wintest/test-s3.py

   1 #!/usr/bin/env python
   2
   3 '''automated testing of Samba3 against windows'''
   4
   5 import sys, os
   6 import optparse
   7 import wintest
   8
   9
  10 def set_libpath(t):
  11     t.putenv("LD_LIBRARY_PATH", "${PREFIX}/lib")
  12
  13
  14 def set_krb5_conf(t):
  15     t.run_cmd("mkdir -p ${PREFIX}/etc")
  16     t.write_file("${PREFIX}/etc/krb5.conf",
  17                  '''[libdefaults]
  18         dns_lookup_realm = false
  19         dns_lookup_kdc = true''')
  20
  21     t.putenv("KRB5_CONFIG", '${PREFIX}/etc/krb5.conf')
  22
  23
  24 def build_s3(t):
  25     '''build samba3'''
  26     t.info('Building s3')
  27     t.chdir('${SOURCETREE}/source3')
  28     t.putenv('CC', 'ccache gcc')
  29     t.run_cmd("./autogen.sh")
  30     t.run_cmd("./configure -C --prefix=${PREFIX} --enable-developer")
  31     t.run_cmd('make basics')
  32     t.run_cmd('make -j4')
  33     t.run_cmd('rm -rf ${PREFIX}')
  34     t.run_cmd('make install')
  35
  36
  37 def start_s3(t):
  38     t.info('Starting Samba3')
  39     t.chdir("${PREFIX}")
  40     t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
  41     t.run_cmd("rm -f var/locks/*.pid")
  42     t.run_cmd(['sbin/nmbd', "-D"])
  43     t.run_cmd(['sbin/winbindd', "-D"])
  44     t.run_cmd(['sbin/smbd', "-D"])
  45     t.port_wait("${INTERFACE_IP}", 139)
  46
  47
  48 def test_wbinfo(t):
  49     t.info('Testing wbinfo')
  50     t.chdir('${PREFIX}')
  51     t.cmd_contains("bin/wbinfo --version", ["Version 4."])
  52     t.cmd_contains("bin/wbinfo -p", ["Ping to winbindd succeeded"])
  53     t.retry_cmd("bin/wbinfo --online-status",
  54                 ["BUILTIN : online",
  55                  "${HOSTNAME} : online",
  56                  "${WIN_DOMAIN} : online"],
  57                 casefold=True)
  58     t.cmd_contains("bin/wbinfo -u",
  59                    ["${WIN_DOMAIN}/administrator",
  60                     "${WIN_DOMAIN}/krbtgt"],
  61                    casefold=True)
  62     t.cmd_contains("bin/wbinfo -g",
  63                    ["${WIN_DOMAIN}/domain users",
  64                     "${WIN_DOMAIN}/domain guests",
  65                     "${WIN_DOMAIN}/domain admins"],
  66                    casefold=True)
  67     t.cmd_contains("bin/wbinfo --name-to-sid administrator",
  68                    "S-1-5-.*-500 SID_USER .1",
  69                    regex=True)
  70     t.cmd_contains("bin/wbinfo --name-to-sid 'domain users'",
  71                    "S-1-5-.*-513 SID_DOM_GROUP .2",
  72                    regex=True)
  73
  74     t.retry_cmd("bin/wbinfo --authenticate=${WIN_DOMAIN}/administrator%${WIN_PASS}",
  75                 ["plaintext password authentication succeeded",
  76                  "challenge/response password authentication succeeded"])
  77
  78     t.retry_cmd("bin/wbinfo --krb5auth=${WIN_DOMAIN}/administrator%${WIN_PASS}",
  79                 ["succeeded"])
  80
  81
  82 def test_smbclient(t):
  83     t.info('Testing smbclient')
  84     smbclient = t.getvar("smbclient")
  85     t.chdir('${PREFIX}')
  86     t.cmd_contains("%s --version" % (smbclient), ["Version 4."])
  87     t.cmd_contains('%s -L ${INTERFACE_IP} -U%%' % (smbclient), ["Domain=[${WIN_DOMAIN}]", "test", "IPC$", "Samba 4."],
  88                    casefold=True)
  89     child = t.pexpect_spawn('%s //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%%${PASSWORD2}' % (smbclient))
  90     child.expect("smb:")
  91     child.sendline("dir")
  92     child.expect("blocks available")
  93     child.sendline("mkdir testdir")
  94     child.expect("smb:")
  95     child.sendline("cd testdir")
  96     child.expect('testdir')
  97     child.sendline("cd ..")
  98     child.sendline("rmdir testdir")
  99
 100     child = t.pexpect_spawn('%s //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%%${PASSWORD2} -k' % (smbclient))
 101     child.expect("smb:")
 102     child.sendline("dir")
 103     child.expect("blocks available")
 104     child.sendline("mkdir testdir")
 105     child.expect("smb:")
 106     child.sendline("cd testdir")
 107     child.expect('testdir')
 108     child.sendline("cd ..")
 109     child.sendline("rmdir testdir")
 110
 111
 112 def create_shares(t):
 113     t.info("Adding test shares")
 114     t.chdir('${PREFIX}')
 115     t.write_file("etc/smb.conf", '''
 116 [test]
 117        path = ${PREFIX}/test
 118        read only = no
 119        ''',
 120                  mode='a')
 121     t.run_cmd("mkdir -p test")
 122
 123
 124 def prep_join_as_member(t, vm):
 125     '''prepare to join a windows domain as a member server'''
 126     t.setwinvars(vm)
 127     t.info("Starting VMs for joining ${WIN_VM} as a member using net ads join")
 128     t.chdir('${PREFIX}')
 129     t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
 130     t.vm_poweroff("${WIN_VM}", checkfail=False)
 131     t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
 132     child = t.open_telnet("${WIN_HOSTNAME}", "administrator", "${WIN_PASS}", set_time=True)
 133     t.get_ipconfig(child)
 134     t.del_files(["var", "private"])
 135     t.write_file("etc/smb.conf", '''
 136 [global]
 137         netbios name = ${HOSTNAME}
 138         log level = ${DEBUGLEVEL}
 139         realm = ${WIN_REALM}
 140         workgroup = ${WIN_DOMAIN}
 141         security = ADS
 142         bind interfaces only = yes
 143         interfaces = ${INTERFACE}
 144         winbind separator = /
 145         idmap uid = 1000000-2000000
 146         idmap gid = 1000000-2000000
 147         winbind enum users = yes
 148         winbind enum groups = yes
 149         max protocol = SMB2
 150         map hidden = no
 151         map system = no
 152         ea support = yes
 153         panic action = xterm -e gdb --pid %d
 154     ''')
 155
 156
 157 def join_as_member(t, vm):
 158     '''join a windows domain as a member server'''
 159     t.setwinvars(vm)
 160     t.info("Joining ${WIN_VM} as a member using net ads join")
 161     t.port_wait("${WIN_IP}", 389)
 162     t.retry_cmd("host -t SRV _ldap._tcp.${WIN_REALM} ${WIN_IP}", ['has SRV record'])
 163     t.cmd_contains("bin/net ads join -Uadministrator%${WIN_PASS}", ["Joined"])
 164     t.cmd_contains("bin/net ads testjoin", ["Join is OK"])
 165     t.cmd_contains("bin/net ads dns register ${HOSTNAME}.${WIN_REALM} -P", ["Successfully registered hostname with DNS"])
 166     t.cmd_contains("host -t A ${HOSTNAME}.${WIN_REALM}",
 167                    ['${HOSTNAME}.${WIN_REALM} has address'])
 168
 169
 170 def create_root_account(t, vm):
 171     t.setwinvars(vm)
 172     t.info("Creating 'root' account for testing Samba3 member server")
 173     t.chdir('${PREFIX}')
 174     t.run_cmd('bin/net ads user add root -Uadministrator%${WIN_PASS}')
 175     child = t.pexpect_spawn('bin/net ads password root -Uadministrator%${WIN_PASS}')
 176     child.expect("Enter new password for root")
 177     child.sendline("${PASSWORD2}")
 178     child.expect("Password change for ");
 179     child.expect(" completed")
 180     child = t.pexpect_spawn('bin/net rpc shell -S ${WIN_HOSTNAME}.${WIN_REALM} -Uadministrator%${WIN_PASS}')
 181     child.expect("net rpc>")
 182     child.sendline("user edit disabled root no")
 183     child.expect("Set root's disabled flag")
 184
 185
 186 def test_join_as_member(t, vm):
 187     '''test the domain join'''
 188     t.setwinvars(vm)
 189     t.info('Testing join as member')
 190     t.chdir('${PREFIX}')
 191     test_wbinfo(t)
 192     test_smbclient(t)
 193
 194
 195 def test_s3(t):
 196     '''basic s3 testing'''
 197
 198     t.setvar("SAMBA_VERSION", "Version 4")
 199     t.setvar("smbclient", "bin/smbclient")
 200     t.check_prerequesites()
 201     set_libpath(t)
 202
 203     if not t.skip("configure_bind"):
 204         t.configure_bind()
 205     if not t.skip("stop_bind"):
 206         t.stop_bind()
 207     if not t.skip("stop_vms"):
 208         t.stop_vms()
 209
 210     if not t.skip("build"):
 211         build_s3(t)
 212
 213     set_krb5_conf(t)
 214     if not t.skip("configure_bind2"):
 215         t.configure_bind()
 216     if not t.skip("start_bind"):
 217         t.start_bind()
 218
 219     dc_started = False
 220     if t.have_var('W2K8R2A_VM') and not t.skip("join_w2k8r2"):
 221         t.start_winvm('W2K8R2A')
 222         dc_started = True
 223         prep_join_as_member(t, "W2K8R2A")
 224         t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
 225         join_as_member(t, "W2K8R2A")
 226         create_shares(t)
 227         start_s3(t)
 228         create_root_account(t, "W2K8R2A")
 229         test_join_as_member(t, "W2K8R2A")
 230
 231     if t.have_var('WINDOWS7_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_windows7_2008r2"):
 232         if not dc_started:
 233             t.start_winvm('W2K8R2A')
 234             t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
 235             dc_started = True
 236         else:
 237             t.setwinvars('W2K8R2A')
 238         realm = t.getvar("WIN_REALM")
 239         dom_username = t.getvar("WIN_USER")
 240         dom_password = t.getvar("WIN_PASS")
 241         dom_realm = t.getvar("WIN_REALM")
 242         t.start_winvm('WINDOWS7')
 243         t.test_remote_smbclient("WINDOWS7")
 244         t.run_winjoin('WINDOWS7', realm, username=dom_username, password=dom_password)
 245         t.test_remote_smbclient("WINDOWS7", dom_username, dom_password)
 246         t.test_remote_smbclient('WINDOWS7', dom_username, dom_password, args='--option=clientntlmv2auth=no')
 247         t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k")
 248         t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --option=clientusespnegoprincipal=yes")
 249         t.test_net_use('WINDOWS7', dom_realm, t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}')
 250
 251     if t.have_var('WINXP_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_winxp_2008r2"):
 252         if not dc_started:
 253             t.start_winvm('W2K8R2A')
 254             t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
 255             dc_started = True
 256         else:
 257             t.setwinvars('W2K8R2A')
 258         realm = t.getvar("WIN_REALM")
 259         dom_username = t.getvar("WIN_USER")
 260         dom_password = t.getvar("WIN_PASS")
 261         dom_realm = t.getvar("WIN_REALM")
 262         t.start_winvm('WINXP')
 263         t.run_winjoin('WINXP', realm, username=dom_username, password=dom_password)
 264         t.test_remote_smbclient('WINXP', dom_username, dom_password)
 265         t.test_remote_smbclient('WINXP', dom_username, dom_password, args='--option=clientntlmv2auth=no')
 266         t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k")
 267         t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --clientusespnegoprincipal=yes")
 268         t.test_net_use('WINXP', dom_realm, t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}')
 269
 270     t.info("S3 test: All OK")
 271
 272
 273 def test_cleanup(t):
 274     '''cleanup after tests'''
 275     t.info("Cleaning up ...")
 276     t.restore_resolv_conf()
 277     if getattr(t, 'bind_child', False):
 278         t.bind_child.kill()
 279
 280
 281 if __name__ == '__main__':
 282     t = wintest.wintest()
 283
 284     t.setup("test-s3.py", "source3")
 285
 286     try:
 287         test_s3(t)
 288     except:
 289         if not t.opts.nocleanup:
 290             test_cleanup(t)
 291         raise
 292
 293     if not t.opts.nocleanup:
 294         test_cleanup(t)
 295     t.info("S3 test: All OK")