python/samba/tests/ntacls_backup.py

   1 # Unix SMB/CIFS implementation. Tests for ntacls manipulation
   2 # Copyright (C) Andrew Bartlett 2018
   3 # Copyright (C) Joe Guo <joeg@catalyst.net.nz> 2018
   4 #
   5 # This program is free software; you can redistribute it and/or modify
   6 # it under the terms of the GNU General Public License as published by
   7 # the Free Software Foundation; either version 3 of the License, or
   8 # (at your option) any later version.
   9 #
  10 # This program is distributed in the hope that it will be useful,
  11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 # GNU General Public License for more details.
  14 #
  15 # You should have received a copy of the GNU General Public License
  16 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17 #
  18
  19 """Tests for samba ntacls backup"""
  20 import os
  21
  22 from samba import smb
  23 from samba.samba3 import smbd
  24 from samba import samdb
  25 from samba import ntacls
  26
  27 from samba.auth import system_session
  28 from samba.param import LoadParm
  29 from samba.dcerpc import security
  30 from samba.tests import TestCaseInTempDir
  31
  32
  33 class NtaclsBackupRestoreTests(TestCaseInTempDir):
  34     """
  35     Tests for NTACLs backup and restore.
  36     """
  37
  38     def setUp(self):
  39         super(NtaclsBackupRestoreTests, self).setUp()
  40
  41         self.server = os.environ["SERVER"]  # addc
  42         samdb_url='ldap://' + self.server
  43
  44         self.service = 'test1'  # service/share to test
  45         # root path for service
  46         self.service_root = os.path.join(
  47             os.environ["LOCAL_PATH"], self.service)
  48
  49         self.smb_conf_path = os.environ['SMB_CONF_PATH']
  50         self.dom_sid = security.dom_sid(os.environ['DOMSID'])
  51
  52         self.creds = self.insta_creds(template=self.get_credentials())
  53
  54         # helper will load conf into lp, that's how smbd can find services.
  55         self.ntacls_helper = ntacls.NtaclsHelper(self.service,
  56                                                  self.smb_conf_path,
  57                                                  self.dom_sid)
  58
  59         self.lp = self.ntacls_helper.lp
  60
  61         self.samdb_conn = samdb.SamDB(
  62             url=samdb_url, session_info=system_session(),
  63             credentials=self.creds, lp=self.lp)
  64
  65         self.smb_conn = smb.SMB(
  66             self.server, self.service, lp=self.lp, creds=self.creds)
  67
  68         self.smb_helper = ntacls.SMBHelper(self.smb_conn, self.dom_sid)
  69
  70         self.tarfile_path = os.path.join(self.tempdir,
  71                                          'ntacls-backup.tar.gz')
  72
  73         # an example file tree
  74         self.tree = {
  75             'file0.txt': b'test file0',
  76             'dir1': {
  77                 'file1.txt': b'test file1',
  78                 'dir2': {}  # an empty dir in dir
  79             },
  80         }
  81
  82         self._delete_tarfile()
  83         self.smb_helper.delete_tree()
  84
  85         self.smb_helper.create_tree(self.tree)
  86         self._check_tree()
  87         # keep a copy of ntacls after tree just created
  88         self.original_ntacls = self.smb_helper.get_ntacls()
  89
  90     def tearDown(self):
  91         self._delete_tarfile()
  92         self.smb_helper.delete_tree()
  93         super(NtaclsBackupRestoreTests, self).tearDown()
  94
  95     def _delete_tarfile(self):
  96         try:
  97             os.remove(self.tarfile_path)
  98         except OSError:
  99             pass
 100
 101     def _check_tarfile(self):
 102         self.assertTrue(os.path.isfile(self.tarfile_path))
 103
 104     def _check_tree(self):
 105         actual_tree = self.smb_helper.get_tree()
 106         self.assertDictEqual(self.tree, actual_tree)
 107
 108     def test_smbd_mkdir(self):
 109         """
 110         A smoke test for smbd.mkdir API
 111         """
 112
 113         dirpath = os.path.join(self.service_root, 'a-dir')
 114         smbd.mkdir(dirpath, self.service)
 115         self.assertTrue(os.path.isdir(dirpath))
 116
 117     def test_smbd_create_file(self):
 118         """
 119         A smoke test for smbd.create_file and smbd.unlink API
 120         """
 121
 122         filepath = os.path.join(self.service_root, 'a-file')
 123         smbd.create_file(filepath, self.service)
 124         self.assertTrue(os.path.isfile(filepath))
 125
 126         # As well as checking that unlink works, this removes the
 127         # fake xattrs from the dev/inode based DB
 128         smbd.unlink(filepath, self.service)
 129         self.assertFalse(os.path.isfile(filepath))
 130
 131     def test_compare_getntacl(self):
 132         """
 133         Ntacls get from different ways should be the same
 134         """
 135
 136         file_name = 'file0.txt'
 137         file_path = os.path.join(self.service_root, file_name)
 138
 139         sd0 = self.smb_helper.get_acl(file_name, as_sddl=True)
 140
 141         sd1 = self.ntacls_helper.getntacl(
 142             file_path, as_sddl=True, direct_db_access=False)
 143
 144         sd2 = self.ntacls_helper.getntacl(
 145             file_path, as_sddl=True, direct_db_access=True)
 146
 147         self.assertEquals(sd0, sd1)
 148         self.assertEquals(sd1, sd2)
 149
 150     def test_backup_online(self):
 151         """
 152         Backup service online, delete files, restore and check.
 153         """
 154         ntacls.backup_online(
 155             self.smb_conn, self.tarfile_path, self.dom_sid)
 156         self._check_tarfile()
 157
 158         self.smb_helper.delete_tree()
 159         ntacls.backup_restore(
 160             self.tarfile_path, self.service_root,
 161             self.samdb_conn, self.smb_conf_path)
 162         self._check_tree()
 163
 164         # compare ntacls after restored
 165         self.assertDictEqual(
 166             self.original_ntacls, self.smb_helper.get_ntacls())
 167
 168     def test_backup_offline(self):
 169         """
 170         Backup service offline, delete files, restore and check.
 171         """
 172         ntacls.backup_offline(
 173             self.service_root, self.tarfile_path,
 174             self.samdb_conn, self.smb_conf_path)
 175         self._check_tarfile()
 176
 177         self.smb_helper.delete_tree()
 178         ntacls.backup_restore(
 179             self.tarfile_path, self.service_root,
 180             self.samdb_conn, self.smb_conf_path)
 181         self._check_tree()
 182
 183         # compare ntacls after restored
 184         self.assertDictEqual(
 185             self.original_ntacls, self.smb_helper.get_ntacls())