'ls' -k no -U$USERNAME%$PASSWORD && failed=`expr $failed + 1`
|
||||
@ -85,7 +85,7 @@ test_smbclient "STEP1 Test login with kerberos ccache (enterprise name in cert)"
|
||||
|
||||
# STEP2:
|
||||
# We still have UF_SMARTCARD_REQUIRED, but with a known password
|
||||
testit "STEP2 samba-tool user setpassword $USERNAME --newpassword" ${samba_tool} user setpassword $USERNAME --newpassword=$PASSWORD || failed=`expr $failed + 1`
|
||||
testit "STEP2 samba-tool user setpassword $USERNAME --newpassword" $PYTHON ${samba_tool} user setpassword $USERNAME --newpassword=$PASSWORD || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "STEP2 kinit with password" $samba4kinit $enctype --password-file=$PASSFILE_PATH --request-pac $USERNAME@$REALM && failed=`expr $failed + 1`
|
||||
test_smbclient "STEP2 Test login with NTLM" 'ls' "$unc" -k no -U$USERNAME%$PASSWORD || failed=`expr $failed + 1`
|
||||
@ -105,7 +105,7 @@ test_smbclient "STEP2 Test login with kerberos ccache (enterprise name in cert)"
|
||||
|
||||
# STEP3:
|
||||
# The account is a normal account without the UF_SMARTCARD_REQUIRED bit set
|
||||
testit "STEP3 samba-tool user setpassword $USERNAME --smartcard-required" ${samba_tool} user setpassword $USERNAME --newpassword=$PASSWORD --clear-smartcard-required || failed=`expr $failed + 1`
|
||||
testit "STEP3 samba-tool user setpassword $USERNAME --smartcard-required" $PYTHON ${samba_tool} user setpassword $USERNAME --newpassword=$PASSWORD --clear-smartcard-required || failed=`expr $failed + 1`
|
||||
|
||||
testit "STEP3 kinit with password" $samba4kinit $enctype --password-file=$PASSFILE_PATH --request-pac $USERNAME@$REALM || failed=`expr $failed + 1`
|
||||
test_smbclient "STEP3 Test login with user kerberos ccache" 'ls' "$unc" -k yes || failed=`expr $failed + 1`
|
||||
@ -127,7 +127,7 @@ test_smbclient "STEP3 Test login with kerberos ccache (enterprise name in cert)"
|
||||
# STEP4:
|
||||
# Now we set the UF_SMARTCARD_REQUIRED bit
|
||||
# This means we have a normal enabled account *without* a known password
|
||||
testit "STEP4 samba-tool user setpassword $USERNAME --smartcard-required" ${samba_tool} user setpassword $USERNAME --smartcard-required || failed=`expr $failed + 1`
|
||||
testit "STEP4 samba-tool user setpassword $USERNAME --smartcard-required" $PYTHON ${samba_tool} user setpassword $USERNAME --smartcard-required || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "STEP4 kinit with password" $samba4kinit $enctype --password-file=$PASSFILE_PATH --request-pac $USERNAME@$REALM && failed=`expr $failed + 1`
|
||||
testit_expect_failure "STEP4 Test login with NTLM" $smbclient "$unc" -c 'ls' -k no -U$USERNAME%$PASSWORD && failed=`expr $failed + 1`
|
||||
@ -147,7 +147,7 @@ test_smbclient "STEP4 Test login with kerberos ccache (enterprise name in cert)"
|
||||
|
||||
# STEP5:
|
||||
# disable the account
|
||||
testit "STEP5 samba-tool user disable $USERNAME" ${samba_tool} user disable $USERNAME || failed=`expr $failed + 1`
|
||||
testit "STEP5 samba-tool user disable $USERNAME" $PYTHON ${samba_tool} user disable $USERNAME || failed=`expr $failed + 1`
|
||||
|
||||
testit_expect_failure "STEP5 kinit with password" $samba4kinit $enctype --password-file=$PASSFILE_PATH --request-pac $USERNAME@$REALM && failed=`expr $failed + 1`
|
||||
testit_expect_failure "STEP5 Test login with NTLM" $smbclient "$unc" -c 'ls' -k no -U$USERNAME%$PASSWORD && failed=`expr $failed + 1`
|
||||
@ -159,7 +159,7 @@ testit_expect_failure "STEP5 kinit with pkinit (enterprise name in cert)" $samba
|
||||
|
||||
# STEP6:
|
||||
# cleanup
|
||||
testit "STEP6 samba-tool user delete $USERNAME " ${samba_tool} user delete $USERNAME || failed=`expr $failed + 2`
|
||||
testit "STEP6 samba-tool user delete $USERNAME " $PYTHON ${samba_tool} user delete $USERNAME || failed=`expr $failed + 2`
|
||||
|
||||
rm -f $PASSFILE_PATH
|
||||
rm -f $KRB5CCNAME_PATH
|
||||
|
@ -27,15 +27,15 @@ fi
|
||||
|
||||
. `dirname $0`/subunit.sh
|
||||
|
||||
testit "run samba_upgradedns converting to bind9 DLZ" $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "run samba_upgradedns converting to bind9 DLZ" $PYTHON $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
testit "run samba_upgradedns converting to internal" $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=SAMBA_INTERNAL -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "run samba_upgradedns converting to internal" $PYTHON $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=SAMBA_INTERNAL -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
testit "run samba_upgradedns converting to internal (2nd time)" $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=SAMBA_INTERNAL -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "run samba_upgradedns converting to internal (2nd time)" $PYTHON $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=SAMBA_INTERNAL -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
testit "run samba_upgradedns converting to bind9 DLZ (2nd time)" $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "run samba_upgradedns converting to bind9 DLZ (2nd time)" $PYTHON $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
testit "run samba_upgradedns converting to bind9 DLZ (3rd time)" $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
testit "run samba_upgradedns converting to bind9 DLZ (3rd time)" $PYTHON $samba4srcdir/scripting/bin/samba_upgradedns --dns-backend=BIND9_DLZ -s $PROVDIR/etc/smb.conf || failed=`expr $failed + 1`
|
||||
|
||||
|
||||
exit $failed
|
||||
|
@ -30,7 +30,7 @@ KEYTAB="$PREFIX/tmptda.keytab"
|
||||
KRB5_TRACE=/dev/stderr
|
||||
export KRB5_TRACE
|
||||
|
||||
testit "retrieve keytab for TDA of $REMOTE_REALM" $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
|
||||
testit "retrieve keytab for TDA of $REMOTE_REALM" $PYTHON $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
|
||||
|
||||
KRB5CCNAME="$PREFIX/tmptda.ccache"
|
||||
export KRB5CCNAME
|
||||
@ -49,7 +49,7 @@ EXPECTED_SALT="${OUR_REALM}krbtgt${REMOTE_FLAT}"
|
||||
# "^virtualKerberosSalt: ${EXPECTED_SALT}\\\$\$"
|
||||
#
|
||||
EXPECTED_GREP="^virtualKerberosSalt: ${EXPECTED_SALT}\$"
|
||||
testit_grep "get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $samba_tool user getpassword "$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed=`expr $failed + 1`
|
||||
testit_grep "get virtualKerberosSalt for TDA of $REMOTE_FLAT\$" "$EXPECTED_GREP" $PYTHON $samba_tool user getpassword "$REMOTE_FLAT\$" $CONFIGURATION --attributes=virtualKerberosSalt || failed=`expr $failed + 1`
|
||||
|
||||
testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1`
|
||||
|
||||
|
@ -35,23 +35,23 @@ CREDS="${DOMAIN}\\${USERNAME}%${PASSWORD}"
|
||||
TRUST_CREDS="${TRUST_DOMAIN}\\${TRUST_USERNAME}%${TRUST_PASSWORD}"
|
||||
TRUST_SERVER_CREDS_ARGS="--local-dc-ipaddress ${TRUST_SERVER} --local-dc-username ${TRUST_CREDS}"
|
||||
|
||||
list="$VALGRIND $samba_tool domain trust list"
|
||||
list="$VALGRIND $PYTHON $samba_tool domain trust list"
|
||||
testit "list domains default" $list || failed=`expr $failed + 1`
|
||||
testit "list domains reverse" $list ${TRUST_SERVER_CREDS_ARGS} || failed=`expr $failed + 1`
|
||||
|
||||
show="$VALGRIND $samba_tool domain trust show"
|
||||
show="$VALGRIND $PYTHON $samba_tool domain trust show"
|
||||
testit "show domains default realm" $show ${TRUST_REALM} || failed=`expr $failed + 1`
|
||||
testit "show domains reverse realm" $show ${REALM} ${TRUST_SERVER_CREDS_ARGS} || failed=`expr $failed + 1`
|
||||
testit "show domains default netbios" $show ${TRUST_DOMAIN} || failed=`expr $failed + 1`
|
||||
testit "show domains reverse netbios" $show ${DOMAIN} ${TRUST_SERVER_CREDS_ARGS} || failed=`expr $failed + 1`
|
||||
|
||||
validate="$VALGRIND $samba_tool domain trust validate"
|
||||
validate="$VALGRIND $PYTHON $samba_tool domain trust validate"
|
||||
testit "validate trust default both" $validate ${TRUST_REALM} -U${TRUST_CREDS}|| failed=`expr $failed + 1`
|
||||
testit "validate trust default local" $validate ${TRUST_REALM} --validate-location=local || failed=`expr $failed + 1`
|
||||
testit "validate trust reverse both" $validate ${REALM} ${TRUST_SERVER_CREDS_ARGS} -U${CREDS} || failed=`expr $failed + 1`
|
||||
testit "validate trust reverse local" $validate ${REALM} ${TRUST_SERVER_CREDS_ARGS} --validate-location=local || failed=`expr $failed + 1`
|
||||
|
||||
namespaces="$VALGRIND $samba_tool domain trust namespaces"
|
||||
namespaces="$VALGRIND $PYTHON $samba_tool domain trust namespaces"
|
||||
testit "namespaces own default" $namespaces || failed=`expr $failed + 1`
|
||||
testit "namespaces own reverse" $namespaces ${TRUST_SERVER_CREDS_ARGS} || failed=`expr $failed + 1`
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user