1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00

selftest: offline backup restore target

This is a selftest target built from a restored offline backup.
Other backup routines are modified to remove the assumption that every backup
requires server and credentials arguments, since offline backup doesn't
want them.  Also, prepare_dc_testenv now returns the generated ctx so we can
run or re-run routines that require it later.

Signed-off-by: Aaron Haslett <aaron.haslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Aug  6 08:45:19 CEST 2018 on sn-devel-144
This commit is contained in:
Aaron Haslett 2018-07-23 15:20:03 +12:00 committed by Gary Lockyer
parent 2800611df3
commit eb4161d701
3 changed files with 92 additions and 20 deletions

View File

@ -411,6 +411,7 @@ sub get_interface($)
$interfaces{"restoredc"} = 41;
$interfaces{"renamedc"} = 42;
$interfaces{"labdc"} = 43;
$interfaces{"offlinebackupdc"} = 44;
# update lib/socket_wrapper/socket_wrapper.c
# #define MAX_WRAPPED_INTERFACES 64

View File

@ -2162,6 +2162,7 @@ sub check_env($$)
restoredc => ["backupfromdc"],
renamedc => ["backupfromdc"],
offlinebackupdc => ["backupfromdc"],
labdc => ["backupfromdc"],
none => [],
@ -2615,6 +2616,18 @@ sub setup_backupfromdc
return $env;
}
# returns the server/user-auth params needed to run an online backup cmd
sub get_backup_server_args
{
# dcvars contains the env info for the backup DC testenv
my ($self, $dcvars) = @_;
my $server = $dcvars->{DC_SERVER_IP};
my $server_args = "--server=$server ";
$server_args .= "-U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
return $server_args;
}
# Creates a backup of a running testenv DC
sub create_backup
{
@ -2636,10 +2649,9 @@ sub create_backup
# use samba-tool to create a backup from the 'backupfromdc' DC
my $cmd = "";
my $samba_tool = Samba::bindir_path($self, "samba-tool");
my $server = $dcvars->{DC_SERVER_IP};
$cmd .= "$cmd_env $samba_tool domain backup $backup_cmd --server=$server";
$cmd .= " --targetdir=$backupdir -U$dcvars->{DC_USERNAME}\%$dcvars->{DC_PASSWORD}";
$cmd .= "$cmd_env $samba_tool domain backup $backup_cmd";
$cmd .= " --targetdir=$backupdir";
print "Executing: $cmd\n";
unless(system($cmd) == 0) {
@ -2746,7 +2758,7 @@ sub prepare_dc_testenv
$env->{DC_USERNAME} = $env->{USERNAME};
$env->{DC_PASSWORD} = $env->{PASSWORD};
return $env;
return ($env, $ctx);
}
@ -2759,13 +2771,17 @@ sub setup_restoredc
my ($self, $prefix, $dcvars) = @_;
print "Preparing RESTORE DC...\n";
my $env = $self->prepare_dc_testenv($prefix, "restoredc",
$dcvars->{DOMAIN}, $dcvars->{REALM},
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "restoredc",
$dcvars->{DOMAIN},
$dcvars->{REALM},
$dcvars->{PASSWORD});
# create a backup of the 'backupfromdc'
my $backupdir = File::Temp->newdir();
my $backup_file = $self->create_backup($env, $dcvars, $backupdir, "online");
my $server_args = $self->get_backup_server_args($dcvars);
my $backup_args = "online $server_args";
my $backup_file = $self->create_backup($env, $dcvars, $backupdir,
$backup_args);
unless($backup_file) {
return undef;
}
@ -2801,13 +2817,15 @@ sub setup_renamedc
my ($self, $prefix, $dcvars) = @_;
print "Preparing RENAME DC...\n";
my $env = $self->prepare_dc_testenv($prefix, "renamedc",
"RENAMEDOMAIN", "renamedom.samba.example.com",
my $realm = "renamedom.samba.example.com";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "renamedc",
"RENAMEDOMAIN", $realm,
$dcvars->{PASSWORD});
# create a backup of the 'backupfromdc' which renames the domain
my $backupdir = File::Temp->newdir();
my $backup_args = "rename $env->{DOMAIN} $env->{REALM}";
my $server_args = $self->get_backup_server_args($dcvars);
my $backup_args = "rename $env->{DOMAIN} $env->{REALM} $server_args";
my $backup_file = $self->create_backup($env, $dcvars, $backupdir,
$backup_args);
unless($backup_file) {
@ -2836,6 +2854,55 @@ sub setup_renamedc
return $env;
}
# Set up a DC testenv solely by using the 'samba-tool domain backup offline' and
# restore commands. This proves that we do an offline backup of a local DC
# ('backupfromdc') and use the backup file to create a valid, working samba DC.
sub setup_offlinebackupdc
{
# note: dcvars contains the env info for the dependent testenv ('backupfromdc')
my ($self, $prefix, $dcvars) = @_;
print "Preparing OFFLINE BACKUP DC...\n";
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "offlinebackupdc",
$dcvars->{DOMAIN},
$dcvars->{REALM},
$dcvars->{PASSWORD});
# create an offline backup of the 'backupfromdc' target
my $backupdir = File::Temp->newdir();
my $cmd = "offline -s $dcvars->{SERVERCONFFILE}";
my $backup_file = $self->create_backup($env, $dcvars,
$backupdir, $cmd);
unless($backup_file) {
return undef;
}
# restore the backup file to populate the rename-DC testenv
my $restore_dir = abs_path($prefix);
my $restore_opts = "--newservername=$env->{SERVER} --host-ip=$env->{SERVER_IP}";
my $ret = $self->restore_backup_file($backup_file, $restore_opts,
$restore_dir, $env->{SERVERCONFFILE});
unless ($ret == 0) {
return undef;
}
# re-create the testenv's krb5.conf (the restore may have overwritten it)
Samba::mk_krb5_conf($ctx);
# start samba for the restored DC
if (not defined($self->check_or_start($env, "standard"))) {
return undef;
}
my $upn_array = ["$env->{REALM}.upn"];
my $spn_array = ["$env->{REALM}.spn"];
$self->setup_namespaces($env, $upn_array, $spn_array);
return $env;
}
# Set up a DC testenv solely by using the samba-tool 'domain backup rename' and
# restore commands, using the --no-secrets option. This proves that we can
# create a realistic lab environment from an online DC ('backupfromdc').
@ -2845,13 +2912,17 @@ sub setup_labdc
my ($self, $prefix, $dcvars) = @_;
print "Preparing LAB-DOMAIN DC...\n";
my $env = $self->prepare_dc_testenv($prefix, "labdc", "LABDOMAIN",
"labdom.samba.example.com", $dcvars->{PASSWORD});
my ($env, $ctx) = $self->prepare_dc_testenv($prefix, "labdc",
"LABDOMAIN",
"labdom.samba.example.com",
$dcvars->{PASSWORD});
# create a backup of the 'backupfromdc' which renames the domain and uses
# the --no-secrets option to scrub any sensitive info
my $backupdir = File::Temp->newdir();
my $backup_args = "rename $env->{DOMAIN} $env->{REALM} --no-secrets";
my $server_args = $self->get_backup_server_args($dcvars);
my $backup_args = "rename $env->{DOMAIN} $env->{REALM} $server_args";
$backup_args .= " --no-secrets";
my $backup_file = $self->create_backup($env, $dcvars, $backupdir,
$backup_args);
unless($backup_file) {

View File

@ -814,7 +814,7 @@ plantestsuite_loadlist("samba4.ldap.vlv.python(ad_dc_ntvfs)", "ad_dc_ntvfs", [py
plantestsuite_loadlist("samba4.ldap.linked_attributes.python(ad_dc_ntvfs)", "ad_dc_ntvfs:local", [python, os.path.join(samba4srcdir, "dsdb/tests/python/linked_attributes.py"), '$PREFIX_ABS/ad_dc_ntvfs/private/sam.ldb', '-U"$USERNAME%$PASSWORD"', '--workgroup=$DOMAIN', '$LOADLIST', '$LISTOPT'])
# These should be the first tests run against testenvs created by backup/restore
for env in ['restoredc', 'renamedc', 'labdc']:
for env in ['offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
# check that a restored DC matches the original DC (backupfromdc)
plantestsuite("samba4.blackbox.ldapcmp_restore", env,
["PYTHON=%s" % python,
@ -871,7 +871,7 @@ for env in ["ad_dc_ntvfs"]:
)
# this is a basic sanity-check of Kerberos/NTLM user login
for env in ["restoredc", "renamedc", "labdc"]:
for env in ["offlinebackupdc", "restoredc", "renamedc", "labdc"]:
plantestsuite_loadlist("samba4.ldap.login_basics.python(%s)" % env, env,
[python, os.path.join(samba4srcdir, "dsdb/tests/python/login_basics.py"),
"$SERVER", '-U"$USERNAME%$PASSWORD"', "-W$DOMAIN", "--realm=$REALM",
@ -908,7 +908,7 @@ plansmbtorture4testsuite(t, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '
plansmbtorture4testsuite(t, "vampire_dc", ['$SERVER', '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.%s.two" % t)
# RPC smoke-tests for testenvs of interest (RODC, etc)
for env in ['rodc', 'restoredc', 'renamedc', 'labdc']:
for env in ['rodc', 'offlinebackupdc', 'restoredc', 'renamedc', 'labdc']:
plansmbtorture4testsuite('rpc.echo', env, ['ncacn_np:$SERVER', "-k", "yes", '-U$USERNAME%$PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo")
plansmbtorture4testsuite('rpc.echo', "%s:local" % env, ['ncacn_np:$SERVER', "-k", "yes", '-P', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo")
plansmbtorture4testsuite('rpc.echo', "%s:local" % env, ['ncacn_np:$SERVER', "-k", "no", '-Utestallowed\ account%$DC_PASSWORD', '--workgroup=$DOMAIN'], modname="samba4.rpc.echo.testallowed")
@ -1088,7 +1088,7 @@ for env in [
planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.kcc.kcc_utils")
for env in [ "simpleserver", "fileserver", "nt4_dc", "ad_dc", "ad_dc_ntvfs",
"ad_member", "restoredc", "renamedc", "labdc" ]:
"ad_member", "offlinebackupdc", "restoredc", "renamedc", "labdc" ]:
planoldpythontestsuite(env, "netlogonsvc",
extra_path=[os.path.join(srcdir(), 'python/samba/tests')],
name="samba.tests.netlogonsvc.python(%s)" % env)
@ -1113,7 +1113,7 @@ for env in ['vampire_dc', 'promoted_dc', 'rodc']:
# check the databases are all OK. PLEASE LEAVE THIS AS THE LAST TEST
for env in ["ad_dc_ntvfs", "ad_dc", "fl2000dc", "fl2003dc", "fl2008r2dc",
'vampire_dc', 'promoted_dc', 'backupfromdc', 'restoredc',
'renamedc', 'labdc']:
'renamedc', 'offlinebackupdc', 'labdc']:
plantestsuite("samba4.blackbox.dbcheck(%s)" % env, env + ":local" , ["PYTHON=%s" % python, os.path.join(bbdir, "dbcheck.sh"), '$PREFIX/provision', configuration])
# cmocka tests not requiring a specific environment