diff --git a/wintest/conf/abartlet.conf b/wintest/conf/abartlet.conf index 8e6830f75c0..78c0287678d 100644 --- a/wintest/conf/abartlet.conf +++ b/wintest/conf/abartlet.conf @@ -16,11 +16,17 @@ VM_RESET : virsh reboot ${VMNAME} # interfaces to create INTERFACE : virbr0:0 +NAMED_INTERFACE : virbr0:1 # this is an additional IP that will be used for named to listen -# on. It should not be the primary IP of the interface -INTERFACE_IP : 192.168.122.2 -INTERFACE_NET : 192.168.122.2/24 +# on. It should not be the primary IP of the interface. We need one +# for BIND (which redirects to the other hosts) and one for Samba, +# which might be running our own DNS + +INTERFACE_IP : 192.168.122.3 +INTERFACE_NET : 192.168.122.3/24 +NAMED_INTERFACE_IP : 192.168.122.2 +NAMED_INTERFACE_NET : 192.168.122.2/24 # how to run bind9 BIND9 : /usr/sbin/named diff --git a/wintest/test-s4-howto.py b/wintest/test-s4-howto.py index 5172999d7f6..a2eded64549 100755 --- a/wintest/test-s4-howto.py +++ b/wintest/test-s4-howto.py @@ -40,8 +40,6 @@ def provision_s4(t, func_level="2008"): '--option=rndc command=${RNDC} -c${PREFIX}/etc/rndc.conf', '${USE_NTVFS}', '--dns-backend=${NAMESERVER_BACKEND}', - '${ALLOW_DNS_UPDATES}', - '${DNS_RECURSIVE_QUERIES}', '${DNS_FORWARDER}'] if t.getvar('INTERFACE_IPV6'): provision.append('--host-ip6=${INTERFACE_IPV6}') @@ -191,7 +189,7 @@ def test_dcpromo(t, vm): smbclient = t.getvar("smbclient") t.chdir('${PREFIX}') t.port_wait("${WIN_IP}", 139) - t.retry_cmd("host -t A ${WIN_HOSTNAME}.${LCREALM}. ${INTERFACE_IP}", + t.retry_cmd("host -t A ${WIN_HOSTNAME}.${LCREALM}. ${NAMED_INTERFACE_IP}", ['${WIN_HOSTNAME}.${LCREALM} has address'], retries=30, delay=10, casefold=True) t.retry_cmd('%s -L ${WIN_HOSTNAME}.${LCREALM} -Uadministrator@${LCREALM}%%${PASSWORD1}' % (smbclient), ["C$", "IPC$", "Sharename"]) @@ -567,11 +565,10 @@ def test_howto(t): # we don't need fsync safety in these tests t.putenv('TDB_NO_FSYNC', '1') - if not t.getvar('NAMESERVER_BACKEND') == 'SAMBA_INTERNAL': - if not t.skip("configure_bind"): - t.configure_bind(kerberos_support=True, include='${PREFIX}/private/named.conf') - if not t.skip("stop_bind"): - t.stop_bind() + if not t.skip("configure_bind"): + t.configure_bind(kerberos_support=True, include='${PREFIX}/private/named.conf') + if not t.skip("stop_bind"): + t.stop_bind() if not t.skip("stop_vms"): t.stop_vms() @@ -592,13 +589,10 @@ def test_howto(t): if not t.skip("smbclient"): test_smbclient(t) - t.set_nameserver(t.getvar('INTERFACE_IP')) - - if not t.getvar('NAMESERVER_BACKEND') == 'SAMBA_INTERNAL': - if not t.skip("configure_bind2"): - t.configure_bind(kerberos_support=True, include='${PREFIX}/private/named.conf') - if not t.skip("start_bind"): - t.start_bind() + if not t.skip("configure_bind2"): + t.configure_bind(kerberos_support=True, include='${PREFIX}/private/named.conf') + if not t.skip("start_bind"): + t.start_bind() if not t.skip("dns"): test_dns(t) diff --git a/wintest/wintest.py b/wintest/wintest.py index e9898620a1f..2b33950d8ab 100644 --- a/wintest/wintest.py +++ b/wintest/wintest.py @@ -26,6 +26,11 @@ class wintest(): self.run_cmd('ifconfig ${INTERFACE} inet6 del ${INTERFACE_IPV6}/64', checkfail=False) self.run_cmd('ifconfig ${INTERFACE} inet6 add ${INTERFACE_IPV6}/64 up') + self.run_cmd('ifconfig ${NAMED_INTERFACE} ${NAMED_INTERFACE_NET} up') + if self.getvar('NAMED_INTERFACE_IPV6'): + self.run_cmd('ifconfig ${NAMED_INTERFACE} inet6 del ${NAMED_INTERFACE_IPV6}/64', checkfail=False) + self.run_cmd('ifconfig ${NAMED_INTERFACE} inet6 add ${NAMED_INTERFACE_IPV6}/64 up') + def stop_vms(self): '''Shut down any existing alive VMs, so they do not collide with what we are doing''' self.info('Shutting down any of our VMs already running') @@ -325,15 +330,15 @@ nameserver %s def configure_bind(self, kerberos_support=False, include=None): self.chdir('${PREFIX}') - if self.getvar('INTERFACE_IPV6'): - ipv6_listen = 'listen-on-v6 port 53 { ${INTERFACE_IPV6}; };' + if self.getvar('NAMED_INTERFACE_IPV6'): + ipv6_listen = 'listen-on-v6 port 53 { ${NAMED_INTERFACE_IPV6}; };' else: ipv6_listen = '' self.setvar('BIND_LISTEN_IPV6', ipv6_listen) if not kerberos_support: self.setvar("NAMED_TKEY_OPTION", "") - else: + elif self.getvar('NAMESERVER_BACKEND') != 'SAMBA_INTERNAL': if self.named_supports_gssapi_keytab(): self.setvar("NAMED_TKEY_OPTION", 'tkey-gssapi-keytab "${PREFIX}/private/dns.keytab";') @@ -345,8 +350,10 @@ nameserver %s ''') self.putenv('KEYTAB_FILE', '${PREFIX}/private/dns.keytab') self.putenv('KRB5_KTNAME', '${PREFIX}/private/dns.keytab') + else: + self.setvar("NAMED_TKEY_OPTION", "") - if include: + if include and self.getvar('NAMESERVER_BACKEND') != 'SAMBA_INTERNAL': self.setvar("NAMED_INCLUDE", 'include "%s";' % include) else: self.setvar("NAMED_INCLUDE", '') @@ -355,7 +362,7 @@ nameserver %s self.write_file("etc/named.conf", ''' options { - listen-on port 53 { ${INTERFACE_IP}; }; + listen-on port 53 { ${NAMED_INTERFACE_IP}; }; ${BIND_LISTEN_IPV6} directory "${PREFIX}/var/named"; dump-file "${PREFIX}/var/named/data/cache_dump.db"; @@ -381,15 +388,30 @@ key "rndc-key" { }; controls { - inet ${INTERFACE_IP} port 953 + inet ${NAMED_INTERFACE_IP} port 953 allow { any; } keys { "rndc-key"; }; }; ${NAMED_INCLUDE} ''') + + if self.getvar('NAMESERVER_BACKEND') == 'SAMBA_INTERNAL': + self.write_file('etc/named.conf', + ''' +zone "%s" IN { + type forward; + forward only; + forwarders { + %s; + }; +}; +''' % (self.getvar('LCREALM'), self.getvar('INTERFACE_IP')), + mode='a') + # add forwarding for the windows domains domains = self.get_domains() + for d in domains: self.write_file('etc/named.conf', ''' @@ -413,7 +435,7 @@ key "rndc-key" { options { default-key "rndc-key"; - default-server ${INTERFACE_IP}; + default-server ${NAMED_INTERFACE_IP}; default-port 953; }; ''') @@ -422,7 +444,7 @@ options { def stop_bind(self): '''Stop our private BIND from listening and operating''' self.rndc_cmd("stop", checkfail=False) - self.port_wait("${INTERFACE_IP}", 53, wait_for_fail=True) + self.port_wait("${NAMED_INTERFACE_IP}", 53, wait_for_fail=True) self.run_cmd("rm -rf var/named") @@ -432,12 +454,14 @@ options { self.info("Restarting bind9") self.chdir('${PREFIX}') + self.set_nameserver(self.getvar('NAMED_INTERFACE_IP')) + self.run_cmd("mkdir -p var/named/data") self.run_cmd("chown -R ${BIND_USER} var/named") self.bind_child = self.run_child("${BIND9} -u ${BIND_USER} -n 1 -c ${PREFIX}/etc/named.conf -g") - self.port_wait("${INTERFACE_IP}", 53) + self.port_wait("${NAMED_INTERFACE_IP}", 53) self.rndc_cmd("flush") def restart_bind(self, kerberos_support=False, include=None): @@ -598,7 +622,7 @@ options { child.expect("C:") def set_dns(self, child): - child.sendline('netsh interface ip set dns "${WIN_NIC}" static ${INTERFACE_IP} primary') + child.sendline('netsh interface ip set dns "${WIN_NIC}" static ${NAMED_INTERFACE_IP} primary') i = child.expect(['C:', pexpect.EOF, pexpect.TIMEOUT], timeout=5) if i > 0: return True @@ -918,7 +942,7 @@ RebootOnCompletion=No self.load_config(self.opts.conf) nameserver = self.get_nameserver() - if nameserver == self.getvar('INTERFACE_IP'): + if nameserver == self.getvar('NAMED_INTERFACE_IP'): raise RuntimeError("old /etc/resolv.conf must not contain %s as a nameserver, this will create loops with the generated dns configuration" % nameserver) self.setvar('DNSSERVER', nameserver) @@ -951,12 +975,4 @@ RebootOnCompletion=No self.setvar('NAMESERVER_BACKEND', self.opts.dns_backend) - if self.opts.dns_backend == 'SAMBA_INTERNAL': - self.setvar('ALLOW_DNS_UPDATES', '') - # we need recursive queries, since host expects answers with RA-bit - self.setvar('DNS_RECURSIVE_QUERIES', '--option="dns recursive queries=Yes"') - self.setvar('DNS_FORWARDER', '--option="dns forwarder=%s"' % nameserver) - else: - self.setvar('ALLOW_DNS_UPDATES', '') - self.setvar('DNS_RECURSIVE_QUERIES', '') - self.setvar('DNS_FORWARDER', '') + self.setvar('DNS_FORWARDER', "--option=dns forwarder=%s" % nameserver)