git.samba.org / kai / samba.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r18979: With these extra indexes (also added for the normal case) and a
[kai/samba.git] / source4 / script / tests / mktestsetup.sh
1 #!/bin/sh
2
3 if [ $# -lt 1 ]
4 then
5         echo "$0 PREFIX"
6         exit 1
7 fi
8
9 PREFIX=$1
10
11 if test -z "$TLS_ENABLED"; then
12         TLS_ENABLED=false
13 fi
14
15 if test -z "$SHARE_BACKEND"; then
16         SHARE_BACKEND=classic
17 fi
18
19 DOMAIN=SAMBADOMAIN
20 USERNAME=administrator
21 REALM=SAMBA.EXAMPLE.COM
22 DNSNAME="samba.example.com"
23 BASEDN="dc=samba,dc=example,dc=com"
24 PASSWORD=penguin
25 AUTH="-U$USERNAME%$PASSWORD"
26 SRCDIR=`pwd`
27 ROOT=$USER
28 SERVER=localhost
29 NETBIOSNAME=localtest
30 if test -z "$ROOT"; then
31     ROOT=$LOGNAME
32 fi
33 if test -z "$ROOT"; then
34     ROOT=`whoami`
35 fi
36
37 oldpwd=`pwd`
38 srcdir=`dirname $0`/../..
39 mkdir -p $PREFIX || exit $?
40 cd $PREFIX
41 PREFIX_ABS=`pwd`
42 export PREFIX_ABS
43 cd $oldpwd
44
45 TEST_DATA_PREFIX=$PREFIX_ABS
46 export TEST_DATA_PREFIX
47
48 TMPDIR=$PREFIX_ABS/tmp
49 ETCDIR=$PREFIX_ABS/etc
50 PIDDIR=$PREFIX_ABS/pid
51 CONFFILE=$ETCDIR/smb.conf
52 KRB5_CONFIG=$ETCDIR/krb5.conf
53 PRIVATEDIR=$PREFIX_ABS/private
54 NCALRPCDIR=$PREFIX_ABS/ncalrpc
55 LOCKDIR=$PREFIX_ABS/lockdir
56 TLSDIR=$PRIVATEDIR/tls
57 DHFILE=$TLSDIR/dhparms.pem
58 CAFILE=$TLSDIR/ca.pem
59 CERTFILE=$TLSDIR/cert.pem
60 KEYFILE=$TLSDIR/key.pem
61 WINBINDD_SOCKET_DIR=$PREFIX_ABS/winbind_socket
62 CONFIGURATION="--configfile=$CONFFILE"
63 LDAPDIR=$PREFIX_ABS/ldap
64 SLAPD_CONF=$LDAPDIR/slapd.conf
65 export CONFIGURATION
66 export CONFFILE
67 export SLAPD_CONF
68 export PIDDIR
69 export AUTH
70 export SERVER
71 export NETBIOSNAME
72
73 rm -rf $PREFIX/*
74 mkdir -p $PRIVATEDIR $ETCDIR $PIDDIR $NCALRPCDIR $LOCKDIR $TMPDIR $TLSDIR $LDAPDIR/db $LDAPDIR/db/bdb-logs $LDAPDIR/db/tmp
75
76 if [ -z "$VALGRIND" ]; then
77     nativeiconv="true"
78 else
79     nativeiconv="false"
80 fi
81
82 cat >$CONFFILE<<EOF
83 [global]
84         iconv:native = $nativeiconv
85         netbios name = $NETBIOSNAME
86         netbios aliases = $SERVER
87         workgroup = $DOMAIN
88         realm = $REALM
89         private dir = $PRIVATEDIR
90         pid directory = $PIDDIR
91         ncalrpc dir = $NCALRPCDIR
92         lock dir = $LOCKDIR
93         share backend = $SHARE_BACKEND
94         setup directory = $SRCDIR/setup
95         js include = $SRCDIR/scripting/libjs
96         winbindd socket directory = $WINBINDD_SOCKET_DIR
97         name resolve order = bcast
98         interfaces = 127.0.0.1/8
99         tls enabled = $TLS_ENABLED
100         tls dh params file = $DHFILE
101         panic action = $SRCDIR/script/gdb_backtrace %PID% %PROG%
102         wins support = yes
103         server role = pdc
104         max xmit = 32K
105         server max protocol = SMB2
106         notify:inotify = false
107         ldb:nosync = true
108
109 system:anonymous = true
110
111 [tmp]
112         path = $TMPDIR
113         read only = no
114         ntvfs handler = posix
115         posix:sharedelay = 100000
116         posix:eadb = $LOCKDIR/eadb.tdb
117
118 [cifs]
119         read only = no
120         ntvfs handler = cifs
121         cifs:server = $SERVER
122         cifs:user = $USERNAME
123         cifs:password = $PASSWORD
124         cifs:domain = $DOMAIN
125         cifs:share = tmp
126
127 [simple]
128         path = $TMPDIR
129         read only = no
130         ntvfs handler = simple
131
132 [cifsposixtestshare]
133         read only = no
134         ntvfs handler = cifsposix   
135         path = $TMPDIR
136 EOF
137
138 ## Override default srahes_config.ldb file
139 rm -f $PRIVATEDIR/share.ldb
140 cat >$PRIVATEDIR/share.ldif<<EOF
141 ### Shares basedn
142 dn: @INDEXLIST
143 @IDXATTR: name
144
145 dn: @ATTRIBUTES
146 cn: CASE_INSENSITIVE
147 dc: CASE_INSENSITIVE
148 name: CASE_INSENSITIVE
149 dn: CASE_INSENSITIVE
150 objectClass: CASE_INSENSITIVE
151
152 dn: CN=Shares
153 objectClass: top
154 objectClass: organizationalUnit
155 cn: Shares
156
157 ### Default IPC$ Share
158 dn: CN=IPC$,CN=Shares
159 objectClass: top
160 objectClass: share
161 cn: IPC$
162 name: IPC$
163 type: IPC
164 path: /tmp
165 comment: Remote IPC
166 max-connections: -1
167 available: True
168 readonly: True
169 browseable: False
170 ntvfs-handler: default
171
172 ### Default ADMIN$ Share
173 dn: CN=ADMIN$,CN=Shares
174 objectClass: top
175 objectClass: share
176 cn: ADMIN$
177 name: ADMIN$
178 type: DISK
179 path: /tmp
180 comment: Remote Admin
181 max-connections: -1
182 available: True
183 readonly: True
184 browseable: False
185 ntvfs-handler: default
186
187 dn: CN=tmp,CN=Shares
188 objectClass: top
189 objectClass: share
190 cn: tmp
191 name: tmp
192 type: DISK
193 path: $TMPDIR
194 comment: Temp Dir for Tests
195 readonly: False
196 ntvfs-handler: posix
197 posix-sharedelay: 100000
198 posix-eadb: $LOCKDIR/eadb.tdb
199
200 dn: CN=cifs,CN=Shares
201 objectClass: top
202 objectClass: share
203 cn: cifs
204 name: cifs
205 type: DISK
206 readonly: False
207 ntvfs-handler: cifs
208 cifs-server: $SERVER
209 cifs-user: $USERNAME
210 cifs-password: $PASSWORD
211 cifs-domain: $DOMAIN
212 cifs-share: tmp
213 EOF
214
215 $srcdir/bin/ldbadd -H $PRIVATEDIR/share.ldb < $PRIVATEDIR/share.ldif >/dev/null || exit 1
216
217 cat >$KRB5_CONFIG<<EOF
218 [libdefaults]
219  default_realm = SAMBA.EXAMPLE.COM
220  dns_lookup_realm = false
221  dns_lookup_kdc = false
222  ticket_lifetime = 24h
223  forwardable = yes
224
225 [realms]
226  SAMBA.EXAMPLE.COM = {
227   kdc = 127.0.0.1:88
228   admin_server = 127.0.0.1:88
229   default_domain = samba.example.com
230  }
231 [domain_realm]
232  .samba.example.com = SAMBA.EXAMPLE.COM
233 EOF
234 export KRB5_CONFIG
235
236 cat >$DHFILE<<EOF 
237 -----BEGIN DH PARAMETERS-----
238 MGYCYQC/eWD2xkb7uELmqLi+ygPMKyVcpHUo2yCluwnbPutEueuxrG/Cys8j8wLO
239 svCN/jYNyR2NszOmg7ZWcOC/4z/4pWDVPUZr8qrkhj5MRKJc52MncfaDglvEdJrv
240 YX70obsCAQI=
241 -----END DH PARAMETERS-----
242
243 EOF
244
245 cat >$CAFILE<<EOF
246 -----BEGIN CERTIFICATE-----
247 MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft
248 YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1
249 dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw
250 NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p
251 c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0
252 ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB
253 jAAwgYgCgYC3WJ7DNQAVnqiJxhf6Tq4pqNyUIlioDFNnkJZ6ycElhblyDb3vaagO
254 9c+saw3cl/4KGWBZK46HtimRApE6ZriV7yHSB4afVjhnHZvlQVccAuTKJatBpIeb
255 kenOX0boUVXrWWj6VVnseab+5nA+uPZQQHinRLEVhUn72I14YdKJOQIDAQABoyUw
256 IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB
257 BQOBgQA5IVkBXU2S4i3dSSM9KmdKJinok1IOGNLZYQSyzduuie9vTmGXCQiQppWb
258 oSjZaf/Zn8La8THvm4QfmwruPkTEL956BRyN9hHYwHWZsebJr7DvSrF1Zugd0jFs
259 DZZFfDUSinYEqApdYzMka/GYTSk1Fa31G5TVD56mIdxmVAdC+A==
260 -----END CERTIFICATE-----
261
262 EOF
263
264 cat >$CERTFILE<<EOF
265 -----BEGIN CERTIFICATE-----
266 MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft
267 YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1
268 dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw
269 NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p
270 c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0
271 ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB
272 jAAwgYgCgYDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpcol3+
273 S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H6H+p
274 PqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQABoyUw
275 IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB
276 BQOBgQAmkN6XxvDnoMkGcWLCTwzxGfNNSVcYr7TtL2aJh285Xw9zaxcm/SAZBFyG
277 LYOChvh6hPU7joMdDwGfbiLrBnMag+BtGlmPLWwp/Kt1wNmrRhduyTQFhN3PP6fz
278 nBr9vVny2FewB2gHmelaPS//tXdxivSXKz3NFqqXLDJjq7P8wA==
279 -----END CERTIFICATE-----
280
281 EOF
282
283 cat >$KEYFILE<<EOF
284 -----BEGIN RSA PRIVATE KEY-----
285 MIICXQIBAAKBgQDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpc
286 ol3+S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H
287 6H+pPqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQAB
288 AoGAAqDLzFRR/BF1kpsiUfL4WFvTarCe9duhwj7ORc6fs785qAXuwUYAJ0Uvzmy6
289 HqoGv3t3RfmeHDmjcpPHsbOKnsOQn2MgmthidQlPBMWtQMff5zdoYNUFiPS0XQBq
290 szNW4PRjaA9KkLQVTwnzdXGkBSkn/nGxkaVu7OR3vJOBoo0CQQDO4upypesnbe6p
291 9/xqfZ2uim8IwV1fLlFClV7WlCaER8tsQF4lEi0XSzRdXGUD/dilpY88Nb+xok/X
292 8Z8OvgAXAkEA+pcLsx1gN7kxnARxv54jdzQjC31uesJgMKQXjJ0h75aUZwTNHmZQ
293 vPxi6u62YiObrN5oivkixwFNncT9MxTxVQJBAMaWUm2SjlLe10UX4Zdm1MEB6OsC
294 kVoX37CGKO7YbtBzCfTzJGt5Mwc1DSLA2cYnGJqIfSFShptALlwedot0HikCQAJu
295 jNKEKnbf+TdGY8Q0SKvTebOW2Aeg80YFkaTvsXCdyXrmdQcifw4WdO9KucJiDhSz
296 Y9hVapz7ykEJtFtWjLECQQDIlfc63I5ZpXfg4/nN4IJXUW6AmPVOYIA5215itgki
297 cSlMYli1H9MEXH0pQMGv5Qyd0OYIx2DDg96mZ+aFvqSG
298 -----END RSA PRIVATE KEY-----
299
300 EOF
301
302 cat >$SLAPD_CONF <<EOF
303 loglevel 0
304
305 include $LDAPDIR/ad.schema
306
307 pidfile         $PIDDIR/slapd.pid
308 argsfile        $LDAPDIR/slapd.args
309 sasl-realm $DNSNAME
310 access to * by * write
311
312 allow update_anon
313
314 authz-regexp
315           uid=([^,]*),cn=$DNSNAME,cn=digest-md5,cn=auth
316           ldap:///$BASEDN??sub?(samAccountName=\$1)
317
318 authz-regexp
319           uid=([^,]*),cn=([^,]*),cn=digest-md5,cn=auth
320           ldap:///$BASEDN??sub?(samAccountName=\$1)
321
322 include $LDAPDIR/modules.conf
323
324 defaultsearchbase "$BASEDN"
325
326 backend         bdb
327 database        bdb
328 suffix          "$BASEDN"
329 rootdn          "cn=Manager,$BASEDN"
330 rootpw          $PASSWORD
331 directory       $LDAPDIR/db
332 index           objectClass eq
333 index           samAccountName eq
334 index name eq
335 index objectSid eq
336 index objectCategory eq
337 index member eq
338 index uidNumber eq
339 index gidNumber eq
340 index unixName eq
341 index privilege eq
342 index nCName eq pres
343 index lDAPDisplayName eq
344 index subClassOf eq
345 index dnsRoot eq
346 index nETBIOSName eq pres
347
348 overlay syncprov
349 syncprov-checkpoint 100 10
350 syncprov-sessionlog 100
351
352 EOF
353
354 cat > $LDAPDIR/db/DB_CONFIG <<EOF
355 #
356         # Set the database in memory cache size.
357         #
358         set_cachesize   0       524288        0
359         
360         
361         #
362         # Set database flags (this is a test environment, we don't need to fsync()).
363         #               
364         set_flags       DB_TXN_NOSYNC
365         
366         #
367         # Set log values.
368         #
369         set_lg_regionmax        104857
370         set_lg_max              1048576
371         set_lg_bsize            209715
372         set_lg_dir              $LDAPDIR/db/bdb-logs
373         
374         
375         #
376         # Set temporary file creation directory.
377         #                       
378         set_tmp_dir             $LDAPDIR/db/tmp
379 EOF
380
381 PROVISION_OPTIONS="$CONFIGURATION --host-name=$NETBIOSNAME --host-ip=127.0.0.1"
382 PROVISION_OPTIONS="$PROVISION_OPTIONS --quiet --domain $DOMAIN --realm $REALM"
383 PROVISION_OPTIONS="$PROVISION_OPTIONS --adminpass $PASSWORD --root=$ROOT"
384 PROVISION_OPTIONS="$PROVISION_OPTIONS --simple-bind-dn=cn=Manager,$BASEDN --password=$PASSWORD --root=$ROOT"
385 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS
386
387 LDAPI="ldapi://$LDAPDIR/ldapi"
388 LDAPI_ESCAPE="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
389 export LDAPI
390 export LDAPI_ESCAPE
391
392 #This uses the provision we just did, to read out the schema
393 $srcdir/bin/ad2oLschema $CONFIGURATION -H $PRIVATEDIR/sam.ldb -I $srcdir/setup/schema-map-openldap-2.3 -O $LDAPDIR/ad.schema
394 #Now create an LDAP baseDN
395 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS --ldap-base
396
397 OLDPATH=$PATH
398 PATH=/usr/local/sbin:/usr/sbin:/sbin:$PATH
399 export PATH
400
401 MODCONF=$LDAPDIR/modules.conf
402 rm -f $MODCONF
403 touch $MODCONF
404
405 slaptest -u -f $SLAPD_CONF > /dev/null 2>&1 || {
406     echo "enabling slapd modules"
407     cat > $MODCONF <<EOF 
408 modulepath      /usr/lib/ldap
409 moduleload      back_bdb
410 EOF
411 }
412
413 if slaptest -u -f $SLAPD_CONF; then
414     slapadd -f $SLAPD_CONF < $PRIVATEDIR/$DNSNAME.ldif || {
415         echo "slapadd failed"
416     }
417
418     slaptest -f $SLAPD_CONF || {
419         echo "slaptest after database load failed"
420     }
421 fi
422     
423 PATH=$OLDPATH
424 export PATH
425
426
427 cat >$PRIVATEDIR/wins_config.ldif<<EOF
428 dn: name=TORTURE_6,CN=PARTNERS
429 objectClass: wreplPartner
430 name: TORTURE_6
431 address: 127.0.0.6
432 pullInterval: 0
433 pushChangeCount: 0
434 type: 0x3
435 EOF
436
437 $srcdir/bin/ldbadd -H $PRIVATEDIR/wins_config.ldb < $PRIVATEDIR/wins_config.ldif >/dev/null || exit 1
438
Kai's WIP code