1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-13 13:18:06 +03:00
samba-mirror/source3/script/tests/test_sacl_set_get.sh
Jeremy Allison b338636a1e s3: torture: Call the smbtorture3 SMB2-SACL test.
Calls the test in the previous commit by adding
SeSecurityPrivilege first, running the SMB2-SACL test
then removing SeSecurityPrivilege.

Demonstrates the difference between server behavior
with SEC_FLAG_SYSTEM_SECURITY against SMB1 and SMB2 servers.

Mark as knownfail for now.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
2020-04-21 18:37:39 +00:00

45 lines
1.0 KiB
Bash
Executable File

#!/bin/sh
#
# Runs the smbtorture3 SMB2-SACL test
# that requres SeSecurityPrivilege
# against Samba.
#
if [ $# -lt 7 ]; then
echo "Usage: $0 SERVER SERVER_IP USERNAME PASSWORD SMBTORTURE3 NET SHARE"
exit 1
fi
SERVER="$1"
SERVER_IP="$2"
USERNAME="$3"
PASSWORD="$4"
SMBTORTURE3="$5"
NET="$6"
SHARE="$7"
failed=0
incdir=`dirname $0`/../../../testprogs/blackbox
. $incdir/subunit.sh
sacl_set_get() {
out=$($SMBTORTURE3 //$SERVER_IP/$SHARE -U $USERNAME%$PASSWORD SMB2-SACL)
if [ $? -ne 0 ] ; then
echo "SMB2-SACL failed"
echo "$out"
return 1
fi
}
# Grant SeSecurityPrivilege to the user
testit "grant SeSecurityPrivilege" $NET rpc rights grant $USERNAME SeSecurityPrivilege -U $USERNAME%$PASSWORD -I $SERVER_IP || failed=`expr $failed + 1`
# Run the tests.
testit "SACL set_get" sacl_set_get || failed=`expr $failed + 1`
# Revoke SeSecurityPrivilege
testit "revoke SeSecurityPrivilege" $NET rpc rights revoke $USERNAME SeSecurityPrivilege -U $USERNAME%$PASSWORD -I $SERVER_IP || failed=`expr $failed + 1`
exit $failed