1 # Unix SMB/CIFS implementation. Tests for ntacls manipulation
2 # Copyright (C) Andrew Bartlett 2018
3 # Copyright (C) Joe Guo <joeg@catalyst.net.nz> 2018
5 # This program is free software; you can redistribute it and/or modify
6 # it under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # This program is distributed in the hope that it will be useful,
11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with this program. If not, see <http://www.gnu.org/licenses/>.
19 """Tests for samba ntacls backup"""
22 from samba.samba3 import libsmb_samba_internal as libsmb
23 from samba.samba3 import smbd
24 from samba import samdb
25 from samba import ntacls
27 from samba.auth import system_session
28 from samba.dcerpc import security
29 from samba.tests import env_loadparm
30 from samba.tests.smbd_base import SmbdBaseTests
33 class NtaclsBackupRestoreTests(SmbdBaseTests):
35 Tests for NTACLs backup and restore.
39 super(NtaclsBackupRestoreTests, self).setUp()
41 self.server = os.environ["SERVER"] # addc
42 samdb_url = 'ldap://' + self.server
44 self.service = 'test1' # service/share to test
45 # root path for service
46 self.service_root = os.path.join(
47 os.environ["LOCAL_PATH"], self.service)
49 self.smb_conf_path = os.environ['SMB_CONF_PATH']
50 self.creds = self.insta_creds(template=self.get_credentials())
52 self.samdb_conn = samdb.SamDB(
53 url=samdb_url, session_info=system_session(),
54 credentials=self.creds, lp=env_loadparm())
56 self.dom_sid = security.dom_sid(self.samdb_conn.get_domain_sid())
58 # helper will load conf into lp, that's how smbd can find services.
59 self.ntacls_helper = ntacls.NtaclsHelper(self.service,
62 self.lp = self.ntacls_helper.lp
64 self.smb_conn = libsmb.Conn(
65 self.server, self.service, lp=self.lp, creds=self.creds)
67 self.smb_helper = ntacls.SMBHelper(self.smb_conn, self.dom_sid)
69 self.tarfile_path = os.path.join(self.tempdir,
70 'ntacls-backup.tar.gz')
72 # an example file tree
74 'file0.txt': b'test file0',
76 'file1.txt': b'test file1',
77 'dir2': {} # an empty dir in dir
81 self._delete_tarfile()
82 self.smb_helper.delete_tree()
84 self.smb_helper.create_tree(self.tree)
86 # keep a copy of ntacls after tree just created
87 self.original_ntacls = self.smb_helper.get_ntacls()
90 self._delete_tarfile()
91 self.smb_helper.delete_tree()
92 super(NtaclsBackupRestoreTests, self).tearDown()
94 def _delete_tarfile(self):
96 os.remove(self.tarfile_path)
100 def _check_tarfile(self):
101 self.assertTrue(os.path.isfile(self.tarfile_path))
103 def _check_tree(self):
104 actual_tree = self.smb_helper.get_tree()
105 self.assertDictEqual(self.tree, actual_tree)
107 def test_smbd_mkdir(self):
109 A smoke test for smbd.mkdir API
112 dirpath = os.path.join(self.service_root, 'a-dir')
113 smbd.mkdir(dirpath, self.service)
114 self.assertTrue(os.path.isdir(dirpath))
116 def test_smbd_create_file(self):
118 A smoke test for smbd.create_file and smbd.unlink API
121 filepath = os.path.join(self.service_root, 'a-file')
122 smbd.create_file(filepath, self.service)
123 self.assertTrue(os.path.isfile(filepath))
125 # As well as checking that unlink works, this removes the
126 # fake xattrs from the dev/inode based DB
127 smbd.unlink(filepath, self.service)
128 self.assertFalse(os.path.isfile(filepath))
130 def test_compare_getntacl(self):
132 Ntacls get from different ways should be the same
135 file_name = 'file0.txt'
136 file_path = os.path.join(self.service_root, file_name)
138 sd0 = self.smb_helper.get_acl(file_name, as_sddl=True)
140 sd1 = self.ntacls_helper.getntacl(
141 file_path, as_sddl=True, direct_db_access=False)
143 sd2 = self.ntacls_helper.getntacl(
144 file_path, as_sddl=True, direct_db_access=True)
146 self.assertEquals(sd0, sd1)
147 self.assertEquals(sd1, sd2)
149 def test_backup_online(self):
151 Backup service online, delete files, restore and check.
153 ntacls.backup_online(
154 self.smb_conn, self.tarfile_path, self.dom_sid)
155 self._check_tarfile()
157 self.smb_helper.delete_tree()
158 ntacls.backup_restore(
159 self.tarfile_path, self.service_root,
160 self.samdb_conn, self.smb_conf_path)
163 # compare ntacls after restored
164 self.assertDictEqual(
165 self.original_ntacls, self.smb_helper.get_ntacls())
167 def test_backup_offline(self):
169 Backup service offline, delete files, restore and check.
171 ntacls.backup_offline(
172 self.service_root, self.tarfile_path,
173 self.samdb_conn, self.smb_conf_path)
174 self._check_tarfile()
176 self.smb_helper.delete_tree()
177 ntacls.backup_restore(
178 self.tarfile_path, self.service_root,
179 self.samdb_conn, self.smb_conf_path)
182 # compare ntacls after restored
183 self.assertDictEqual(
184 self.original_ntacls, self.smb_helper.get_ntacls())