}
sub new($$) {
- my ($classname, $bindir, $binary_mapping, $srcdir, $server_maxtime) = @_;
+ my ($classname, $bindir, $srcdir, $server_maxtime) = @_;
my $self = { vars => {},
bindir => $bindir,
- binary_mapping => $binary_mapping,
srcdir => $srcdir,
server_maxtime => $server_maxtime
};
return $self->{vars}->{$envname};
}
- if ($envname eq "s3dc") {
- return $self->setup_s3dc("$path/s3dc");
+ #
+ # Avoid hitting system krb5.conf -
+ # An env that needs Kerberos will reset this to the real
+ # value.
+ #
+ $ENV{KRB5_CONFIG} = "$path/no_krb5.conf";
+
+ if ($envname eq "nt4_dc") {
+ return $self->setup_nt4_dc("$path/nt4_dc");
+ } elsif ($envname eq "nt4_dc_schannel") {
+ return $self->setup_nt4_dc_schannel("$path/nt4_dc_schannel");
} elsif ($envname eq "simpleserver") {
return $self->setup_simpleserver("$path/simpleserver");
+ } elsif ($envname eq "fileserver") {
+ return $self->setup_fileserver("$path/fileserver");
} elsif ($envname eq "maptoguest") {
return $self->setup_maptoguest("$path/maptoguest");
} elsif ($envname eq "ktest") {
return $self->setup_ktest("$path/ktest");
- } elsif ($envname eq "member") {
- if (not defined($self->{vars}->{s3dc})) {
- if (not defined($self->setup_s3dc("$path/s3dc"))) {
+ } elsif ($envname eq "nt4_member") {
+ if (not defined($self->{vars}->{nt4_dc})) {
+ if (not defined($self->setup_nt4_dc("$path/nt4_dc"))) {
return undef;
}
}
- return $self->setup_member("$path/member", $self->{vars}->{s3dc});
+ return $self->setup_nt4_member("$path/nt4_member", $self->{vars}->{nt4_dc});
} else {
return "UNKNOWN";
}
}
-sub setup_s3dc($$)
+sub setup_nt4_dc($$)
{
my ($self, $path) = @_;
- print "PROVISIONING S3DC...";
+ print "PROVISIONING NT4 DC...";
- my $s3dc_options = "
+ my $nt4_dc_options = "
domain master = yes
domain logons = yes
lanman auth = yes
+ ntlm auth = yes
+ raw NTLMv2 auth = yes
rpc_server:epmapper = external
rpc_server:spoolss = external
rpc_server:samr = external
rpc_server:netlogon = external
rpc_server:register_embedded_np = yes
+ rpc_server:FssagentRpc = external
rpc_daemon:epmd = fork
rpc_daemon:spoolssd = fork
rpc_daemon:lsasd = fork
+ rpc_daemon:fssd = fork
+ fss: sequence timeout = 1
";
my $vars = $self->provision($path,
- "LOCALS3DC2",
- "locals3dc2pass",
- $s3dc_options);
+ "LOCALNT4DC2",
+ "localntdc2pass",
+ $nt4_dc_options);
$vars or return undef;
$vars->{DC_USERNAME} = $vars->{USERNAME};
$vars->{DC_PASSWORD} = $vars->{PASSWORD};
- $self->{vars}->{s3dc} = $vars;
+ $self->{vars}->{nt4_dc} = $vars;
return $vars;
}
-sub setup_member($$$)
+sub setup_nt4_dc_schannel($$)
{
- my ($self, $prefix, $s3dcvars) = @_;
+ my ($self, $path) = @_;
+
+ print "PROVISIONING NT4 DC WITH SERVER SCHANNEL ...";
+
+ my $pdc_options = "
+ domain master = yes
+ domain logons = yes
+ lanman auth = yes
+
+ rpc_server:epmapper = external
+ rpc_server:spoolss = external
+ rpc_server:lsarpc = external
+ rpc_server:samr = external
+ rpc_server:netlogon = external
+ rpc_server:register_embedded_np = yes
+
+ rpc_daemon:epmd = fork
+ rpc_daemon:spoolssd = fork
+ rpc_daemon:lsasd = fork
+
+ server schannel = yes
+";
+
+ my $vars = $self->provision($path,
+ "LOCALNT4DC9",
+ "localntdc9pass",
+ $pdc_options);
+
+ $vars or return undef;
+
+ if (not $self->check_or_start($vars, "yes", "yes", "yes")) {
+ return undef;
+ }
+
+ $vars->{DC_SERVER} = $vars->{SERVER};
+ $vars->{DC_SERVER_IP} = $vars->{SERVER_IP};
+ $vars->{DC_SERVER_IPV6} = $vars->{SERVER_IPV6};
+ $vars->{DC_NETBIOSNAME} = $vars->{NETBIOSNAME};
+ $vars->{DC_USERNAME} = $vars->{USERNAME};
+ $vars->{DC_PASSWORD} = $vars->{PASSWORD};
+
+ $self->{vars}->{nt4_dc_schannel} = $vars;
+
+ return $vars;
+}
+
+sub setup_nt4_member($$$)
+{
+ my ($self, $prefix, $nt4_dc_vars) = @_;
+ my $count = 0;
+ my $rc;
print "PROVISIONING MEMBER...";
+ my $require_mutexes = "dbwrap_tdb_require_mutexes:* = yes";
+ $require_mutexes = "" if ($ENV{SELFTEST_DONT_REQUIRE_TDB_MUTEX_SUPPORT} eq "1");
+
my $member_options = "
security = domain
- server signing = on
dbwrap_tdb_mutexes:* = yes
+ ${require_mutexes}
";
my $ret = $self->provision($prefix,
- "LOCALMEMBER3",
- "localmember3pass",
+ "LOCALNT4MEMBER3",
+ "localnt4member3pass",
$member_options);
$ret or return undef;
+ my $nmblookup = Samba::bindir_path($self, "nmblookup");
+ do {
+ print "Waiting for the LOGON SERVER registration ...\n";
+ $rc = system("$nmblookup $ret->{CONFIGURATION} $ret->{DOMAIN}\#1c");
+ if ($rc != 0) {
+ sleep(1);
+ }
+ $count++;
+ } while ($rc != 0 && $count < 10);
+ if ($count == 10) {
+ print "NMBD not reachable after 10 retries\n";
+ teardown_env($self, $ret);
+ return 0;
+ }
+
my $net = Samba::bindir_path($self, "net");
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
- $cmd .= "$net join $ret->{CONFIGURATION} $s3dcvars->{DOMAIN} member";
- $cmd .= " -U$s3dcvars->{USERNAME}\%$s3dcvars->{PASSWORD}";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+ $cmd .= "$net join $ret->{CONFIGURATION} $nt4_dc_vars->{DOMAIN} member";
+ $cmd .= " -U$nt4_dc_vars->{USERNAME}\%$nt4_dc_vars->{PASSWORD}";
if (system($cmd) != 0) {
warn("Join failed\n$cmd");
return undef;
}
- $ret->{DC_SERVER} = $s3dcvars->{SERVER};
- $ret->{DC_SERVER_IP} = $s3dcvars->{SERVER_IP};
- $ret->{DC_SERVER_IPV6} = $s3dcvars->{SERVER_IPV6};
- $ret->{DC_NETBIOSNAME} = $s3dcvars->{NETBIOSNAME};
- $ret->{DC_USERNAME} = $s3dcvars->{USERNAME};
- $ret->{DC_PASSWORD} = $s3dcvars->{PASSWORD};
+ $ret->{DC_SERVER} = $nt4_dc_vars->{SERVER};
+ $ret->{DC_SERVER_IP} = $nt4_dc_vars->{SERVER_IP};
+ $ret->{DC_SERVER_IPV6} = $nt4_dc_vars->{SERVER_IPV6};
+ $ret->{DC_NETBIOSNAME} = $nt4_dc_vars->{NETBIOSNAME};
+ $ret->{DC_USERNAME} = $nt4_dc_vars->{USERNAME};
+ $ret->{DC_PASSWORD} = $nt4_dc_vars->{PASSWORD};
return $ret;
}
my $member_options = "
security = ads
- server signing = on
workgroup = $dcvars->{DOMAIN}
realm = $dcvars->{REALM}
+ netbios aliases = foo bar
";
my $ret = $self->provision($prefix,
"LOCALADMEMBER",
"loCalMemberPass",
- $member_options);
+ $member_options,
+ $dcvars->{SERVER_IP},
+ $dcvars->{SERVER_IPV6});
$ret or return undef;
$ctx->{realm} = $dcvars->{REALM};
$ctx->{dnsname} = lc($dcvars->{REALM});
$ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+ $ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
Samba::mk_krb5_conf($ctx, "");
$ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
my $net = Samba::bindir_path($self, "net");
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+ $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+ } else {
+ $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+ }
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
$cmd .= "$net join $ret->{CONFIGURATION}";
$cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
my $member_options = "
security = ads
- server signing = on
workgroup = $dcvars->{DOMAIN}
realm = $dcvars->{REALM}
+ idmap config * : backend = autorid
+ idmap config * : range = 1000000-1999999
+ idmap config * : rangesize = 100000
idmap config $dcvars->{DOMAIN} : backend = rfc2307
idmap config $dcvars->{DOMAIN} : range = 2000000-2999999
idmap config $dcvars->{DOMAIN} : ldap_server = ad
my $ret = $self->provision($prefix,
"RFC2307MEMBER",
"loCalMemberPass",
- $member_options);
+ $member_options,
+ $dcvars->{SERVER_IP},
+ $dcvars->{SERVER_IPV6});
$ret or return undef;
$ctx->{realm} = $dcvars->{REALM};
$ctx->{dnsname} = lc($dcvars->{REALM});
$ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+ $ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
Samba::mk_krb5_conf($ctx, "");
$ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
my $net = Samba::bindir_path($self, "net");
my $cmd = "";
$cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+ $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+ } else {
+ $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+ }
$cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
$cmd .= "$net join $ret->{CONFIGURATION}";
$cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
{
my ($self, $path) = @_;
- print "PROVISIONING server with security=share...";
+ print "PROVISIONING simple server...";
my $prefix_abs = abs_path($path);
my $simpleserver_options = "
lanman auth = yes
- vfs objects = xattr_tdb streams_depot
+ ntlm auth = yes
+ vfs objects = xattr_tdb streams_depot time_audit full_audit
+ change notify = no
+
+ full_audit:syslog = no
+ full_audit:success = none
+ full_audit:failure = none
[vfs_aio_fork]
path = $prefix_abs/share
vfs objects = aio_fork
read only = no
vfs_aio_fork:erratic_testing_mode=yes
+
+[dosmode]
+ path = $prefix_abs/share
+ vfs objects =
+ store dos attributes = yes
+ hide files = /hidefile/
+ hide dot files = yes
";
my $vars = $self->provision($path,
return $vars;
}
+sub setup_fileserver($$)
+{
+ my ($self, $path) = @_;
+ my $prefix_abs = abs_path($path);
+ my $srcdir_abs = abs_path($self->{srcdir});
+
+ print "PROVISIONING file server ...\n";
+
+ my @dirs = ();
+
+ mkdir($prefix_abs, 0777);
+
+ my $share_dir="$prefix_abs/share";
+
+ # Create share directory structure
+ my $lower_case_share_dir="$share_dir/lower-case";
+ push(@dirs, $lower_case_share_dir);
+
+ my $lower_case_share_dir_30000="$share_dir/lower-case-30000";
+ push(@dirs, $lower_case_share_dir_30000);
+
+ my $dfree_share_dir="$share_dir/dfree";
+ push(@dirs, $dfree_share_dir);
+ push(@dirs, "$dfree_share_dir/subdir1");
+ push(@dirs, "$dfree_share_dir/subdir2");
+ push(@dirs, "$dfree_share_dir/subdir3");
+
+ my $valid_users_sharedir="$share_dir/valid_users";
+ push(@dirs,$valid_users_sharedir);
+
+ my $offline_sharedir="$share_dir/offline";
+ push(@dirs,$offline_sharedir);
+
+ my $force_user_valid_users_dir = "$share_dir/force_user_valid_users";
+ push(@dirs, $force_user_valid_users_dir);
+
+ my $smbget_sharedir="$share_dir/smbget";
+ push(@dirs,$smbget_sharedir);
+
+ my $fileserver_options = "
+[lowercase]
+ path = $lower_case_share_dir
+ comment = smb username is [%U]
+ case sensitive = True
+ default case = lower
+ preserve case = no
+ short preserve case = no
+[lowercase-30000]
+ path = $lower_case_share_dir_30000
+ comment = smb username is [%U]
+ case sensitive = True
+ default case = lower
+ preserve case = no
+ short preserve case = no
+[dfree]
+ path = $dfree_share_dir
+ comment = smb username is [%U]
+ dfree command = $srcdir_abs/testprogs/blackbox/dfree.sh
+[valid-users-access]
+ path = $valid_users_sharedir
+ valid users = +userdup
+[offline]
+ path = $offline_sharedir
+ vfs objects = offline
+
+# BUG: https://bugzilla.samba.org/show_bug.cgi?id=9878
+# RH BUG: https://bugzilla.redhat.com/show_bug.cgi?id=1077651
+[force_user_valid_users]
+ path = $force_user_valid_users_dir
+ comment = force user with valid users combination test share
+ valid users = +force_user
+ force user = force_user
+ force group = everyone
+ write list = force_user
+
+[smbget]
+ path = $smbget_sharedir
+ comment = smb username is [%U]
+ guest ok = yes
+[ign_sysacls]
+ path = $share_dir
+ comment = ignore system acls
+ acl_xattr:ignore system acls = yes
+[inherit_owner]
+ path = $share_dir
+ comment = inherit owner
+ inherit owner = yes
+[inherit_owner_u]
+ path = $share_dir
+ comment = inherit only unix owner
+ inherit owner = unix only
+ acl_xattr:ignore system acls = yes
+";
+
+ my $vars = $self->provision($path,
+ "FILESERVER",
+ "fileserver",
+ $fileserver_options,
+ undef,
+ undef,
+ 1);
+
+ $vars or return undef;
+
+ if (not $self->check_or_start($vars, "yes", "no", "yes")) {
+ return undef;
+ }
+
+ $self->{vars}->{fileserver} = $vars;
+
+ mkdir($_, 0777) foreach(@dirs);
+
+ ## Create case sensitive lower case share dir
+ foreach my $file ('a'..'z') {
+ my $full_path = $lower_case_share_dir . '/' . $file;
+ open my $fh, '>', $full_path;
+ # Add some content to file
+ print $fh $full_path;
+ close $fh;
+ }
+
+ for (my $file = 1; $file < 51; ++$file) {
+ my $full_path = $lower_case_share_dir . '/' . $file;
+ open my $fh, '>', $full_path;
+ # Add some content to file
+ print $fh $full_path;
+ close $fh;
+ }
+
+ # Create content for 30000 share
+ foreach my $file ('a'..'z') {
+ my $full_path = $lower_case_share_dir_30000 . '/' . $file;
+ open my $fh, '>', $full_path;
+ # Add some content to file
+ print $fh $full_path;
+ close $fh;
+ }
+
+ for (my $file = 1; $file < 30001; ++$file) {
+ my $full_path = $lower_case_share_dir_30000 . '/' . $file;
+ open my $fh, '>', $full_path;
+ # Add some content to file
+ print $fh $full_path;
+ close $fh;
+ }
+
+ ##
+ ## create a listable file in valid_users_share
+ ##
+ my $valid_users_target = "$valid_users_sharedir/foo";
+ unless (open(VALID_USERS_TARGET, ">$valid_users_target")) {
+ warn("Unable to open $valid_users_target");
+ return undef;
+ }
+ close(VALID_USERS_TARGET);
+ chmod 0644, $valid_users_target;
+
+ return $vars;
+}
+
sub setup_ktest($$$)
{
my ($self, $prefix) = @_;
$ctx->{realm} = "KTEST.SAMBA.EXAMPLE.COM";
$ctx->{dnsname} = lc($ctx->{realm});
$ctx->{kdc_ipv4} = "0.0.0.0";
+ $ctx->{kdc_ipv6} = "::";
Samba::mk_krb5_conf($ctx, "");
$ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
my $options = "
map to guest = bad user
+ntlm auth = yes
";
my $vars = $self->provision($path,
$ENV{NSS_WRAPPER_PASSWD} = $env_vars->{NSS_WRAPPER_PASSWD};
$ENV{NSS_WRAPPER_GROUP} = $env_vars->{NSS_WRAPPER_GROUP};
$ENV{NSS_WRAPPER_HOSTS} = $env_vars->{NSS_WRAPPER_HOSTS};
+ $ENV{NSS_WRAPPER_HOSTNAME} = $env_vars->{NSS_WRAPPER_HOSTNAME};
$ENV{NSS_WRAPPER_MODULE_SO_PATH} = $env_vars->{NSS_WRAPPER_MODULE_SO_PATH};
$ENV{NSS_WRAPPER_MODULE_FN_PREFIX} = $env_vars->{NSS_WRAPPER_MODULE_FN_PREFIX};
+ $ENV{UID_WRAPPER_ROOT} = "1";
$ENV{ENVNAME} = "$ENV{ENVNAME}.nmbd";
$ENV{NSS_WRAPPER_PASSWD} = $env_vars->{NSS_WRAPPER_PASSWD};
$ENV{NSS_WRAPPER_GROUP} = $env_vars->{NSS_WRAPPER_GROUP};
$ENV{NSS_WRAPPER_HOSTS} = $env_vars->{NSS_WRAPPER_HOSTS};
+ $ENV{NSS_WRAPPER_HOSTNAME} = $env_vars->{NSS_WRAPPER_HOSTNAME};
$ENV{NSS_WRAPPER_MODULE_SO_PATH} = $env_vars->{NSS_WRAPPER_MODULE_SO_PATH};
$ENV{NSS_WRAPPER_MODULE_FN_PREFIX} = $env_vars->{NSS_WRAPPER_MODULE_FN_PREFIX};
+ if (defined($env_vars->{RESOLV_WRAPPER_CONF})) {
+ $ENV{RESOLV_WRAPPER_CONF} = $env_vars->{RESOLV_WRAPPER_CONF};
+ } else {
+ $ENV{RESOLV_WRAPPER_HOSTS} = $env_vars->{RESOLV_WRAPPER_HOSTS};
+ }
+ $ENV{UID_WRAPPER_ROOT} = "1";
$ENV{ENVNAME} = "$ENV{ENVNAME}.winbindd";
$ENV{NSS_WRAPPER_PASSWD} = $env_vars->{NSS_WRAPPER_PASSWD};
$ENV{NSS_WRAPPER_GROUP} = $env_vars->{NSS_WRAPPER_GROUP};
$ENV{NSS_WRAPPER_HOSTS} = $env_vars->{NSS_WRAPPER_HOSTS};
+ $ENV{NSS_WRAPPER_HOSTNAME} = $env_vars->{NSS_WRAPPER_HOSTNAME};
$ENV{NSS_WRAPPER_MODULE_SO_PATH} = $env_vars->{NSS_WRAPPER_MODULE_SO_PATH};
$ENV{NSS_WRAPPER_MODULE_FN_PREFIX} = $env_vars->{NSS_WRAPPER_MODULE_FN_PREFIX};
+ if (defined($env_vars->{RESOLV_WRAPPER_CONF})) {
+ $ENV{RESOLV_WRAPPER_CONF} = $env_vars->{RESOLV_WRAPPER_CONF};
+ } else {
+ $ENV{RESOLV_WRAPPER_HOSTS} = $env_vars->{RESOLV_WRAPPER_HOSTS};
+ }
+ $ENV{UID_WRAPPER_ROOT} = "1";
$ENV{ENVNAME} = "$ENV{ENVNAME}.smbd";
return $self->wait_for_start($env_vars, $nmbd, $winbindd, $smbd);
}
-sub provision($$$$$$)
+sub createuser($$$$)
+{
+ my ($self, $username, $password, $conffile) = @_;
+ my $cmd = "UID_WRAPPER_ROOT=1 " . Samba::bindir_path($self, "smbpasswd")." -c $conffile -L -s -a $username > /dev/null";
+ unless (open(PWD, "|$cmd")) {
+ warn("Unable to set password for $username account\n$cmd");
+ return undef;
+ }
+ print PWD "$password\n$password\n";
+ unless (close(PWD)) {
+ warn("Unable to set password for $username account\n$cmd");
+ return undef;
+ }
+}
+
+sub provision($$$$$$$$)
{
- my ($self, $prefix, $server, $password, $extra_options, $no_delete_prefix) = @_;
+ my ($self, $prefix, $server, $password, $extra_options, $dc_server_ip, $dc_server_ipv6, $no_delete_prefix) = @_;
##
## setup the various environment variables we need
my $prefix_abs = abs_path($prefix);
my $bindir_abs = abs_path($self->{bindir});
- my $dns_host_file = "$ENV{SELFTEST_PREFIX}/dns_host_file";
-
my @dirs = ();
my $shrdir="$prefix_abs/share";
my $msdfs_deeppath="$msdfs_shrdir/deeppath";
push(@dirs,$msdfs_deeppath);
+ my $badnames_shrdir="$shrdir/badnames";
+ push(@dirs,$badnames_shrdir);
+
+ my $lease1_shrdir="$shrdir/SMB2_10";
+ push(@dirs,$lease1_shrdir);
+
+ my $lease2_shrdir="$shrdir/SMB3_00";
+ push(@dirs,$lease2_shrdir);
+
+ my $manglenames_shrdir="$shrdir/manglenames";
+ push(@dirs,$manglenames_shrdir);
+
+ my $widelinks_shrdir="$shrdir/widelinks";
+ push(@dirs,$widelinks_shrdir);
+
+ my $widelinks_linkdir="$shrdir/widelinks_foo";
+ push(@dirs,$widelinks_linkdir);
+
+ my $shadow_tstdir="$shrdir/shadow";
+ push(@dirs,$shadow_tstdir);
+ my $shadow_mntdir="$shadow_tstdir/mount";
+ push(@dirs,$shadow_mntdir);
+ my $shadow_basedir="$shadow_mntdir/base";
+ push(@dirs,$shadow_basedir);
+ my $shadow_shrdir="$shadow_basedir/share";
+ push(@dirs,$shadow_shrdir);
+
# this gets autocreated by winbindd
my $wbsockdir="$prefix_abs/winbindd";
my $wbsockprivdir="$lockdir/winbindd_privileged";
}
close(MSDFS_TARGET);
chmod 0666, $msdfs_target;
- symlink "msdfs:$server_ip\\ro-tmp", "$msdfs_shrdir/msdfs-src1";
+ symlink "msdfs:$server_ip\\ro-tmp,$server_ipv6\\ro-tmp",
+ "$msdfs_shrdir/msdfs-src1";
symlink "msdfs:$server_ipv6\\ro-tmp", "$msdfs_shrdir/deeppath/msdfs-src2";
+ ##
+ ## create bad names in $badnames_shrdir
+ ##
+ ## (An invalid name, would be mangled to 8.3).
+ my $badname_target = "$badnames_shrdir/\340|\231\216\377\177";
+ unless (open(BADNAME_TARGET, ">$badname_target")) {
+ warn("Unable to open $badname_target");
+ return undef;
+ }
+ close(BADNAME_TARGET);
+ chmod 0666, $badname_target;
+
+ ## (A bad name, would not be mangled to 8.3).
+ my $badname_target = "$badnames_shrdir/\240\276\346\327\377\177";
+ unless (open(BADNAME_TARGET, ">$badname_target")) {
+ warn("Unable to open $badname_target");
+ return undef;
+ }
+ close(BADNAME_TARGET);
+ chmod 0666, $badname_target;
+
+ ## (A bad good name).
+ my $badname_target = "$badnames_shrdir/blank.txt";
+ unless (open(BADNAME_TARGET, ">$badname_target")) {
+ warn("Unable to open $badname_target");
+ return undef;
+ }
+ close(BADNAME_TARGET);
+ chmod 0666, $badname_target;
+
+ ##
+ ## create mangleable directory names in $manglenames_shrdir
+ ##
+ my $manglename_target = "$manglenames_shrdir/foo:bar";
+ mkdir($manglename_target, 0777);
+
+ ##
+ ## create symlinks for widelinks tests.
+ ##
+ my $widelinks_target = "$widelinks_linkdir/target";
+ unless (open(WIDELINKS_TARGET, ">$widelinks_target")) {
+ warn("Unable to open $widelinks_target");
+ return undef;
+ }
+ close(WIDELINKS_TARGET);
+ chmod 0666, $widelinks_target;
+ ##
+ ## This link should get ACCESS_DENIED
+ ##
+ symlink "$widelinks_target", "$widelinks_shrdir/source";
+ ##
+ ## This link should be allowed
+ ##
+ symlink "$widelinks_shrdir", "$widelinks_shrdir/dot";
+
my $conffile="$libdir/server.conf";
+ my $dfqconffile="$libdir/dfq.conf";
my $nss_wrapper_pl = "$ENV{PERL} $self->{srcdir}/lib/nss_wrapper/nss_wrapper.pl";
my $nss_wrapper_passwd = "$privatedir/passwd";
my $nss_wrapper_group = "$privatedir/group";
my $nss_wrapper_hosts = "$ENV{SELFTEST_PREFIX}/hosts";
+ my $resolv_conf = "$privatedir/resolv.conf";
+ my $dns_host_file = "$ENV{SELFTEST_PREFIX}/dns_host_file";
my $mod_printer_pl = "$ENV{PERL} $self->{srcdir}/source3/script/tests/printing/modprinter.pl";
+ my $fake_snap_pl = "$ENV{PERL} $self->{srcdir}/source3/script/tests/fake_snap.pl";
+
my @eventlog_list = ("dns server", "application");
##
##
my ($max_uid, $max_gid);
- my ($uid_nobody, $uid_root, $uid_pdbtest, $uid_pdbtest2);
+ my ($uid_nobody, $uid_root, $uid_pdbtest, $uid_pdbtest2, $uid_userdup);
+ my ($uid_pdbtest_wkn);
+ my ($uid_smbget);
+ my ($uid_force_user);
my ($gid_nobody, $gid_nogroup, $gid_root, $gid_domusers, $gid_domadmins);
+ my ($gid_userdup, $gid_everyone);
+ my ($gid_force_user);
+ my ($uid_user1);
+ my ($uid_user2);
- if ($unix_uid < 0xffff - 4) {
+ if ($unix_uid < 0xffff - 10) {
$max_uid = 0xffff;
} else {
$max_uid = $unix_uid;
$uid_nobody = $max_uid - 2;
$uid_pdbtest = $max_uid - 3;
$uid_pdbtest2 = $max_uid - 4;
-
- if ($unix_gids[0] < 0xffff - 5) {
+ $uid_userdup = $max_uid - 5;
+ $uid_pdbtest_wkn = $max_uid - 6;
+ $uid_force_user = $max_uid - 7;
+ $uid_smbget = $max_uid - 8;
+ $uid_user1 = $max_uid - 9;
+ $uid_user2 = $max_uid - 10;
+
+ if ($unix_gids[0] < 0xffff - 8) {
$max_gid = 0xffff;
} else {
$max_gid = $unix_gids[0];
$gid_root = $max_gid - 3;
$gid_domusers = $max_gid - 4;
$gid_domadmins = $max_gid - 5;
+ $gid_userdup = $max_gid - 6;
+ $gid_everyone = $max_gid - 7;
+ $gid_force_user = $max_gid - 8;
##
## create conffile
kernel oplocks = no
kernel change notify = no
- syslog = no
+ logging = file
printing = bsd
printcap name = /dev/null
# min receivefile size = 4000
read only = no
- server signing = auto
smbd:sharedelay = 100000
smbd:writetimeupdatedelay = 500000
store dos attributes = yes
create mask = 755
dos filemode = yes
+ strict rename = yes
+ strict sync = yes
vfs objects = acl_xattr fake_acls xattr_tdb streams_depot
printing = vlp
print notify backchannel = yes
ncalrpc dir = $prefix_abs/ncalrpc
- resolv:host file = $dns_host_file
# The samba3.blackbox.smbclient_s3 test uses this to test that
# sending messages works, and that the %m sub works.
message command = mv %s $shrdir/message.%m
+ # fsrvp server requires registry shares
+ registry shares = yes
+
+ # Used by RPC SRVSVC tests
+ add share command = $bindir_abs/smbaddshare
+ change share command = $bindir_abs/smbchangeshare
+ delete share command = $bindir_abs/smbdeleteshare
+
+ # fruit:copyfile is a global option
+ fruit:copyfile = yes
+
+ #this does not mean that we use non-secure test env,
+ #it just means we ALLOW one to be configured.
+ allow insecure wide links = yes
+
# Begin extra options
$extra_options
# End extra options
path = $shrdir
force user = $unix_name
guest ok = yes
+[forceuser_unixonly]
+ comment = force a user with unix user SID and group SID
+ path = $shrdir
+ force user = pdbtest
+ guest ok = yes
+[forceuser_wkngroup]
+ comment = force a user with well-known group SID
+ path = $shrdir
+ force user = pdbtest_wkn
+ guest ok = yes
[forcegroup]
path = $shrdir
force group = nogroup
[valid-users-tmp]
path = $shrdir
valid users = $unix_name
+ access based share enum = yes
[msdfs-share]
path = $msdfs_shrdir
msdfs root = yes
+ msdfs shuffle referrals = yes
guest ok = yes
[hideunread]
copy = tmp
force create mode = 0
directory mask = 0777
force directory mode = 0
- vfs objects = xattr_tdb
+ vfs objects = xattr_tdb streams_depot
[aio]
copy = tmp
aio read size = 1
[vfs_fruit]
path = $shrdir
- vfs objects = catia fruit streams_xattr
+ vfs objects = catia fruit streams_xattr acl_xattr
+ ea support = yes
fruit:ressource = file
fruit:metadata = netatalk
fruit:locking = netatalk
fruit:encoding = native
+
+[badname-tmp]
+ path = $badnames_shrdir
+ guest ok = yes
+
+[manglenames_share]
+ path = $manglenames_shrdir
+ guest ok = yes
+
+[dynamic_share]
+ path = $shrdir/%R
+ guest ok = yes
+
+[widelinks_share]
+ path = $widelinks_shrdir
+ wide links = no
+ guest ok = yes
+
+[fsrvp_share]
+ path = $shrdir
+ comment = fake shapshots using rsync
+ vfs objects = shell_snap shadow_copy2
+ shell_snap:check path command = $fake_snap_pl --check
+ shell_snap:create command = $fake_snap_pl --create
+ shell_snap:delete command = $fake_snap_pl --delete
+ # a relative path here fails, the snapshot dir is no longer found
+ shadow:snapdir = $shrdir/.snapshots
+
+[shadow1]
+ path = $shadow_shrdir
+ comment = previous versions snapshots under mount point
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+
+[shadow2]
+ path = $shadow_shrdir
+ comment = previous versions snapshots outside mount point
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ shadow:snapdir = $shadow_tstdir/.snapshots
+
+[shadow3]
+ path = $shadow_shrdir
+ comment = previous versions with subvolume snapshots, snapshots under base dir
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+
+[shadow4]
+ path = $shadow_shrdir
+ comment = previous versions with subvolume snapshots, snapshots outside mount point
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_tstdir/.snapshots
+
+[shadow5]
+ path = $shadow_shrdir
+ comment = previous versions at volume root snapshots under mount point
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_shrdir
+
+[shadow6]
+ path = $shadow_shrdir
+ comment = previous versions at volume root snapshots outside mount point
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_shrdir
+ shadow:snapdir = $shadow_tstdir/.snapshots
+
+[shadow7]
+ path = $shadow_shrdir
+ comment = previous versions snapshots everywhere
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ shadow:snapdirseverywhere = yes
+
+[shadow8]
+ path = $shadow_shrdir
+ comment = previous versions using snapsharepath
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ shadow:snapdir = $shadow_tstdir/.snapshots
+ shadow:snapsharepath = share
+
+[shadow_fmt0]
+ comment = Testing shadow:format with default option
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:format = \@GMT-%Y.%m.%d-%H.%M.%S
+
+[shadow_fmt1]
+ comment = Testing shadow:format with only date component
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:format = \@GMT-%Y-%m-%d
+
+[shadow_fmt2]
+ comment = Testing shadow:format with some hardcoded prefix
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:format = snap\@GMT-%Y.%m.%d-%H.%M.%S
+
+[shadow_fmt3]
+ comment = Testing shadow:format with modified format
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:format = \@GMT-%Y.%m.%d-%H_%M_%S-snap
+
+[shadow_fmt4]
+ comment = Testing shadow:snapprefix regex
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:snapprefix = \^s[a-z]*p\$
+ shadow:format = _GMT-%Y.%m.%d-%H.%M.%S
+
+[shadow_fmt5]
+ comment = Testing shadow:snapprefix with delim regex
+ vfs object = shadow_copy2
+ path = $shadow_shrdir
+ read only = no
+ guest ok = yes
+ shadow:mountpoint = $shadow_mntdir
+ shadow:basedir = $shadow_basedir
+ shadow:snapdir = $shadow_basedir/.snapshots
+ shadow:delimiter = \@GMT
+ shadow:snapprefix = [a-z]*
+ shadow:format = \@GMT-%Y.%m.%d-%H.%M.%S
+
+[shadow_wl]
+ path = $shadow_shrdir
+ comment = previous versions with wide links allowed
+ vfs objects = shadow_copy2
+ shadow:mountpoint = $shadow_mntdir
+ wide links = yes
+[dfq]
+ path = $shrdir/dfree
+ vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
+ admin users = $unix_name
+ include = $dfqconffile
+[dfq_owner]
+ path = $shrdir/dfree
+ vfs objects = acl_xattr fake_acls xattr_tdb fake_dfq
+ inherit owner = yes
+ include = $dfqconffile
+[acl_xattr_ign_sysacl_posix]
+ copy = tmp
+ acl_xattr:ignore system acls = yes
+ acl_xattr:default acl style = posix
+[acl_xattr_ign_sysacl_windows]
+ copy = tmp
+ acl_xattr:ignore system acls = yes
+ acl_xattr:default acl style = windows
";
close(CONF);
+ unless (open(DFQCONF, ">$dfqconffile")) {
+ warn("Unable to open $dfqconffile");
+ return undef;
+ }
+ close(DFQCONF);
+
##
## create a test account
##
$unix_name:x:$unix_uid:$unix_gids[0]:$unix_name gecos:$prefix_abs:/bin/false
pdbtest:x:$uid_pdbtest:$gid_nogroup:pdbtest gecos:$prefix_abs:/bin/false
pdbtest2:x:$uid_pdbtest2:$gid_nogroup:pdbtest gecos:$prefix_abs:/bin/false
+userdup:x:$uid_userdup:$gid_userdup:userdup gecos:$prefix_abs:/bin/false
+pdbtest_wkn:x:$uid_pdbtest_wkn:$gid_everyone:pdbtest_wkn gecos:$prefix_abs:/bin/false
+force_user:x:$uid_force_user:$gid_force_user:force user gecos:$prefix_abs:/bin/false
+smbget_user:x:$uid_smbget:$gid_domusers:smbget_user gecos:$prefix_abs:/bin/false
+user1:x:$uid_user1:$gid_nogroup:user1 gecos:$prefix_abs:/bin/false
+user2:x:$uid_user2:$gid_nogroup:user2 gecos:$prefix_abs:/bin/false
";
if ($unix_uid != 0) {
print PASSWD "root:x:$uid_root:$gid_root:root gecos:$prefix_abs:/bin/false
$unix_name-group:x:$unix_gids[0]:
domusers:X:$gid_domusers:
domadmins:X:$gid_domadmins:
+userdup:x:$gid_userdup:$unix_name
+everyone:x:$gid_everyone:
+force_user:x:$gid_force_user:
";
if ($unix_gids[0] != 0) {
print GROUP "root:x:$gid_root:
print HOSTS "${server_ipv6} ${hostname}.samba.example.com ${hostname}\n";
close(HOSTS);
+ ## hosts
+ unless (open(RESOLV_CONF, ">$resolv_conf")) {
+ warn("Unable to open $resolv_conf");
+ return undef;
+ }
+ if (defined($dc_server_ip) or defined($dc_server_ipv6)) {
+ if (defined($dc_server_ip)) {
+ print RESOLV_CONF "nameserver $dc_server_ip\n";
+ }
+ if (defined($dc_server_ipv6)) {
+ print RESOLV_CONF "nameserver $dc_server_ipv6\n";
+ }
+ } else {
+ print RESOLV_CONF "nameserver ${server_ip}\n";
+ print RESOLV_CONF "nameserver ${server_ipv6}\n";
+ }
+ close(RESOLV_CONF);
foreach my $evlog (@eventlog_list) {
my $evlogtdb = "$eventlogdir/$evlog.tdb";
$ENV{NSS_WRAPPER_PASSWD} = $nss_wrapper_passwd;
$ENV{NSS_WRAPPER_GROUP} = $nss_wrapper_group;
$ENV{NSS_WRAPPER_HOSTS} = $nss_wrapper_hosts;
+ $ENV{NSS_WRAPPER_HOSTNAME} = "${hostname}.samba.example.com";
+ if ($ENV{SAMBA_DNS_FAKING}) {
+ $ENV{RESOLV_WRAPPER_CONF} = $resolv_conf;
+ } else {
+ $ENV{RESOLV_WRAPPER_HOSTS} = $dns_host_file;
+ }
- my $cmd = "UID_WRAPPER_ROOT=1 " . Samba::bindir_path($self, "smbpasswd")." -c $conffile -L -s -a $unix_name > /dev/null";
- unless (open(PWD, "|$cmd")) {
- warn("Unable to set password for test account\n$cmd");
- return undef;
- }
- print PWD "$password\n$password\n";
- unless (close(PWD)) {
- warn("Unable to set password for test account\n$cmd");
- return undef;
- }
- print "DONE\n";
+ createuser($self, $unix_name, $password, $conffile) || die("Unable to create user");
+ createuser($self, "force_user", $password, $conffile) || die("Unable to create force_user");
+ createuser($self, "smbget_user", $password, $conffile) || die("Unable to create smbget_user");
+ createuser($self, "user1", $password, $conffile) || die("Unable to create user1");
+ createuser($self, "user2", $password, $conffile) || die("Unable to create user2");
open(DNS_UPDATE_LIST, ">$prefix/dns_update_list") or die("Unable to open $$prefix/dns_update_list");
print DNS_UPDATE_LIST "A $server. $server_ip\n";
print DNS_UPDATE_LIST "AAAA $server. $server_ipv6\n";
close(DNS_UPDATE_LIST);
- if (system("$ENV{SRCDIR_ABS}/source4/scripting/bin/samba_dnsupdate --all-interfaces --use-file=$dns_host_file -s $conffile --update-list=$prefix/dns_update_list --update-cache=$prefix/dns_update_cache --no-substiutions --no-credentials") != 0) {
- die "Unable to update hostname into $dns_host_file";
- }
+ print "DONE\n";
$ret{SERVER_IP} = $server_ip;
$ret{SERVER_IPV6} = $server_ipv6;
$ret{NSS_WRAPPER_PASSWD} = $nss_wrapper_passwd;
$ret{NSS_WRAPPER_GROUP} = $nss_wrapper_group;
$ret{NSS_WRAPPER_HOSTS} = $nss_wrapper_hosts;
+ $ret{NSS_WRAPPER_HOSTNAME} = "${hostname}.samba.example.com";
$ret{NSS_WRAPPER_MODULE_SO_PATH} = Samba::nss_wrapper_winbind_so_path($self);
$ret{NSS_WRAPPER_MODULE_FN_PREFIX} = "winbind";
+ if ($ENV{SAMBA_DNS_FAKING}) {
+ $ret{RESOLV_WRAPPER_HOSTS} = $dns_host_file;
+ } else {
+ $ret{RESOLV_WRAPPER_CONF} = $resolv_conf;
+ }
$ret{LOCAL_PATH} = "$shrdir";
$ret{LOGDIR} = $logdir;
+ #
+ # Avoid hitting system krb5.conf -
+ # An env that needs Kerberos will reset this to the real
+ # value.
+ #
+ $ret{KRB5_CONFIG} = abs_path($prefix) . "/no_krb5.conf";
+
return \%ret;
}
do {
$ret = system("SELFTEST_WINBINDD_SOCKET_DIR=" . $envvars->{SELFTEST_WINBINDD_SOCKET_DIR} . " " . Samba::bindir_path($self, "wbinfo") . " --ping-dc");
if ($ret != 0) {
- sleep(2);
+ sleep(1);
}
$count++;
- } while ($ret != 0 && $count < 10);
- if ($count == 10) {
+ } while ($ret != 0 && $count < 20);
+ if ($count == 20) {
print "WINBINDD not reachable after 20 seconds\n";
teardown_env($self, $envvars);
return 0;
my $count = 0;
do {
- $ret = system(Samba::bindir_path($self, "smbclient3") ." $envvars->{CONFIGURATION} -L $envvars->{SERVER} -U% -p 139");
+ $ret = system(Samba::bindir_path($self, "smbclient") ." $envvars->{CONFIGURATION} -L $envvars->{SERVER} -U% -p 139");
if ($ret != 0) {
- sleep(2);
+ sleep(1);
}
$count++
- } while ($ret != 0 && $count < 10);
- if ($count == 10) {
+ } while ($ret != 0 && $count < 20);
+ if ($count == 20) {
print "SMBD failed to start up in a reasonable time (20sec)\n";
teardown_env($self, $envvars);
return 0;
if ($ret != 0) {
return 1;
}
+ $ret = system(Samba::bindir_path($self, "net") ." $envvars->{CONFIGURATION} groupmap add sid=S-1-1-0 unixgroup=everyone type=builtin");
+ if ($ret != 0) {
+ return 1;
+ }
if ($winbindd eq "yes") {
# note: creating builtin groups requires winbindd for the