python/samba/tests/ntacls_backup.py

   1 # Unix SMB/CIFS implementation. Tests for ntacls manipulation
   2 # Copyright (C) Andrew Bartlett 2018
   3 # Copyright (C) Joe Guo <joeg@catalyst.net.nz> 2018
   4 #
   5 # This program is free software; you can redistribute it and/or modify
   6 # it under the terms of the GNU General Public License as published by
   7 # the Free Software Foundation; either version 3 of the License, or
   8 # (at your option) any later version.
   9 #
  10 # This program is distributed in the hope that it will be useful,
  11 # but WITHOUT ANY WARRANTY; without even the implied warranty of
  12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  13 # GNU General Public License for more details.
  14 #
  15 # You should have received a copy of the GNU General Public License
  16 # along with this program.  If not, see <http://www.gnu.org/licenses/>.
  17 #
  18
  19 """Tests for samba ntacls backup"""
  20 import os
  21
  22 from samba.samba3 import libsmb_samba_internal as libsmb
  23 from samba.samba3 import smbd
  24 from samba import samdb
  25 from samba import ntacls
  26
  27 from samba.auth import system_session
  28 from samba.dcerpc import security
  29 from samba.tests import env_loadparm
  30 from samba.tests.smbd_base import SmbdBaseTests
  31
  32
  33 class NtaclsBackupRestoreTests(SmbdBaseTests):
  34     """
  35     Tests for NTACLs backup and restore.
  36     """
  37
  38     def setUp(self):
  39         super(NtaclsBackupRestoreTests, self).setUp()
  40
  41         self.server = os.environ["SERVER"]  # addc
  42         samdb_url = 'ldap://' + self.server
  43
  44         self.service = 'test1'  # service/share to test
  45         # root path for service
  46         self.service_root = os.path.join(
  47             os.environ["LOCAL_PATH"], self.service)
  48
  49         self.smb_conf_path = os.environ['SMB_CONF_PATH']
  50         self.creds = self.insta_creds(template=self.get_credentials())
  51
  52         self.samdb_conn = samdb.SamDB(
  53             url=samdb_url, session_info=system_session(),
  54             credentials=self.creds, lp=env_loadparm())
  55
  56         self.dom_sid = security.dom_sid(self.samdb_conn.get_domain_sid())
  57
  58         # helper will load conf into lp, that's how smbd can find services.
  59         self.ntacls_helper = ntacls.NtaclsHelper(self.service,
  60                                                  self.smb_conf_path,
  61                                                  self.dom_sid)
  62         self.lp = self.ntacls_helper.lp
  63
  64         self.smb_conn = libsmb.Conn(
  65             self.server, self.service, lp=self.lp, creds=self.creds)
  66
  67         self.smb_helper = ntacls.SMBHelper(self.smb_conn, self.dom_sid)
  68
  69         self.tarfile_path = os.path.join(self.tempdir,
  70                                          'ntacls-backup.tar.gz')
  71
  72         # an example file tree
  73         self.tree = {
  74             'file0.txt': b'test file0',
  75             'dir1': {
  76                 'file1.txt': b'test file1',
  77                 'dir2': {}  # an empty dir in dir
  78             },
  79         }
  80
  81         self._delete_tarfile()
  82         self.smb_helper.delete_tree()
  83
  84         self.smb_helper.create_tree(self.tree)
  85         self._check_tree()
  86         # keep a copy of ntacls after tree just created
  87         self.original_ntacls = self.smb_helper.get_ntacls()
  88
  89     def tearDown(self):
  90         self._delete_tarfile()
  91         self.smb_helper.delete_tree()
  92         super(NtaclsBackupRestoreTests, self).tearDown()
  93
  94     def _delete_tarfile(self):
  95         try:
  96             os.remove(self.tarfile_path)
  97         except OSError:
  98             pass
  99
 100     def _check_tarfile(self):
 101         self.assertTrue(os.path.isfile(self.tarfile_path))
 102
 103     def _check_tree(self):
 104         actual_tree = self.smb_helper.get_tree()
 105         self.assertDictEqual(self.tree, actual_tree)
 106
 107     def test_smbd_mkdir(self):
 108         """
 109         A smoke test for smbd.mkdir API
 110         """
 111
 112         dirpath = os.path.join(self.service_root, 'a-dir')
 113         smbd.mkdir(dirpath, self.service)
 114         self.assertTrue(os.path.isdir(dirpath))
 115
 116     def test_smbd_create_file(self):
 117         """
 118         A smoke test for smbd.create_file and smbd.unlink API
 119         """
 120
 121         filepath = os.path.join(self.service_root, 'a-file')
 122         smbd.create_file(filepath, self.service)
 123         self.assertTrue(os.path.isfile(filepath))
 124
 125         # As well as checking that unlink works, this removes the
 126         # fake xattrs from the dev/inode based DB
 127         smbd.unlink(filepath, self.service)
 128         self.assertFalse(os.path.isfile(filepath))
 129
 130     def test_compare_getntacl(self):
 131         """
 132         Ntacls get from different ways should be the same
 133         """
 134
 135         file_name = 'file0.txt'
 136         file_path = os.path.join(self.service_root, file_name)
 137
 138         sd0 = self.smb_helper.get_acl(file_name, as_sddl=True)
 139
 140         sd1 = self.ntacls_helper.getntacl(
 141             file_path, as_sddl=True, direct_db_access=False)
 142
 143         sd2 = self.ntacls_helper.getntacl(
 144             file_path, as_sddl=True, direct_db_access=True)
 145
 146         self.assertEquals(sd0, sd1)
 147         self.assertEquals(sd1, sd2)
 148
 149     def test_backup_online(self):
 150         """
 151         Backup service online, delete files, restore and check.
 152         """
 153         ntacls.backup_online(
 154             self.smb_conn, self.tarfile_path, self.dom_sid)
 155         self._check_tarfile()
 156
 157         self.smb_helper.delete_tree()
 158         ntacls.backup_restore(
 159             self.tarfile_path, self.service_root,
 160             self.samdb_conn, self.smb_conf_path)
 161         self._check_tree()
 162
 163         # compare ntacls after restored
 164         self.assertDictEqual(
 165             self.original_ntacls, self.smb_helper.get_ntacls())
 166
 167     def test_backup_offline(self):
 168         """
 169         Backup service offline, delete files, restore and check.
 170         """
 171         ntacls.backup_offline(
 172             self.service_root, self.tarfile_path,
 173             self.samdb_conn, self.smb_conf_path)
 174         self._check_tarfile()
 175
 176         self.smb_helper.delete_tree()
 177         ntacls.backup_restore(
 178             self.tarfile_path, self.service_root,
 179             self.samdb_conn, self.smb_conf_path)
 180         self._check_tree()
 181
 182         # compare ntacls after restored
 183         self.assertDictEqual(
 184             self.original_ntacls, self.smb_helper.get_ntacls())