sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-07-30 19:42:05 +03:00
Code Activity

selftest: add dbcheck tests for duplicate links

Browse Source 
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13095

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Stefan Metzmacher
2017-10-26 14:42:23 +02:00
parent 239fbeb163
commit 70bf809e0c
3 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
source4/selftest/provisions/release-4-5-0-pre1/expected-dbcheck-link-output_duplicate_member.txt Normal file
View File

@ -0,0 +1,8 @@
Checking 225 objects
WARNING: Link (back) mismatch for 'memberOf' (1) on 'CN=Administrator,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp' to 'member' (2) on 'CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
ERROR: Duplicate link values for attribute 'member' in 'CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
Duplicate link '<GUID=f4616422-30ec-473b-9d6f-a9a2d7bd1e6a>;<RMD_ADDTIME=131116484540000000>;<RMD_CHANGETIME=131116484540000000>;<RMD_FLAGS=0>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=0>;<RMD_ORIGINATING_USN=3552>;<RMD_VERSION=0>;<SID=S-1-5-21-4177067393-1453636373-93818738-500>;CN=Administrator,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
Correct link '<GUID=f4616422-30ec-473b-9d6f-a9a2d7bd1e6a>;<RMD_ADDTIME=131116484540000000>;<RMD_CHANGETIME=131116484540000000>;<RMD_FLAGS=0>;<RMD_INVOCID=4e4496a3-7fb8-4f97-8a33-d238db8b5e2d>;<RMD_LOCAL_USN=3552>;<RMD_ORIGINATING_USN=3552>;<RMD_VERSION=0>;<SID=S-1-5-21-4177067393-1453636373-93818738-500>;CN=Administrator,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp'
Remove duplicate links in attribute 'member' [YES]
Fixed duplicate links in attribute 'member'
Checked 225 objects (1 errors)

28
source4/selftest/provisions/release-4-5-0-pre1/expected-duplicates-after-link-dbcheck.ldif Normal file
View File

@ -0,0 +1,28 @@
# record 1
dn: CN=Administrator,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Administrators,CN=Builtin,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Group Policy Creator Owners,CN=Users,DC=release-4-5-0-pre1,DC=sam
ba,DC=corp
memberOf: CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Schema Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Domain Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
# record 2
dn: CN=Enterprise Admins,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
member: CN=Administrator,CN=Users,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Administrators,CN=Builtin,DC=release-4-5-0-pre1,DC=samba,DC=corp
memberOf: CN=Denied RODC Password Replication Group,CN=Users,DC=release-4-5-0-
pre1,DC=samba,DC=corp
# Referral
ref: ldap:///CN=Configuration,DC=release-4-5-0-pre1,DC=samba,DC=corp
# Referral
ref: ldap:///DC=DomainDnsZones,DC=release-4-5-0-pre1,DC=samba,DC=corp
# Referral
ref: ldap:///DC=ForestDnsZones,DC=release-4-5-0-pre1,DC=samba,DC=corp
# returned 5 records
# 2 entries
# 3 referrals

39
testprogs/blackbox/dbcheck-links.sh
View File

@ -96,6 +96,41 @@ check_expected_after_objects() {
fi
}
duplicate_member() {
# We use an exisiting group so we have a stable GUID in the
# dbcheck output
LDIF1=$(TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb -b 'CN=Enterprise Admins,CN=users,DC=release-4-5-0-pre1,DC=samba,DC=corp' -s base --reveal --extended-dn member)
DN=$(echo "${LDIF1}" | grep '^dn: ')
MSG=$(echo "${LDIF1}" | grep -v '^dn: ' | grep -v '^#' | grep -v '^$')
ldif=$PREFIX_ABS/${RELEASE}/duplicate-member-multi.ldif
{
echo "${DN}"
echo "changetype: modify"
echo "replace: member"
echo "${MSG}"
echo "${MSG}" | sed -e 's!RMD_LOCAL_USN=[1-9][0-9]*!RMD_LOCAL_USN=0!'
} > $ldif
TZ=UTC $ldbmodify -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb.d/DC%3DRELEASE-4-5-0-PRE1,DC%3DSAMBA,DC%3DCORP.ldb $ldif
if [ "$?" != "0" ]; then
return 1
fi
}
dbcheck_duplicate_member() {
dbcheck "_duplicate_member" "1" ""
return $?
}
check_expected_after_duplicate_links() {
tmpldif=$PREFIX_ABS/$RELEASE/expected-duplicates-after-link-dbcheck.ldif.tmp
TZ=UTC $ldbsearch -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb '(|(cn=administrator)(cn=enterprise admins))' -s sub -b DC=release-4-5-0-pre1,DC=samba,DC=corp --show-deleted --sorted memberOf member > $tmpldif
diff $tmpldif $release_dir/expected-duplicates-after-link-dbcheck.ldif
if [ "$?" != "0" ]; then
return 1
fi
}
dbcheck_dangling_multi_valued() {
$PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --fix --yes
@ -158,6 +193,10 @@ if [ -d $release_dir ]; then
testit "check_expected_after_deleted_links" check_expected_after_deleted_links
testit "check_expected_after_links" check_expected_after_links
testit "check_expected_after_objects" check_expected_after_objects
testit "duplicate_member" duplicate_member
testit "dbcheck_duplicate_member" dbcheck_duplicate_member
testit "check_expected_after_duplicate_links" check_expected_after_duplicate_links
testit "duplicate_clean" dbcheck_clean
testit "dangling_one_way_link" dangling_one_way_link
testit "dbcheck_one_way" dbcheck_one_way
testit "dbcheck_clean2" dbcheck_clean