1 # Unix SMB/CIFS implementation.
2 # Copyright (C) Andrew Bartlett 2012
5 # Copyright (C) Sean Dague <sdague@linux.vnet.ibm.com> 2011
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation; either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
24 from samba.tests.samba_tool.base import SambaToolCmdTest
28 class NtACLCmdSysvolTestCase(SambaToolCmdTest):
29 """Tests for samba-tool ntacl sysvol* subcommands"""
32 (result, out, err) = self.runsubcmd("ntacl", "sysvolreset",
34 self.assertCmdSuccess(result, out, err)
35 self.assertEqual(out, "", "Shouldn't be any output messages")
36 self.assertIn("Please note that POSIX permissions have NOT been changed, only the stored NT ACL", err)
39 (result, out, err) = self.runsubcmd("ntacl", "sysvolreset",
42 self.assertCmdSuccess(result, out, err)
43 self.assertEqual(err, "", "Shouldn't be any error messages")
44 self.assertEqual(out, "", "Shouldn't be any output messages")
46 def test_ntvfs_check(self):
47 (result, out, err) = self.runsubcmd("ntacl", "sysvolreset",
49 self.assertCmdSuccess(result, out, err)
50 self.assertEqual(out, "", "Shouldn't be any output messages")
51 self.assertIn("Please note that POSIX permissions have NOT been changed, only the stored NT ACL", err)
52 # Now check they were set correctly
53 (result, out, err) = self.runsubcmd("ntacl", "sysvolcheck")
54 self.assertCmdSuccess(result, out, err)
55 self.assertEqual(err, "", "Shouldn't be any error messages")
56 self.assertEqual(out, "", "Shouldn't be any output messages")
58 def test_s3fs_check(self):
59 (result, out, err) = self.runsubcmd("ntacl", "sysvolreset",
62 self.assertCmdSuccess(result, out, err)
63 self.assertEqual(err, "", "Shouldn't be any error messages")
64 self.assertEqual(out, "", "Shouldn't be any output messages")
66 # Now check they were set correctly
67 (result, out, err) = self.runsubcmd("ntacl", "sysvolcheck")
68 self.assertCmdSuccess(result, out, err)
69 self.assertEqual(err, "", "Shouldn't be any error messages")
70 self.assertEqual(out, "", "Shouldn't be any output messages")
73 class NtACLCmdGetSetTestCase(SambaToolCmdTest):
74 """Tests for samba-tool ntacl get/set subcommands"""
76 acl = "O:DAG:DUD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)"
79 path = os.environ['SELFTEST_PREFIX']
80 tempf = os.path.join(path, "pytests" + str(int(100000 * random.random())))
81 open(tempf, 'w').write("empty")
83 (result, out, err) = self.runsubcmd("ntacl", "set", self.acl, tempf,
85 self.assertCmdSuccess(result, out, err)
86 self.assertEqual(out, "", "Shouldn't be any output messages")
87 self.assertIn("Please note that POSIX permissions have NOT been changed, only the stored NT ACL", err)
90 path = os.environ['SELFTEST_PREFIX']
91 tempf = os.path.join(path, "pytests" + str(int(100000 * random.random())))
92 open(tempf, 'w').write("empty")
94 (result, out, err) = self.runsubcmd("ntacl", "set", self.acl, tempf,
97 self.assertCmdSuccess(result, out, err)
98 self.assertEqual(err, "", "Shouldn't be any error messages")
99 self.assertEqual(out, "", "Shouldn't be any output messages")
101 def test_ntvfs_check(self):
102 path = os.environ['SELFTEST_PREFIX']
103 tempf = os.path.join(path, "pytests" + str(int(100000 * random.random())))
104 open(tempf, 'w').write("empty")
106 (result, out, err) = self.runsubcmd("ntacl", "set", self.acl, tempf,
108 self.assertCmdSuccess(result, out, err)
109 self.assertEqual(out, "", "Shouldn't be any output messages")
110 self.assertIn("Please note that POSIX permissions have NOT been changed, only the stored NT ACL", err)
112 # Now check they were set correctly
113 (result, out, err) = self.runsubcmd("ntacl", "get", tempf,
114 "--use-ntvfs", "--as-sddl")
115 self.assertCmdSuccess(result, out, err)
116 self.assertEqual(err, "", "Shouldn't be any error messages")
117 self.assertEqual(self.acl + "\n", out, "Output should be the ACL")
119 def test_s3fs_check(self):
120 path = os.environ['SELFTEST_PREFIX']
121 tempf = os.path.join(path, "pytests" + str(int(100000 * random.random())))
122 open(tempf, 'w').write("empty")
124 (result, out, err) = self.runsubcmd("ntacl", "set", self.acl, tempf,
126 self.assertCmdSuccess(result, out, err)
127 self.assertEqual(out, "", "Shouldn't be any output messages")
128 self.assertEqual(err, "", "Shouldn't be any error messages")
130 # Now check they were set correctly
131 (result, out, err) = self.runsubcmd("ntacl", "get", tempf,
132 "--use-s3fs", "--as-sddl")
133 self.assertCmdSuccess(result, out, err)
134 self.assertEqual(err, "", "Shouldn't be any error messages")
135 self.assertEqual(self.acl + "\n", out, "Output should be the ACL")
137 class NtACLCmdChangedomsidTestCase(SambaToolCmdTest):
138 """Tests for samba-tool ntacl changedomsid subcommand"""
140 acl = "O:DAG:DUD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)"
141 new_acl="O:S-1-5-21-2212615479-2695158682-2101375468-512G:S-1-5-21-2212615479-2695158682-2101375468-513D:P(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375468-512)(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375468-519)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375468-512)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)"
142 domain_sid=os.environ['DOMSID']
143 new_domain_sid="S-1-5-21-2212615479-2695158682-2101375468"
145 def test_ntvfs_check(self):
146 path = os.environ['SELFTEST_PREFIX']
147 tempf = os.path.join(
148 path, "pytests" + str(int(100000 * random.random())))
149 open(tempf, 'w').write("empty")
151 print("DOMSID: %s", self.domain_sid)
153 (result, out, err) = self.runsubcmd("ntacl",
158 self.assertCmdSuccess(result, out, err)
159 self.assertEqual(out, "", "Shouldn't be any output messages")
160 self.assertIn("Please note that POSIX permissions have NOT been "
161 "changed, only the stored NT ACL", err)
163 (result, out, err) = self.runsubcmd("ntacl",
169 self.assertCmdSuccess(result, out, err)
170 self.assertEqual(out, "", "Shouldn't be any output messages")
171 self.assertIn("Please note that POSIX permissions have NOT been "
172 "changed, only the stored NT ACL.", err)
174 # Now check they were set correctly
175 (result, out, err) = self.runsubcmd("ntacl",
180 self.assertCmdSuccess(result, out, err)
181 self.assertEqual(err, "", "Shouldn't be any error messages")
182 self.assertEqual(self.new_acl + "\n", out, "Output should be the ACL")
184 def test_s3fs_check(self):
185 path = os.environ['SELFTEST_PREFIX']
186 tempf = os.path.join(
187 path, "pytests" + str(int(100000 * random.random())))
188 open(tempf, 'w').write("empty")
190 print("DOMSID: %s" % self.domain_sid)
192 (result, out, err) = self.runsubcmd("ntacl",
198 self.assertCmdSuccess(result, out, err)
199 self.assertEqual(out, "", "Shouldn't be any output messages")
200 self.assertEqual(err, "", "Shouldn't be any error messages")
202 (result, out, err) = self.runsubcmd("ntacl",
209 self.assertCmdSuccess(result, out, err)
210 self.assertEqual(out, "", "Shouldn't be any output messages")
211 self.assertEqual(err, "", "Shouldn't be any error messages")
213 # Now check they were set correctly
214 (result, out, err) = self.runsubcmd("ntacl",
220 self.assertCmdSuccess(result, out, err)
221 self.assertEqual(err, "", "Shouldn't be any error messages")
222 self.assertEqual(self.new_acl + "\n", out, "Output should be the ACL")