1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

460 Commits

Author SHA1 Message Date
Günther Deschner
c4e15e0f6d testprogs: use texpect instead of rkpty.
Guenther

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2014-09-01 15:47:33 +02:00
Günther Deschner
a78a87ac53 testprogs: test kpasswd via "net ads password".
Guenther

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2014-09-01 15:47:33 +02:00
Günther Deschner
fa39e025ff testprogs: use texpect in passwords test file instead of rkpty.
Guenther

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2014-09-01 15:47:33 +02:00
Günther Deschner
af7613fa25 testprogs: allow to run passwords test with MIT and Heimdal kinit.
Guenther

Signed-off-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2014-09-01 15:47:33 +02:00
Andreas Schneider
7982c373b0 testprogs: Use the system binaries for KRB5 if we don't build in-tree heimdal.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
Reviewed-by: Andrew Bartlet <abartlet@samba.org>
2014-09-01 15:47:33 +02:00
Andrew Bartlett
9bfbff6543 dbcheck: Add check and test for various invalid userParameters values
Bug: https://bugzilla.samba.org/show_bug.cgi?id=8077
Change-Id: I6f2f4169856ce78c62e3a7e74b48520cca9cb9ae
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-07-09 08:42:08 +02:00
Andrew Bartlett
c664859a12 selftest: Test auth_wbc, the auth4 winbind and winbind_wbclient modules using pdbtest
This ensures these authentication modules continue to operate correctly, and that the results are consistent.

Andrew Bartlett

Change-Id: I7f63cd93e55c6f73ceeafb14f1dc265291791803
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 16 12:50:44 CEST 2014 on sn-devel-104
2014-05-16 12:50:44 +02:00
Andrew Bartlett
66c099cc58 selftest: Run pdbtest under valgrind if specified
Change-Id: I21e169ba563551e13c46f07f86205625ad166c64
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <Volker.Lendecke@SerNet.DE>
2014-05-16 10:23:26 +02:00
Andrew Bartlett
7c2bf8d2bc selftest: Add tests for dbcheck detection and removal of partial objects
To avoid listing all the provision snapshots, we use a broader blacklist for waf dist
and a whitelist for dbcheck-oldrelease.sh

Andrew Bartlett

Change-Id: Iab0ff4be0b4287dc128a49302836a6f0f7b39678
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-05-03 07:57:13 +02:00
Andreas Schneider
363f76c305 testprogs: Fix tests calling smbpasswd.
smbpasswd has a check that it is root so make sure we start with
uid_wrapper being root!

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-17 14:56:05 +02:00
Andrew Bartlett
f596dc94e1 dbcheck: Ensure dbcheck can operate with --attrs set
This also includes a test to ensure we do not regress on this point.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-03-21 08:03:07 +01:00
Andreas Schneider
293aac0508 testprogs: Fix pkinit test with system ldb.
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Fri Feb 21 17:58:24 CET 2014 on sn-devel-104
2014-02-21 17:58:24 +01:00
Andreas Schneider
069015bee9 testprogs: Fix kinit test with system ldb.
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2014-02-21 15:59:28 +01:00
Andreas Schneider
e2b0d25b70 testprogs: Use system binary if we did not build ldbdel.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Tue Feb 18 12:45:41 CET 2014 on sn-devel-104
2014-02-18 12:45:41 +01:00
Stefan Metzmacher
54c0bde3e9 midltests: add tests with v1_enum and NDR64
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2014-01-07 08:37:38 +01:00
Andrew Bartlett
a3f25f2511 selftst: add tests based on 4.1.0rc3 to check for zero invocationID in replPropertyMetaData
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Sep 23 01:29:10 CEST 2013 on sn-devel-104
2013-09-23 01:29:10 +02:00
Andrew Bartlett
9c11ad25b2 selftest: Only run referenceprovision and ldapcmp for the 4.0.0 test
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
2013-09-22 14:39:50 -07:00
Andrew Bartlett
16b26eafa7 selftest: Add a basic test of samba_upgradedns
This does not check that the command runs correctly, but does at least check
that the command runs to completion without errors.

Andrew Bartlett

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-09-04 07:08:16 +02:00
Andrew Bartlett
1589e46d11 selftest: Add tests for samba-tool dbcheck --reset-well-known-acls
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-25 11:35:03 +01:00
Andrew Bartlett
b9b6375699 selftest: Remove output directories to save disk space
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04 08:35:05 +01:00
Andrew Bartlett
787a6aacc3 samba_upgradeprovision: Remove auto-detection of pre-alpha9 databases
These are incredibly rare, and administrators running such databases
not only ask the Samba Team for help personally, they can read --help.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04 08:33:04 +01:00
Andrew Bartlett
08f0562240 selftest: Run dbcheck and improved upgrdeprovision tests against release-4-0-0
The improved upgradeprovision tests now call ldapcmp to verify the
changes made do actually bring the database in line with a fresh
provision.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04 08:32:25 +01:00
Andrew Bartlett
72f73ebaff selftest: Do an ldapcmp run against the upgraded domain
This checks (with a set of known issues marked in the --filter attribute) that the upgraded
domain matches a fresh provision.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04 08:32:06 +01:00
Andrew Bartlett
0180a027cb subunit: Add a sh macro for skipping a test
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-03-04 08:18:07 +01:00
Andrew Bartlett
0f8ef5a2c8 selftest: Add test of upgradeprovision using the old alpha13 tree
This ensures that upgradeprovision works as expected on a known good old database.

Andrew Bartlett

Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Jan 27 11:55:54 CET 2013 on sn-devel-104
2013-01-27 11:55:54 +01:00
Andrew Bartlett
99d872ee92 s4-dbcheck: Allow forcing an override of an old @MODULES record
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2013-01-10 14:52:45 +01:00
Andrew Tridgell
dd60dcf343 test-chgdcpass: test the ldap case for server password change
use samba-tool drs options which does both RPC and LDAP connections

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Tridgell <tridge@samba.org>
Autobuild-Date(master): Thu Nov  1 07:21:17 CET 2012 on sn-devel-104
2012-11-01 07:21:17 +01:00
Andrew Tridgell
e48099516e test_chgdpass: use drs bind to test password change on RPC
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-11-01 15:40:40 +11:00
Andrew Tridgell
fce66b22ea test_chgdpass: added test for kerberos retry
this tests that we correctly retry with a new ccache entry when a
server changes its password while we have a valid ticket

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
2012-11-01 15:40:40 +11:00
Stefan Metzmacher
52ba3c8e6a testprogs/blackbox: make use of samba-tool domain provision
metze
2012-09-11 08:35:57 +02:00
Andrew Bartlett
3ad9c52b14 selftest: skip tests if the tarball did not include the alpha13 provision 2012-09-03 19:24:10 +10:00
Andrew Bartlett
2b404462f5 selftest: Pass --use-ntvfs to provison in renamedc test
Also fix test prefix to match the test

Andrew Bartlett
2012-08-22 01:31:57 +02:00
Andrew Bartlett
a29bf4acf5 selftest: run pdbtest against s3dc as well
This validates the password expiry, account disable in the s3 auth code
and the save/restore of values in tdbsam.

It also provides the first test of some net sam set subcommands.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Jun 28 20:39:38 CEST 2012 on sn-devel-104
2012-06-28 20:39:38 +02:00
Andrew Bartlett
471a6b3992 s4-selftest: expand passdb testing
This tests pdb_samba4 in the first instance
2012-06-27 11:29:17 +02:00
Andrew Bartlett
207984464f s4-selftest: Test login with a password expired user
This uses rkpty to test changing an expired password.

Andrew Bartlett
2012-06-27 11:29:17 +02:00
Björn Jacke
94afad20b5 tests: make test_ldb portable, eliminate "local" keyword
this is BASH only, don't use it.
2012-06-27 00:19:19 +02:00
Andrew Bartlett
d1d36d2563 s4-selftest: Add tests for dbcheck on an old database that needs repair
We changed a lot since alpha13, so there are lots of legitimate errors to fix.

Andrew Bartlett

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sat Jun 16 05:44:15 CEST 2012 on sn-devel-104
2012-06-16 05:44:15 +02:00
Michael Adam
72fbbdb9b3 s4:selftest: change the blackbox.passwords test to use a binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Michael Adam
e7281b450a s4:selftest: change the blackbox.pkinit test to use a binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Michael Adam
d86ae30bb8 s4:selftest: change the blackbox.kinit test to use a binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Michael Adam
104135faa9 s4:selftest: change the blackbox.export.keytab test to use a binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Michael Adam
00f5473de8 s4:selftest: change the blackbox.chgdcpass test to use a binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Michael Adam
da82c07e13 s4:selftets: change the blackbox.bogusdomain test to use binary mapping for smbclient 2012-05-31 04:46:06 +02:00
Andrew Bartlett
ca2b6259b7 s4-selftest: Demonstrate the correct behaviour between specified usernames and kerberos ccache
This shows that a username/password on the command line must always
override any credentials cache in the environment.

Andrew Bartlett
2012-05-24 16:21:26 +02:00
Alexander Bokovoy
dc3f74a953 auth/credentials: 'workgroup' set via command line will not drop existing ccache
The root cause for existing ccache being invalidated was use of global loadparm with
'workgroup' value set as if from command line. However, we don't really need to take
'workgroup' parameter value's nature into account when invalidating existing ccache.
When -U is used on the command line, one can specify a password to force ccache
invalidation.

The commit also reverts previous fix now that root cause is clear.
2012-05-24 16:21:26 +02:00
Andrew Bartlett
22cd4bcc9e s4-selftest: Always delete the user at the end of test_passwords.sh
If this test is run in the "dc" environment (rather than "dc:local") is would not delete the
test user.

Andrew Bartlett
2012-05-24 09:59:04 +02:00
Alexander Bokovoy
dcfb34fbb4 blackbox: fix samba4.blackbox.kinit test
This deserves some explanation.

With commit 518232d457 samba4.blackbox.kinit test set
was wrapped with password settings reset before and after the tests with an idea to
maintain reliable state for the tests. As result, the resetting of the password
settings was done after the test that tried to use smbclient with a Kerberos ticket
obtained with machine account credentials.

However, the code in credentials_krb5.c, function cli_credentials_get_client_gss_creds(),
never worked correctly when credentials were already in ccache. Instead, gensec_gssapi module
always re-kinited even if existing credentials were available in the ccache. This had an effect
on 'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' test equal to
never having initialized ccache at all, as if 'rm -f $KRB5CCNAME' was run before the test.

When the issue of not using already initialized credentials from ccache was fixed with
d0aae88f1290e6a7a6d4bfc24aa62795e4892a31 'auth-credentials: Support using pre-fetched ccache
when obtaining kerberos credentials' commit, Samba 4 credentials library started to correctly
re-used already obtained credentials from ccaches. This caused failure of the test
'samba4.blackbox.kinit(dc:local).reset password policies(dc:local)' because machine account
has no permissions to modify password settings.

Thus, the correct fix is to reset ccache state before performing the test.

Autobuild-User: Alexander Bokovoy <ab@samba.org>
Autobuild-Date: Wed May 23 18:46:12 CEST 2012 on sn-devel-104
2012-05-23 18:46:12 +02:00
Andrew Bartlett
95976d4ec2 selftest: Rework samba4.blackbox.bogusdomain to use a temporary user
This avoids leaving an account in the test environment after the test is run
and therefore avoids issues with interations with other tests.

Also, we now use the local administrator account in the member server to
add the test account.

Andrew Bartlett

Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Fri Mar  2 14:44:36 CET 2012 on sn-devel-104
2012-03-02 14:44:36 +01:00
Andrew Bartlett
eecf2ac4c8 selftest: Remove unused support for --exeext 2012-02-01 02:45:07 +01:00
Matthieu Patou
7350d99409 s3: check that a user in a bogus domain name is mapped to the localnetbios name of a domain member
This means that if we authentify for BOGUS\administrator in AD domain
FOREST with samba being domain member with the netbiosname MEMBER then
BOGUS\administrator will be mapped to MEMBER\administrator if the
password match.
2012-01-30 08:23:11 -08:00