1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
Commit Graph

973 Commits

Author SHA1 Message Date
Samuel Cabrero
d809da3ace selftest: Run python.samba.tests.dcerpc.raw_protocol against S3 ad_member
The goal is to pass the raw protocol testsuite against s3 RPC server.
To do so we need to enable epmd and lsasd daemons, as the testsuite
connects to the endpoint mapper and lsa endpoints using NCACN_IP_TCP
and NCACN_NP transports.

Signed-off-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-03-20 15:36:31 +00:00
Martin Schwenke
dc0150801c selftest:clusteredmember: Build a unclist for every share
This is fairly cheap and it is simple to do.  This allows the Python
code to be able to specify a unclist quite simply.  The level of
coupling doesn't seem worse than anything else in the
selftest/autobuild code.

There may be cleverer ways of doing this (e.g. a wrapper in
testprogs/blackbox/clusteredmember_smbtorture or similar) but cleverer
code isn't necessarily better code... and they'll probably involve
code duplication.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-02-19 09:38:40 +00:00
Michael Adam
5ff7e2f213 selftest:Samba3: add a clusteredmember environment
Allow running tests against a CTDB setup, thereby covering the
dbrwap_ctdb->ctdb stack in real SMB tests.

Sets up a 3 node cluster.

Signed-off-by: Michael Adam <obnox@samba.org>
Signed-off-by: Volker Lendecke <vl@samba.org>
Signed-off-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:40 +00:00
Volker Lendecke
bb85a710e2 selftest: Split up a long line
We'll add another argument soon

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:40 +00:00
Martin Schwenke
822604a112 selftest: net command needs to think it is root in clustered case
So just run it "as root" all the time.

Something similar is already done for other things in
Samba3::provision(), such as running smbpasswd in
Samba3::createuser().

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-02-19 09:38:40 +00:00
Volker Lendecke
c779dfe70f selftest: Allow passing fork_and_exec()'s child_cleanup
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:40 +00:00
Volker Lendecke
154d7c8eaf selftest: Convert Samba3::check_or_start() to named parameters
Another parameter will be added soon.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:40 +00:00
Volker Lendecke
ff5dd4bb4f selftest: Parameterize clean up in the child process
Default to closing the write end of the parent->child pipe.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:40 +00:00
Martin Schwenke
586189ab69 selftest: Fix an uninitialised variable warning.
If $nmbd is not "yes" then this can result in a warning.

Introduced in commit 676261fa08.

Signed-off-by: Martin Schwenke <martin@meltin.net>
Reviewed-by: Volker Lendecke <vl@samba.org>
2020-02-19 09:38:40 +00:00
Volker Lendecke
4cd28d736a selftest: Fix a warning message
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:39 +00:00
Volker Lendecke
2a54c03af7 selftest: Add "share_dir" as an argument to Samba3::provision()
Default to the previous value

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:39 +00:00
Volker Lendecke
7598b9069d selftest: Allow "netbios name" to be overriden in Samba3::provision()
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Martin Schwenke <martin@meltin.net>
2020-02-19 09:38:39 +00:00
Andreas Schneider
e2ea059e67 s3:tests: Add test for a dropbox with dir mode 0733
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Feb 18 21:07:44 UTC 2020 on sn-devel-184
2020-02-18 21:07:44 +00:00
Andreas Schneider
b9ab8bf7a9 s3:tests: Add smbclient test for 'force create mode = 0664'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Feb 14 20:16:04 UTC 2020 on sn-devel-184
2020-02-14 20:16:04 +00:00
Stefan Metzmacher
7d1b560804 selftest: create a pcap file for the environment setup
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-02-06 14:57:42 +00:00
Stefan Metzmacher
f182c9a36b selftest: create pcap files for invidual env services
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-02-06 14:57:42 +00:00
Stefan Metzmacher
4effc5585e selftest: move {setup,cleanup}_pcap() to selftest/target/Samba.pm
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-02-06 14:57:42 +00:00
Douglas Bagnall
131bfc8ce2 selftest: avoid comparison against undefined value
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
7334d575a9 selftest/target/samba: do not look for undef environment
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
d087f74d45 selftest/target/samba: add missing methods
These methods are being called but have not been provided.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
213e237e39 selftest/s3: prefer empty string over undef to add nothing to config
To fix a warning.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
e50c5b80bf selftest/s3: actually close parent copy of smbd's STDIN
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
314b59fbef selftest/s4: remove illegal function signature
The character ':' has no meaning in function signatures. Perhaps ';' was
intended, which would have marked the later arguments as optional --
which is the default with no signature. All callers always provide all
the arguments anyway.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
18efb47a8f selftest/s4: don't put pcap file in / by default
If the SOCKET_WRAPPER_PCAP_DIR is not defined, let's assume it wasn't
wanted rather than choosing /.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:40 +00:00
Douglas Bagnall
7a65a26a2f selftest/s4: properly initialise an empty hash
The '%ret = {}' construction was bad because '{}' is a hash-ref, which
counts as a single scalar value, but a true hash like '%ret' must be
initialised with an even number of scalar values (usually in pairs, like
'($a => $b, $c => $d)').

I think this meant %ret was initialised as something harmless like
'(<HASH(0x55ce39781278)> => undef)'.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:39 +00:00
Douglas Bagnall
6c4ee5282e selftest: avoid redeclaring perl variables
None of these ones are doing any harm, we just want to silence these
warnings.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:39 +00:00
Douglas Bagnall
467abee4ee selftest/target/samba: avoid overwriting $pkinitdir
We were declaring the same variable twice with two different paths,
"$cadir/Users/$pkinitprincipalname" here and
"$ctx->{prefix_abs}/pkinit" about 5 lines down.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:39 +00:00
Douglas Bagnall
8f17d48163 selftest: enable perl warnings
After this we will see more noise with each test run, and these
warnings will be addressed in following commits.

Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-02-04 05:13:39 +00:00
Volker Lendecke
3f0e0ee274 selftest: Exit skipped daemons on close(STDIN)
Without this, teardown_env() will take ages for environments with
skipped daemons

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jan 29 11:06:53 UTC 2020 on sn-devel-184
2020-01-29 11:06:53 +00:00
Volker Lendecke
5bc5b681c0 selftest: Close STDIN_PIPE's write end for skipped daemons
Without this, any environment that skips any daemon will not shut down
properly. If a copy of a pipe's write end remains, closing one of them
won't cause the read end to be readable, i.e. the daemons waiting for
that won't exit properly.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2020-01-29 09:36:27 +00:00
Volker Lendecke
f9173c18a6 selftest: Convert Samba3::provision() to named parameters
9 positional parameters is a bit too much for easy overview

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-01-27 14:27:33 +00:00
Volker Lendecke
26da6f562b selftest: Factor out create_file_chmod()
24 lines less perl :-)

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2020-01-27 14:27:33 +00:00
Andreas Schneider
6a10ab3f10 selftest: Make 'Samba Users' the primary group of joe
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-01-24 15:46:42 +00:00
Andreas Schneider
227a8a1131 selftest: Add a group 'Samba Users'
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-01-24 15:46:42 +00:00
Andreas Schneider
b4a4adebd9 selftest: Add user joe
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Günther Deschner <gd@samba.org>
2020-01-24 15:46:42 +00:00
Ralph Boehme
1cf2397226 selftest: don't use NTVFS fileserver in chgdcpass
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Dec 20 07:34:42 UTC 2019 on sn-devel-184
2019-12-20 07:34:42 +00:00
Ralph Boehme
2e5188f520 selftest: don't use NTVFS fileserver in rodc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:41 +00:00
Ralph Boehme
629254ec5b selftest: don't use NTVFS fileserver in fl2008r2dc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:41 +00:00
Ralph Boehme
3518151cb2 selftest: don't use NTVFS fileserver in fl2003dc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:41 +00:00
Ralph Boehme
bd141ead0d selftest: don't use NTVFS fileserver in fl2000dc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:41 +00:00
Ralph Boehme
fbcf1ab708 selftest: don't use NTVFS fileserver in vampire_dc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:40 +00:00
Ralph Boehme
db24892d0e selftest: don't use NTVFS fileserver in promoted_dc
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:40 +00:00
Ralph Boehme
01141d06af selftest: make fl2008dc an alias for ad_dc, not ad_dc_ntvfs
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:40 +00:00
Ralph Boehme
bba0cafa95 selftest: make ad_dc_slowtests an alias for ad_dc, not ad_dc_ntvfs
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:40 +00:00
Ralph Boehme
8d1206c920 selftest: make ad_dc_default an alias for ad_dc, not ad_dc_ntvfs
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-12-20 06:08:40 +00:00
Douglas Bagnall
e737988641 dcerpc: developer option to save ndr_fuzz_X seeds
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Pair-programmed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-12-10 07:50:28 +00:00
Andreas Schneider
6201b30421 s3:smbspool_krb5_wrapper: Map AUTH_INFO_REQUIRED=none to anonymous
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2019-12-09 12:48:45 +00:00
Isaac Boukris
609a1d1d6b Revert "selftest: system-heimdal: workaround upstream "host" canon bug"
This reverts commit 15ddd95d94.

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-11-27 10:25:38 +00:00
Stefan Metzmacher
564049fbc9 s3:mdssvc: make use of lp_parm_const_string()
We don't need any substitution for elasticsearch options.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-11-27 10:25:31 +00:00
Isaac Boukris
389d1b979b heimdal: do not compile weak crypto
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14202

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-19 14:48:41 +00:00
Isaac Boukris
15ddd95d94 selftest: system-heimdal: workaround upstream "host" canon bug
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14179

Signed-off-by: Isaac Boukris <iboukris@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-11-13 17:49:38 +00:00
Andrew Bartlett
d524c7ddee CVE-2019-14833: Use utf8 characters in the unacceptable password
This shows that the "check password script" handling has a bug.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12438
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2019-10-29 10:04:45 +00:00
Isaac Boukris
90f557f3a1 selftest: s3: add a test for spnego downgrade from krb5 to ntlm
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106

Signed-off-by: Isaac Boukris <iboukris@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-10-12 14:33:32 +00:00
Ralph Boehme
da7dec0a50 selftest: add end-to-end tests for mdssvc with a fake HTTP server
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Noel Power <noel.power@suse.com>
2019-10-09 14:35:29 +00:00
Stefan Metzmacher
0ee085b594 selftest/Samba3.pm: use "winbind use krb5 enterprise principals = yes" for ad_member
This demonstrates that can do krb5_auth in winbindd without knowning about trusted domains.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

Autobuild-User(master): Günther Deschner <gd@samba.org>
Autobuild-Date(master): Tue Sep 24 19:51:29 UTC 2019 on sn-devel-184
2019-09-24 19:51:29 +00:00
Stefan Metzmacher
e2737a74d4 selftest/Samba3.pm: use "winbind scan trusted domains = no" for ad_member
This demonstrates that we rely on knowning about trusted domains before
we can do krb5_auth in winbindd.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2019-09-24 18:30:38 +00:00
Andreas Schneider
13e3811c95 selftest: Export TRUST information in the ad_member target environment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Andreas Schneider <asn@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>
2019-09-24 18:30:38 +00:00
Stefan Metzmacher
2b43ce6704 s3:selftest: add delay_inject:brl_lock_windows testing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14113

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Mon Sep  9 15:42:45 UTC 2019 on sn-devel-184
2019-09-09 15:42:45 +00:00
Stefan Metzmacher
9ab5a51a6e CVE-2019-10197: test_smbclient_s3.sh: add regression test for the no permission on share root problem
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2019-09-03 08:07:38 +00:00
Stefan Metzmacher
d7ed819d9f CVE-2019-10197: selftest: make fsrvp_share its own independent subdirectory
The next patch will otherwise break the fsrvp related tests.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035

Signed-off-by: Stefan Metzmacher <metze@samba.org>
2019-09-03 08:07:38 +00:00
Andrew Bartlett
5f70f972a5 selftest: Remove obsolete LDAP backend hooks from selftest.pl et al
This removes some quite complex logic that has not been used since the LDAP
backend project was shelved prior to 2011.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Nadezhda Ivanova <nivanova@symas.com>
2019-08-30 08:32:30 +00:00
Andrew Bartlett
b4816861f2 s4-dns: Deprecate BIND9_FLATFILE and remove "rndc command"
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Aug 22 21:24:00 UTC 2019 on sn-devel-184
2019-08-22 21:24:00 +00:00
Ralph Boehme
017af5d583 torture: beginning of a mdssvc RPC service test-suite
Yikes! Most tests fail atm.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-08-08 20:24:33 +00:00
Ralph Boehme
5806affefd selftest: explicitly set "mangled names = yes"
This is the current default and what 'make test' assumes currently.

The next commit will change the default to "illegal".

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2019-07-08 16:22:38 +00:00
Stefan Metzmacher
d216db5cd5 selftest: explicitly set "client min protocol = CORE"
This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-07-08 16:22:38 +00:00
Stefan Metzmacher
c163ef20f8 selftest: explicitly set "server min protocol = LANMAN1"
This is the current default and what 'make test' assumes currently.

The next commit will change the default to disable SMB1.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-07-08 16:22:37 +00:00
Douglas Bagnall
77d69ab820 dns_hub: print usage with too few args
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-05 01:05:20 +00:00
Gary Lockyer
5583208aed samba-tool domain join: remove the subdomain option
Remove the sub domain option from join, as it currently does not work.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-07-02 02:23:10 +00:00
Ralph Boehme
6e65c28312 selftest: add a test that itime is not set when setting DOS attrs
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Jul  1 23:21:07 UTC 2019 on sn-devel-184
2019-07-01 23:21:07 +00:00
Ralph Boehme
eb98678656 vfs_fruit: make "fruit:zero_file_id" a per share option
Now that File-ID calculation goes through the VFS, we can nicely make a
per-share option out of it.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-07-01 21:43:24 +00:00
Aaron Haslett
fc9845da69 selftest: specifying 2008_R2 base schema for tests that need it
We're going to change the default base schema so this patch changes all
tests and testenvs requiring the current default (2008_R2) to specify it
in all provision commands using --base-schema.

Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-26 04:12:33 +00:00
Ralph Boehme
ac2167eb23 selftest: allow guest login in the ad_member_idmap_rid env
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-06-05 15:40:24 +00:00
Tim Beale
b23d005cdc selftest: Don't use global dirs when parsing customdc realm
When creating the customdc, testparm would default to using
/usr/local/samba sub-directories for creating sockets and lock files.
Instead, pass in the tmpdir we just created as an option to the command.

Normally this didn't cause a noticeable problem, however, if we run the
command with UID-wrapper but without socket-wrapper (i.e.
USE_NAMESPACES=1), then it fails completely.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri May 31 06:34:36 UTC 2019 on sn-devel-184
2019-05-31 06:34:36 +00:00
Tim Beale
6defc1f183 selftest: Add check customdc has valid realm/domain
If we couldn't determine the realm/domain from the backup file, it's a
lot nicer to fail early with a clear error message (rather than failing
later on with a really obscure message).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-31 05:18:21 +00:00
Tim Beale
067b4fc03f selftest: Add linux namespace support (USE_NAMESPACES=1)
This hooks up the selftest/ns/* scripts added earlier with the selftest
system, so developers can optionally run a testenv or test using linux
namespaces instead of socket-wrapper.

The idea is this is experimental functionality that we can extend
further in future, in order to make testing Samba more versatile.

+ The top-level WAF script now does an 'unshare' to create a new
top-level 'selftest' namespace in which to create the testenv(s).
+ selftest.pl creates a common 'selftest0' bridge to connect together
the individual DCs.
+ Update Samba.pm so it can use real IPs instead of loopback addresses.
In fork_and_exec(), we add a couple of hooks so that the binary gets
started in a different namespace (using unshare/start_in_ns.sh), and
the parent process connects the new child namespace up to the common
selftest0 bridge (using add_bridge_iface.sh).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-31 05:18:20 +00:00
Tim Beale
c9e6251382 selftest: Add TESTENV_DIR "env" variable
We store the testenv directory path for the 'ctx' hashmap, but not for
the testenv-vars hashmap (and that can be really annoying sometimes).
Add it into the second hashmap that selftest actually keeps track of.
Currently it's only stored in the hashmap, not actually exported as an
environment variable (but we could easily do that if a test-case need
this info).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-31 05:18:20 +00:00
Tim Beale
163897f125 selftest: Use scalar variable for new daemon_ctx hashmap
The selftest code typically stores hashmaps as scalar variables (i.e.
it only ever uses references to hashmaps). So much so that using a regular
hashmap (and passing it by reference via \%daemon_ctx) looks out of
place.

Using the hashmap directly made more sense when it was only being used
locally, but now the hashmap is being passed by reference into a function
anyway, so storing it as a scalar doesn't make much difference.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:18 +00:00
Tim Beale
b976502d49 selftest: Add common fork_and_exec() function
Now the code has been refactored, we can move it into a common function.
This reduces code duplication and means we have a common place where we
start samba daemons from.

Note that some daemons behave slightly different, but the $daemon_ctx
allows us to customize their behaviour a bit.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
746e137777 selftest: Rework setting env variables for other forked binaries
Final refactor to merge the fork-and-exec code into a common function.

We can now use $daemon_ctx{ENV_VARS} to customize differences between
the forked binaries:
- samba: add in extra env variables on top of the defaults.
- dns_hub: there are no ENV variables we need to export.
- winbindd/smbd: these use the defaults, so they pass through an
undefined $daemon_ctx{ENV_VARS} (purely to make the code common across
all 5 places).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
ae3e33d492 selftest: Rework setting env variables for nmbd
Instead of having a special $skip_resolv_conf parameter just for nmbd,
use the get_env_for_process() API and customize the hashmap returned.
Pass the customized hashmap in as an optional part of the daemon_ctx.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
c79f0c1975 selftest: Store fork-and-exec daemon info in a hashmap
This intermediary refactor adds a hashmap that stores the values needed
to run each samba daemon. This adds a bit more code in the short term,
but it basically means the code in 5 different places now becomes
identical, and we can extract it out to a common function.

The converting FULL_CMD from an array reference back to an array is a
bit ugly, but we can clean this up a bit once the code is all in one
place.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
ad30fdc6ba selftest: Add helper function to build up s3 daemon cmd
The s3 daemons all basically use the same command logic, it's just they
use slightly different environment variables.

This adds a common helper function, which we can pass the specific
environment variables into.

(Note the slight parameter difference for winbind with --stdout vs
--log-stdout).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
ba9323abde selftest: Move fork cmd args up a level
This is a fairly simple move of code and is the first step in a larger
refactor.

It doesn't matter if we build up the command args prior to the fork (we
only use them in the forked child). But moving the code means the code
to handle the fork-and-exec becomes common code that is repeated in
several places throughout Samba3.pm and Samba4.pm.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
0fd3685cfd selftest: remove unused variable (@optargs)
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Tim Beale
a60e59735c selftest: Refactor duplicated code to set ENV vars
Whenever we started a process, we basically used the same code to setup
the ENV variables.

The s4 ENVNAME may now be slightly different in the child process that
runs samba (i.e. '$testenv.samba'), but that ENV var did not appeared to
be used much.

I'm not sure if the current difference in $skip_resolv_wrapper logic for
nmbd was deliberate or accidental, but I've preserved the logic for now.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-24 03:19:17 +00:00
Joe Guo
b78048524d selftest/target/Samba4.pm: increase max_wait from 60s to 120s to avoid timeout failure in samba-ad-dc-backup
Signed-off-by: Joe Guo <joeg@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-05-10 08:19:16 +00:00
Christof Schmitt
65e1d783cb selftest: Add idmap configuration for trusted domain for idmap_ad
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13903

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-24 01:02:17 +00:00
Christof Schmitt
281fb81ab1 selftest: Make trusted domain information available for idmap_ad environment
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13903

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-24 01:02:17 +00:00
Christof Schmitt
8266bd1f45 selftest: Use fl2008r2dc for ad_member_idmap_ad
fl2008r2dc already has a trusted domain. That will be used to use
idmap_ad for querying idmap attributes from the trusted domain.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13903

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-04-24 01:02:17 +00:00
Garming Sam
bfd762b53a selftest: rename schemaupgrade_dc (+pair) to schema_dc
This is needed because the name of the autobuild job and
the name of the selftest env end up in the socket path
for ncalrpc sockets.

The challenge is that (for example)
/memdisk/autobuild/fl/b2424063/samba-schemaupgrade/bin/ab/schemaupgrade_pair_dc/ncalrpc/np/protected_storage
does not fit in a struct sockaddr_un.

Signed-off-by: Garming Sam <garming@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Apr 12 05:41:36 UTC 2019 on sn-devel-144
2019-04-12 05:41:36 +00:00
Tim Beale
4336c058ca selftest: Add new 2-DC testenv for live schema upgrade
This adds a new 2-DC testenv that:
1. Provisions an AD DC with 2008R2 schema
2. Joins another AD DC with 2008R2 schema
3. Starts Samba
4. Performs a live schema upgrade on the PDC
Testenv targetting in tests.py files for this testenv required that we
extend the environment dependencies system to include optional post-startup
dependencies specified in ENV_DEPS_POST maps.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2019-04-11 04:17:10 +00:00
Douglas Bagnall
ed0060d3f2 selftest: use test smb.conf in provision
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Tim Beale <timbeale@catalyst.net.nz>
2019-03-30 22:21:26 +00:00
Tim Beale
a4d433aede selftest: Restore IPs 12-16 for selftest client
The assumption that tests only used the .11 IP was wrong. The
winsreplication test tries to use multiple different IPs - CI doesn't
fail when we remove the additional IPs, but it starts to skip test
cases.

+ Update get_interfaces_config() and get_ipv4_addr() so we can add
multiple different IPs for the same host.
+ Update selftest.pl so the client gets 6 IP addresses.
+ Update comments to better reflect this dependency.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-27 13:31:27 +00:00
Samuel Cabrero
5826b31f41 selftest: Do not include system krb5.conf in s4 test environments
If built with system MIT krb5 and dns_lookup_kdc is set to false in
system krb5.conf tests fail because KDC is not found.

Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-03-22 14:03:19 +00:00
Ralph Boehme
6a1e5fbfcd selftest: test vfs_nfs4acl_xattr in nfs mode
The same tests as for the other modes xdr and ndr are marked as
knownfail.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-03-18 19:21:25 +00:00
Tim Beale
3075b85c1a selftest: Remove unnecessary dns_hub hashmap entries
These are only used within the function, and there's already a local
variable that stores the same info.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-14 02:12:19 +00:00
Tim Beale
50abab31f8 selftest: Use consistent env variables for dns_hub
Setting up a testenv involves populating 2 different hashmaps - an
intermediary one (usually called 'ctx') and one that is used to populate
the testenv environment variables (usually called 'env_vars' or
'dcvars').
Because the dns_hub setup is very simple, it doesn't need two different
hashmaps. However, the variable names are still a mix of the two
hashmaps.

This patch updates dns_hub to use the second, more finalized hashmap
variable-names.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-14 02:12:19 +00:00
Tim Beale
e9c01fdbb8 selftest: Add helper function to get interfaces config
Add a helper function to return the IPv4/IPv6 addresses for the
smb.conf. This keeps the netmask assumptions in the same places as
the IP subnet assumptions.

This refactor means we no longer need to store $ctx->{interfaces}, as it
was only used in one place.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-14 02:12:18 +00:00
Tim Beale
a3da2f63be selftest: Remove secondary client interfaces
I can't see anything in the tests that ever tries to use these other IP
addresses. While it makes sense that we might want the tests to simulate
multiple different clients (with different IPs), we don't appear to do
this currently.

Removing the spare client addresses minimizes the number of hard-coded
IP addresses in selftest.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-14 02:12:18 +00:00
Tim Beale
d192ba4e0b selftest: Add helper function to create exports file for a testenv
This writes out the environment variables that are normally setup in the
testenv xterm to a file. This allows them to be sourced later.

This function is currently unused. However, it provides an alternative
replacement for the selftest-vars.sh script (which is really out of
date). I do plan to make use of this function in a subsequent patch-set.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-12 01:53:26 +00:00
Tim Beale
0dbb923881 selftest: Move @exported_envvars into Samba.pm
This brings it closer to the code that actually sets these variables
(i.e. Samba3/4.pm).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-12 01:53:26 +00:00
Tim Beale
1d5583c913 dns_hub: Add some debug as to what DNS proxying is happening
This should make it clear at run-time how dns_hub is actually proxying
DNS requests, which will hopefully aid in debugging problems (i.e.
forgetting to add a mapping when adding a new DNS realm).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Mar  6 00:48:43 UTC 2019 on sn-devel-144
2019-03-06 00:48:43 +00:00
Tim Beale
2cd65a7a4e dns_hub: Minor variable rename
We've dropped the iface logic now - this dictionary maps from
realm-to-IP.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:31 +00:00
Tim Beale
327ed9758a selftest: Map realm to IP address (instead of iface)
The code is more readable if the hashmap translates between realm and
DC-name, rather than realm-to-iface. We already have a function to map
between DC-name and iface (and since we're doing this, we might as well
map straight to IP address).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:31 +00:00
Tim Beale
cbcd4f8f00 selftest: Pass realm-to-IP mapping to dns_hub as an argument
Instead of storing hashmaps in 2 different files, we can just convert a
perl hashmap into a string, pass it to dns_hub, and convert it back into
a python dictionary.

The main reason for doing this is the IP-to-testenv mapping now all
lives in a single file (Samba.pm). All this logic is right next to each
other rather than being split across multiple files. Hopefully this will
make it easier to keep it up to date as we add new testenvs.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:31 +00:00
Tim Beale
d6d8ecb596 selftest: Split out dns_hub's testenv realm-to-IP logic
Add a separate helper function, as the realm-to-IPv4-addr logic is
fairly self-contained.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:31 +00:00
Tim Beale
90ea8c2a99 selftest: Try to tie dns_hub IP mapping to Samba.pm better
dns_hub.py maps the testenv realm to an IP and Samba.pm maps the testenv
NetBIOS name to an IP. We need to keep the two places consistent, as we
add or remove testenvs.

This patch changes dns_hub.py so that it uses a similar hashmap to
Samba.pm. We now have a hashmap with the same name in 2 different
places, so hopefully that's easier to tie them together and keep them in
sync.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:30 +00:00
Tim Beale
d1e145d644 selftest: Cleanup Samba.pm iface mapping
It looks a bit cleaner if we declare the hash-map in one go, rather than
adding each entry one at a time. Also added a comment explaining what
the hash-map is for, and fixed up tab vs spaces inconsistencies.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:30 +00:00
Tim Beale
2b60936d91 selftest: Avoid hard-coding client IP address
We implicitly assume the client IP used by selftest is always
127.0.0.11. Add an iface entry for the client to make this a little more
explicit.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:30 +00:00
Tim Beale
572f83d62a selftest: dns_hub doesn't need to store $swiface
dns_hub doesn't need to store $ctx->{swiface}. Other testenvs store this
and export it as SOCKET_WRAPPER_DEFAULT_IFACE (i.e. for the tests to
use), but dns_hub doesn't need to do this.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:30 +00:00
Tim Beale
5e09d39211 selftest: Add helper functions to get IP addresses
Let's centralize these assumptions in one place.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-05 23:27:30 +00:00
Douglas Bagnall
4ddfe8fc75 dns_hub: use python 3 shebang
Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-03-04 21:41:17 +00:00
Stefan Metzmacher
13fe139fb2 selftest:Samba4: add ad_dc_backup alias to ad_dc
This will allow us to run really most tests in an isolated
autobuild/ci task later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-02-27 10:16:10 +00:00
Stefan Metzmacher
c217a15a2c selftest:Samba4: add ad_dc_default alias to ad_dc_ntvfs
This will allow us to run really most tests in an isolated
autobuild/ci task later.

This will apply to tests, which may not rely on the ntvfs backend, so
the ad_dc_default alias can point to another environment in future.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-02-27 10:16:10 +00:00
Stefan Metzmacher
c82b60c827 selftest:Samba4: add ad_dc_slowtests alias to ad_dc_ntvfs
This will allow us to run really slow tests in an isolated
autobuild/ci task later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-02-27 10:16:10 +00:00
Stefan Metzmacher
62eeab8f6c selftest:Samba4: add fl2008dc as alias to ad_dc_ntvfs
Using aliases it will be possible to split the large amount
of tests which use ad_dc_ntvfs into multiple autobuild/ci
tasks/jobs later.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-02-27 10:16:10 +00:00
Gary Lockyer
47cebbe215 s3 winbind auth_log: Tests for logon id logging.
Tests to validate that winbind generates a random logon_id and passes it
in the netlogon call.

This will allow the linking of the windbind authentication requests and
the SamLogon request on the DC.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-20 06:03:08 +01:00
Tim Beale
8fc04d2ce3 selftest: Initialize DC_SERVER/etc variables in one place
It's simpler to do setup DC_SERVER/etc in the same place we set
SERVER/etc. (Rather than initializing them for every single testenv,
like we were doing).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Feb 18 07:24:05 CET 2019 on sn-devel-144
2019-02-18 07:24:05 +01:00
Tim Beale
31c5d4c969 selftest: Add helper function to avoid repeated {DC_SERVER}=x
For every 2-DC testenv we setup, we copy the $DC_SERVER value of the
dependent testenv (i.e. the PDC) into the env variables for the new
testenv. This means DC_SERVER always points to the PDC (or first DC).

This adds a helper function to avoid repeating this code for every 2-DC
environment we setup.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-18 05:42:10 +01:00
Tim Beale
bc4c04380f selftest: Remove need for $RODC_DC_SERVER env variable
Same deal as earlier patch - we can use the $SERVER env variable instead
and avoid the need for this extra variable.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-18 05:42:09 +01:00
Tim Beale
b348045955 selftest: Remove unused environment variables
We only really want generic environment variables. For 2+ DC
environments, we have the $SERVER and $DC_SERVER (aka PDC) variables.
However, lots of testenvs also export really specific environment
variables, e.g. VAMPIRE_2000_DC_SERVER_IP (despite that testenv being
only used for a single test case).

Previously the <testenv>_SERVER variable was used for DRS tests, but we
can avoid the need to do this now. The other variables are not used at
all.

The RODC and TRUST environment variables are still used by a few tests.
SUBDOM_DC_SERVER is only used within Samba4.pm and not exported.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-18 05:42:09 +01:00
Tim Beale
aeadf75c24 selftest: Export DC conf path for special cases
In a few rare cases, a test needs to assert aspects both client-side and
server-side aspects. A typical example would be the audit logging, which
is exercising client-side behaviour, but also asserting the server-side
logging.

Usually this has involved a kludge in tests.py to either use
socket-wrapper explicitly, or hardcode in the server smb.conf path.

This patch exposes the existing SERVERCONFFILE env variable to the
tests. DC_SERVERCONFFILE has been added for 2 DC testenvs, where we need
the PDC's smb.conf.

The benefit of doing this way is the filepath/testenv-dependency logic
is all self-contained with the Perl code, and it doesn't bleed out into
tests.py as well.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-18 05:42:09 +01:00
Tim Beale
8f9bb790bc selftest: Add common function to return cmd environment variables
We prefix samba-tool commands with a bunch of WRAPPER/CONF environment
variables, in order for the command to work properly. These variables
are duplicated all over the place in the selftest code. This patch adds
a helper function to return the variables, so we can reduce the required
code down to a single line in a lot of places.

A couple of exceptions I've left alone:
- drs replicate, which omits the RESOLV_WRAPPER_CONF/_HOSTS variables
  (I'm not sure whether that's deliberate or not).
- create_backup(), which uses the backupfromdc's krb5.conf rather than
  the new testenv.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-18 05:42:09 +01:00
Stefan Metzmacher
8c0853b80c selftest:Samba4: wait for DNS names being registered
We can't reliable start tests without registered dns names.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-14 02:18:29 +01:00
Stefan Metzmacher
b988695ed7 selftest:Samba4: report when samba is started and ready
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-14 02:18:29 +01:00
Andrew Bartlett
30d505e91b selftest: Only set clockskew to 5 seconds for MIT Kerberos
This was added in ac5427c6eb as part of the MIT KDC
effort, but makes some tests much less reliable under high load.

As the Heimdal build does not need this, only specify for the MIT build.

Tested with an MIT AD DC build with:
 make test TESTS="samba3.raw.session samba3.smb2.session"

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Feb 13 05:49:43 CET 2019 on sn-devel-144
2019-02-13 05:49:43 +01:00
Tim Beale
22c016b121 selftest: Change backup/restore testenvs to use 1 prefork child
Recently the gitlab CI jobs were hitting memory resource limits and
using swap, which then caused test failures. The process model used in
the testenvs seemed to be contributing to this problem.

We can reduce the memory overhead of the restore/backup testenvs by
using 1 prefork child process instead of the default of 4 (kudos to
Garming for the idea). The tests run against these testenvs are basic
sanity-checks, rather than heavy-duty stress tests, so the number of
prefork workers shouldn't matter.

This is a bit of a tradeoff between testing the defaults that will
actually be used in production vs using limited resources efficiently on
shared CI runner machines.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-13 04:15:15 +01:00
Tim Beale
85a7b4bf70 selftest: Use default 'prefork children' smb.conf setting
The default setting should be 4, so there should be no need to specify
this in the testenv smb.conf.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-13 04:15:15 +01:00
Stefan Metzmacher
80d293ca0c selftest: improve debugging in dns_hub.py
We only print debug messages when the response is delayed by more than 2
seconds.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-11 11:41:21 +01:00
Tim Beale
55cce81587 selftest: Make dns_hub socket timeout match DNS_REQUEST_TIMEOUT
I was hitting the recv_packet = s.recv(2048, 0) exception because
the socket timeout was reached. We've seen it before, but it seemed more
common after changing the default process-model to prefork. This patch
makes the socket timeout used by the python code consistent with the C
code.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-11 11:41:21 +01:00
Stefan Metzmacher
39c1aa2857 selftest: make check password script more portable
We should not rely on Linux specific sed options.

grep -q also works on FreeBSD (tested on FreeBSD 12).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-11 07:43:31 +01:00
Tim Beale
b2126cd6f4 selftest: Add comment elaborating on what ENV_DEPS actually does
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:16 +01:00
Tim Beale
6cee31b0ba selftest: Reorder ENV_DEPS so similar testenvs are together
Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:16 +01:00
Tim Beale
402715206f selftest: Fix running proclimit tests locally
The dns_hub changes missed a dependency. Fortunately, during an
autobuild, the dns_hub is always up and running by the time the
proclimitdc tests are run. However, the tests were failing if run
locally just on their own.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:16 +01:00
Tim Beale
d29853ab0a selftest: Convert backup/restore testenvs to use default
These testenvs shouldn't be dependent on the process model at all, so we
should be able to convert them to the new default without any
repercussions.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:16 +01:00
Tim Beale
4603351544 selftest: Make process_model argument optional in check_or_start()
It's more realistic to *not* always specify a process-model, and rely on
the samba code to use the correct default. This patch changes selftest
so we only use the -M process-model option if a particular process_model
was specified. Otherwise the testenv will use whatever the default is.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:16 +01:00
Tim Beale
b4211f6923 selftest: Add dns_hub to selftest/target/README
Add a description explaining what dns_hub does and why we need it.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:15 +01:00
Tim Beale
a094e16fd5 selftest: Move dns_hub.py into selftest directory
As dns_hub.py is now integral to the selftest environments, it seems to
make sense for it to live under the selftest/ directory.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2019-02-01 03:36:15 +01:00
Stefan Metzmacher
d03991f569 selftest:Samba4: use 'smbcontrol samba shutdown'
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13752

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Björn Baumbach <bbaumbach@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Jan 30 01:51:48 CET 2019 on sn-devel-144
2019-01-30 01:51:48 +01:00
Jeremy Allison
7b21b4c1f5 s3: tests: Add regression test for smbd crash on share force group change with existing connection.
Mark as known fail for now.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13690

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2019-01-25 13:20:23 +01:00
Tim Beale
a310de2db1 selftest: Give the backup testenvs a 'test1' share
The ntacls_backup tests use the test1 share, and we want to run them
against the restoredc (which has SMBv1 disabled).

The xattr.tdb file is needed for the backend_obj.wrap_getxattr() call
(in ntacls.py) to work.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-17 01:40:31 +01:00
Volker Lendecke
99b775336b selftest: Use dns_hub's resolv.conf
Pass it as RESOLV_CONF envvar everywhere

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-15 07:53:22 +01:00
Volker Lendecke
5f02a6af94 selftest: Add dns_hub deps
All the DCs want the dns forwarder

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-15 07:53:22 +01:00
Stefan Metzmacher
62584f3d08 selftest: setup_dns_hub
Start the central dns forwarder on interface 64

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-15 07:53:22 +01:00
Stefan Metzmacher
e61f9406de selftest:Samba4: run fl2003dc without security context multiplexing
BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jan 12 06:25:37 CET 2019 on sn-devel-144
2019-01-12 06:25:37 +01:00
Stefan Metzmacher
ea0a704177 selftest:Samba4: run the raw_protocol test with a limit of 8 auth contexts
This is much faster than exploring the limit of 2049 during autobuild.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-12 03:13:42 +01:00
Stefan Metzmacher
276286caa9 selftest:Samba4: allow dcerpc auth level connect:lsarpc = yes in chgdcpass
This is required to explore the details of security context multiplexing
using lsa_GetUserName().

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-12 03:13:40 +01:00
Stefan Metzmacher
954dd89f51 selftest: use "dcerpc_remote:allow_anonymous_fallback = yes" for rpc_proxy
This already uses anonymous credentials as the remote connection is done
during the bind before the realm authentication has started.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=7113
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11892

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-12 03:13:38 +01:00
Volker Lendecke
6e0acc7c39 selftest: Remove duplicate dependency definition
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2019-01-10 02:41:29 +01:00
Samuel Cabrero
d0b5e216b0 selftest: Create included files during provision
Files included from smb.conf have to exists, otherwise python fails to
load the configuration. Found while trying to run a python test before
samba3.blackbox.smbd_error creates the included file.

Signed-off-by: Samuel Cabrero <scabrero@suse.de>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-12-19 12:42:09 +01:00
Justin Stephenson
a80fee5054 s4:torture/smb2/session: Fix expire tests
When run with MIT kerberos, the smb2 session expire tests fail when run
against the ad_member test environment. The krb5 library initializes
values from the private krb5.conf profile
st/ad_member/lockdir/smb_krb5/krb5.conf.ADDOMAIN, this file does not
contain a defined clockskew setting. The expire tests require a low
clockskew value that is set in st/ad_member/lib/krb5.conf.

This patch disables the creation of the private krb5.conf for the
ad_member_idmap_rid testenv, and runs the smb2.session tests
against ad_member_idmap_rid instead of ad_member.

Signed-off-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Wed Dec 12 12:51:24 CET 2018 on sn-devel-144
2018-12-12 12:51:24 +01:00
Tim Beale
bd4bdced5f selftest: Don't run KCC on backup testenvs (to avoid flappiness)
KCC onthe backup domain (i.e. backupfromdc, restoredc, offlinebackupdc)
can establish new connections for replication. Depending on timing,
this can cause the join_ldapcmp test to fail, because there's an extra
object under the NTDS Settings, at the point the ldapcmp is done.

We don't need any replication to happen on the backup domain. The
backup/restore workflow in the real world should mean that the restored DC
is never run in the same network as the original DC.

This patch updates the default KCC command for the backup testenvs to be
a no-op, so the DCs won't create new connection objects.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Dec  6 12:03:53 CET 2018 on sn-devel-144
2018-12-06 12:03:53 +01:00
Andreas Schneider
a92f0ccce6 s3:tests: Add test for checking that root is not allowed as home dir
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Dec  5 05:22:43 CET 2018 on sn-devel-144
2018-12-05 05:22:43 +01:00
Andreas Schneider
cc471448df s3:tests: Test for users connecting to their 'homes' share
This adds a test for CVE-2009-2813.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
2018-12-05 01:38:14 +01:00
Andreas Schneider
3b38dddff2 selftest: Add gooduser and eviluser to Samba3
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Ralph Böhme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-12-05 01:38:14 +01:00
Gary Lockyer
2381b4ff67 s4 smbd standard tests: limit forked processes
Tests to confirm the standard process model honours the smbd.conf
variable "max smbd processes", when forking a new process on accept.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-30 11:42:44 +01:00
Ralph Boehme
cfffa2e242 s3:selftest: add a VSS test reading a stream
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13455

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-27 07:13:13 +01:00
Ralph Boehme
12778f0159 s3:script/tests: add a test for VSS write behaviour
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13688

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-27 07:13:13 +01:00
Tim Beale
160031f7b7 selftest: Designate one testenv as having SMBv1 disabled
We recommend users disable SMBv1 to avoid potential security holes.
However, none of the AD DC testenvs have SMBv1 disabled.

This patch disables SMBv1 on an arbitrarily-chosen testenv (restoredc).

I chose restoredc as we'll want to run the backup tool tests against
this target, and it might be useful to check we can backup a DC if it's
already been restored once.

Note that SMBv2 doesn't support POSIX extensions (only SMBv1 does),
which is why we haven't just disabled SMBv1 on *all* testenvs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-27 03:43:17 +01:00
Tim Beale
bfb138e9be selftest: Make testenv NTVFS usage match --use-ntvfs
Regardless of whether the testenv uses --use-ntvfs as part of its
provision options, the s4 testenvs all default to using the NTVFS file
server.

It's not particularly obvious that this is happening. The new restore
DCS (restoredc, renamedc, labdc) were all using NTVFS unintentionally.

The problem is the s4 testenvs default to using services '-s3fs +smb".
provision_ad_dc() explicitly overrides this to use s3fs again
(technically it ends up with both in its smb.conf and just uses whatever
comes last).

This patch changes the testenv setup to check for the presence of the
'--use-ntvfs' option and to set the 'server services' config option
appropriately. This way, the provision command and the smb.conf options
should always line up, with respect to NTVFS.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-27 03:43:17 +01:00
Tim Beale
da933b7664 selftest: Make chgdcpass's NTVFS usage more obvious
The chgdcpass testenv was not passing --use-ntvfs to the provision
command, but it was still actually using NTVFS.

The reason is the smb.conf generated by provision_raw_step1() would
always try to use the s4/NTVFS file server. Because the smb.conf already
existed, this trumped what was passed to the provision command.

This patch doesn't change the chgdcpass file server. It just makes it
more obvious that chgdcpass is using NTVFS.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-27 03:43:17 +01:00
Tim Beale
632b3ab7d4 selftest: Be explicit about which testenvs use ntvfs
If a testenv didn't specify any other provision arguments, then it
defaulted to using the NTVFS file server.

This patch makes it explicit, so we just pass through "--use-ntvfs" as
extra provision args in the cases we want.

(Whether all these testenvs really need to use NTVFS or not is another
question, but at least now it's easy to see which testenvs use it).

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13676

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-27 03:43:17 +01:00
Gary Lockyer
5fa134dc83 source4 smbd test: prefork process restart
Add tests for the restarting of failed/terminated process, by the
pre-fork process model.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-23 08:25:19 +01:00
Tim Beale
55fa7bc01d selftest: Fix backup testenv creation on certain host machines
When we created the backup-file for the restoredc/renamedc/labdc
testenvs we weren't explicitly a --configfile on the samba-tool command.
This meant the command tried to use the smb.conf form the default
install location, i.e. /usr/local/samba/etc/smb.conf. On the gitlab CI
runner, there's no samba installed, so it ends up using the default
settings, which is fine. However, if the host machine had an invalid
smb.conf installed there, creating the testenv would fail with an error
like:

ERROR(runtime): uncaught exception - Unable to load default file
File "bin/python/samba/netcmd/__init__.py", line 184, in _run
return self.run(*args, **kwargs)
File "bin/python/samba/netcmd/domain_backup.py", line 222, in run
lp = sambaopts.get_loadparm()
  File "bin/python/samba/getopt.py", line 94, in get_loadparm
    self._lp.load_default()

We can avoid this by always explictly specifying the backupfromdc's
smb.conf when creating the backup file.

Likewise, labdc/customdc also need the config specified when the admin
password is reset.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-11-09 17:52:30 +01:00
Tim Beale
96d47c21d5 selftest: Add README note: always use --configfile in testenv creation
We always need to specify "env->{CONFIGURATION}" when running a samba-tool
command to setup a testenv. Add a note to the README as this wasn't at
all clear.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
2018-11-09 17:52:30 +01:00
Volker Lendecke
f21bc3adda selftest: Test hide new files timeout
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Nov  9 03:49:55 CET 2018 on sn-devel-144
2018-11-09 03:49:55 +01:00
Gary Lockyer
de1f49752c autobuild: make ad_dc use prefork process model
Convert the ad_dc environment from single process model to the prefork
process model.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-07 17:55:09 +01:00
Tim Beale
3ca13997e5 selftest: Add some more testenv descriptions
This still doesn't cover all the testenvs comprehensively, but it
pretty much exhausts my knowledge of what the various testenvs do.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>

Autobuild-User(master): Douglas Bagnall <dbagnall@samba.org>
Autobuild-Date(master): Wed Nov  7 04:39:05 CET 2018 on sn-devel-144
2018-11-07 04:39:05 +01:00
Tim Beale
5870c642ce selftest: Add README documenting the customdc testenv
Also documented the other backup/restore testenvs as well.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-11-07 01:29:23 +01:00
Christof Schmitt
a8e79decbc selftest: Add share to test "delete readonly" option
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13673

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-03 03:01:25 +01:00
Ralph Boehme
e37ff8c5fe s4:torture/smb2/read: add test for cancelling SMB aio
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13667

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-11-02 21:21:14 +01:00
Tim Beale
e2ee595202 selftest: Remove unnecessary code for backup testenvs
setup_namespaces() already gets done for the backupfromdc's domain, so
this step is unnecessary for the restoredc and offlinebackupdc testenvs
(which are based off the backupfromdc's database).

The setup_namespaces() step is still necessary for the renamedc/labdc,
as these don't have the UPN/SPN suffixes for the new realm yet.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Thu Nov  1 13:06:01 CET 2018 on sn-devel-144
2018-11-01 13:06:01 +01:00
Tim Beale
1451b696ee selftest: Add new customdc testenv that can load any backup-file
This adds a new testenv that can be used for sandpit/manual testing.
This testenv can be based off any backup-file that you like.

The main use case is large databases. Populating 1000s of users is
time-consuming (it can take hours to create a really large DB). Instead
of having to manually add users to the testenv every time you want to
try something, this allows you to populate the users just once, take a
backup/snapshot of the DB, and then spin up the backup multiple times.

In theory this testenv could be useful for other situations too, e.g.
dealing with a corrupted database, testing DB migration (e.g. 4.7 -->
4.8), or if (for some reason) you wanted to create a realistic
lab-domain within a testenv.

To run-up the testenv you need to specify a BACKUP_FILE environment
variable (the same way we specify the SELFTEST_TESTENV), e.g.
  BACKUP_FILE=/files/backup-10k-ad_dc.tar.bz2 \
    SELFTEST_TESTENV=customdc make testenv

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-11-01 09:41:19 +01:00
Ralph Boehme
6f022e6159 s4:torture: add test for AppleDouble ResourceFork conversion
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13642

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-10-31 21:27:17 +01:00
Tim Beale
a9a65adb02 selftest: Specify different DB backends for restored testenvs
Vary the DB backend that we use for the renamed DCs. The labdc and
renamedc are fairly similar, so let's have each of them use a different
backend.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
2018-10-31 00:30:16 +01:00
Noel Power
9f8a570f90 selftest/target: Make sure samba-tool is called with ${PYTHON}
Ensure python scripts are called with the python version that
is defined by $PYTHON

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-10-23 05:50:25 +02:00
David Mulder
f702ad943e gpupdate: Remove the unnecessary url parameter
The samdb object isn't initialized here anymore,
but in the gp_sec_ext, so this parameter to
gpupdate does nothing.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Aurelien Aptel <aaptel@suse.com>
2018-10-08 18:17:15 +02:00
Tim Beale
696fa6a1e6 selftest: Change backup testenvs to use non-default site
Previously (i.e. up until the last patch) the backup/restore commands
only worked if the Default-First-Site-Name site was present. If this
site didn't exist, then the various restore testenvs would fail to
start. This is now fixed, but this patch changes the backupfrom testenv
so that it uses a non-default site. This will detect the problem if it
is ever re-introduced.

To do this we need to change provision_ad_dc() so the
extra_provision_options can be specified as an argument. (Note that Perl
treats undef the same as an empty array).

By default, the restore will add the new DC into the
Default-First-Site-Name site. This means the backupfromdc and restored
testenvs will now have different sites, so we need to update the ldapcmp
filters to exclude site-specific attributes.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13621

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-09-26 07:49:17 +02:00
Andrew Bartlett
71ba7cb9b1 selftest: Add new test to run krb5.kdc.canon against a user with an SPN for a UPN
The failures in this test compared with Windows Server 1709 are added to
knownfail.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-05 11:42:24 +02:00
Andrew Bartlett
85ef0590a5 selftest: Set RESOLV_WRAPPER_CONF/RESOLV_WRAPPER_HOSTS when running dcpromo
Otherwise this relies on the order that tests run to cause the environment variable
to be left behind.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-03 03:22:20 +02:00
Andrew Bartlett
cfb19e98b1 selftest: Set NSS_WRAPPER_HOSTS when creating the trusts
Otherwise this relies on the order that tests run to cause the environment variable
to be left behind.

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-09-03 03:22:19 +02:00
Ralph Boehme
5508024a86 selftest: add a durable handle test with delayed disconnect
Bug: https://bugzilla.samba.org/show_bug.cgi?id=13549

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-08-31 22:22:23 +02:00
Andrew Bartlett
a4f9e3805e selftest: Ensure winbindd is talking to the DC (itself) at startup
This might reduce issues with the first winbind-using test failing

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-08-25 09:00:16 +02:00
Christof Schmitt
a98f09a09d selftest: Load time_audit and full_audit modules for all tests
Previously the only test was to load these modules to trigger the
smb_vfs_assert_all_fns check. As these modules just pass through the
calls, they can be loaded for all tests to ensure that the codepaths are
exercised. This would have found the problem in
smb_time_audit_offload_read_recv.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13568

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Mon Aug 13 22:35:20 CEST 2018 on sn-devel-144
2018-08-13 22:35:20 +02:00
Aaron Haslett
eb4161d701 selftest: offline backup restore target
This is a selftest target built from a restored offline backup.
Other backup routines are modified to remove the assumption that every backup
requires server and credentials arguments, since offline backup doesn't
want them.  Also, prepare_dc_testenv now returns the generated ctx so we can
run or re-run routines that require it later.

Signed-off-by: Aaron Haslett <aaron.haslett@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>

Autobuild-User(master): Gary Lockyer <gary@samba.org>
Autobuild-Date(master): Mon Aug  6 08:45:19 CEST 2018 on sn-devel-144
2018-08-06 08:45:19 +02:00
Noel Power
801c1856a3 s3/script/tests: Add simple (smb1 & smb2) get/set/list tests for smbcquotas
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13553

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-07-31 16:56:25 +02:00
Ralph Boehme
409d462f49 selftest: run smbtorture3 SMB2-BASIC tests against additional shares
This runs the smbtorture3 SMB2-BASIC and smb2.compound_find tests against shares
with "smbd:async dosmode" enabled.

On the vfs_aio_pthread_async_dosmode_force_sync* shares we
force a sync threadpool which ensures we test behaviour on systems that
don't support unshare(CLONE_FS) and also don't support
per-thread-credentials. This simulates the code path of non linux
systems. And makes sure that we don't regress there.

We also test with xattr_tdb and without.

Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>

Signed-off-by: Ralph Boehme <slow@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Jul 27 16:04:02 CEST 2018 on sn-devel-144
2018-07-27 16:04:02 +02:00
Ralph Boehme
cbb7eb1fa2 selftest: set "smbd:async dosmode = no" in the vfs_aio_pthread share
This just explicitly sets the current default, to ensure the tests that
use this share always use the same "smbd:async dosmode" setting even if
the default changes in the future.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-07-27 13:07:15 +02:00
Tim Beale
7b70637e9f selftest: Add a 'LABDC' testenv to mimic a preproduction test-bed
One of the use-cases for the domain rename tool is to produce a lab
domain that can be used for pre-production testing of Samba.
Basically this involves taking a backup rename with --no-secrets (which
scrubs any sensitive info), and then restoring it.

This patch adds a testenv that mimics how a user would go about creating
a lab-domain. We run the same tests that we run against the restore and
rename testenvs.

Note that the rpc.echo tests for the testallowed and testdenied users
fail, because we don't backup the secrets for these users. So these
tests failing proves that the lab-DC testenv is correct.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-10 04:42:10 +02:00
Tim Beale
20568e00e6 selftest: Add dedicated RENAMEDC testenv for 'backup rename'
Add a new testenv that's similar to the existing restoredc, except we
use 'backup rename' to rename the domain as we back it up.

Restoring this backup then proves that a valid DC can be started from a
renamed backup.

Run the same sub-set of RESTOREDC tests to prove that the new testenv is
sound.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-05 04:01:26 +02:00
David Mulder
a958dc35bb samba-gpupdate: Change machine option to target
On a Windows client, you designate machine/user
apply with a 'target' parameter. This change
makes gpupdate work more like that command.

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Wed Jul  4 13:23:09 CEST 2018 on sn-devel-144
2018-07-04 13:23:09 +02:00
David Mulder
c8621948f6 samba_gpoupdate: Rename the command to samba-gpupdate
On a Windows client, this command is called 'gpupdate'

Signed-off-by: David Mulder <dmulder@suse.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-07-04 10:22:15 +02:00
Tim Beale
ccba77a9d8 selftest: Add testenv for testing backup/restore
This adds a new testenv for testing that a DC created using the
samba-tool backup/restore can actually be started up. This actually
requires 2 new testenvs:

1. A 'backupfromdc' that solely exists to make a online backup of.
2. A 'restoredc' which takes the backup, and then uses the backup file
to do a restore, which we then start the DC based on.

The backupfromdc is just a plain vanilla AD DC. We use a separate test
env purely for this purpose, because the restoredc will use the same
domain (and so using an existing testenv would potentially interfere
with existing test cases).

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-07-03 10:39:14 +02:00
Tim Beale
c9cf62bd3a selftest: Update MAX_WRAPPED_INTERFACES comment to match code
Commit 19606e4dc6 updated the MAX_WRAPPED_INTERFACES define
in the C code from 40 to 64.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-28 03:34:27 +02:00
Gary Lockyer
d4deb800e2 dsdb: Audit group membership changes
Log details of Group membership changes and User Primary Group changes.
Changes are logged in human readable and if samba has been built with
JANSSON support in JSON format.

Replicated updates are not logged.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-09 15:02:11 +02:00
Gary Lockyer
1c0f743c2d dsdb: audit samdb and password changes
Add audit logging of DSDB operations and password changes, log messages
are logged in human readable format and if samba is commpile with
JANSSON support in JSON format.

Log:
  * Details all DSDB add, modify and delete operations. Logs
    attributes, values, session details, transaction id.
  * Transaction roll backs.
  * Prepare commit and commit failures.
  * Summary details of replicated updates.

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2018-06-09 15:02:11 +02:00
Volker Lendecke
003f24ee43 selftest: Fix resolv_wrapper config variables
It can't really matter in this case, but it removes confusion

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed May 30 21:46:53 CEST 2018 on sn-devel-144
2018-05-30 21:46:53 +02:00
Christof Schmitt
7ffcbd5ce1 selftest: Add dfq_cache share with 'dfree cache time' set
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13446

Signed-off-by: Christof Schmitt <cs@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2018-05-25 22:52:12 +02:00
Andrew Bartlett
1118fc3b26 selftest: Run ad_dc and vampire_dc with --backend-store=mdb
This ensures the LMDB backend is tested in make test

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
2018-05-23 02:27:12 +02:00
Andreas Schneider
5319cae000 selftest: Add a user with a different userPrincipalName
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13369

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-05-11 09:07:36 +02:00