selftest: use dns_lookup_* = true in krb5.conf

We only need to specify explicit entries for the local realm
in order to provision the server.

Everything else is handled by real dns or faked dns via resolv wrapper.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Guenther Deschner <gd@samba.org>

diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index d8f332ca527d1d75f9463d99481db14168c7e680..4b7313ba19a2d5e346671717025ad342a97473ac 100644 (file)
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -77,7 +77,7 @@ sub nss_wrapper_winbind_so_path($) {
 
 sub mk_krb5_conf($$)
 {
-       my ($ctx, $other_realms_stanza) = @_;
+       my ($ctx) = @_;
 
        unless (open(KRB5CONF, ">$ctx->{krb5_conf}")) {
                warn("can't open $ctx->{krb5_conf}$?");
@@ -93,15 +93,14 @@ sub mk_krb5_conf($$)
 
 [libdefaults]
  default_realm = $ctx->{realm}
- dns_lookup_realm = false
- dns_lookup_kdc = false
+ dns_lookup_realm = true
+ dns_lookup_kdc = true
  ticket_lifetime = 24h
  forwardable = yes
  allow_weak_crypto = yes
 
 [realms]
  $our_realms_stanza
- $other_realms_stanza
 ";
 
 

diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 26d3614a6c2b93c6845dfe3f7edc144db1f6a7c0..40e13fc5ffaeec62edc019b238735a67da246fae 100755 (executable)
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -697,7 +697,7 @@ sub provision_raw_step1($$)
                $ctx->{kdc_ipv6} = $ctx->{ipv6};
        }
 
-       Samba::mk_krb5_conf($ctx, "");
+       Samba::mk_krb5_conf($ctx);
 
        open(PWD, ">$ctx->{nsswrap_passwd}");
        if ($ctx->{unix_uid} != 0) {
@@ -1388,17 +1388,7 @@ sub provision_subdom_dc($$$)
                return undef;
        }
 
-        # This ensures we share the krb5.conf with the main DC, so
-        # they can find each other.  Sadly only works between 'dc' and
-        # 'subdom_dc', the other DCs won't see it
-
-        my $dc_realms = Samba::mk_realms_stanza($dcvars->{REALM}, lc($dcvars->{REALM}),
-                                                $dcvars->{DOMAIN}, $dcvars->{SERVER_IP});
-
-        $ret->{KRB5_CONFIG} = $dcvars->{KRB5_CONFIG};
-        $ctx->{krb5_conf} = $dcvars->{KRB5_CONFIG};
-
-       Samba::mk_krb5_conf($ctx, $dc_realms);
+       Samba::mk_krb5_conf($ctx);
 
        my $samba_tool =  Samba::bindir_path($self, "samba-tool");
        my $cmd = "";