[SCM] Samba Shared Repository - branch master updated

Matthieu Patou mat at samba.org
Sat Jul 3 14:17:06 MDT 2010 

  On 03/07/2010 14:05, Matthias Dieter WallnXXfer wrote:
> The branch, master has been updated
>         via  43b0c31... s4:setup/provision_basedn_modify.ldif - set "minPwdAge" to the right value
We'll need to see how upgradeprovision handle this ...
>         via  c0ee606... s4:pwsettings net utility - change also here the "minPwdAge" to be the real default
>         via  73c69a1... s4:blackbox/test_passwords.sh - perform also here the adaptions for "minPwdAge" != 0
>         via  ec9fa90... s4:dsdb/tests/passwords.py - set and reset the "minPwdAge" properly
>        from  86cde0a... Tests for user-change-password and force-password-change access rights
>
> http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
>
>
> - Log -----------------------------------------------------------------
> commit 43b0c314d80efdaec17d601929d3e6b0cdebcff0
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date:   Sat Jul 3 10:56:14 2010 +0200
>
>      s4:setup/provision_basedn_modify.ldif - set "minPwdAge" to the right value
>
>      Now we should have fixed all password related tests to cooperate with this value
>
> commit c0ee606474ffb355e7c4e8dd70c773fe8904fa4b
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date:   Sat Jul 3 11:27:20 2010 +0200
>
>      s4:pwsettings net utility - change also here the "minPwdAge" to be the real default
>
>      Which is one day.
>
> commit 73c69a195abc68146352da399418b9f64a6ca803
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date:   Sat Jul 3 11:23:39 2010 +0200
>
>      s4:blackbox/test_passwords.sh - perform also here the adaptions for "minPwdAge" != 0
>
> commit ec9fa906c79c4f71d0230dd57dfde6dd67f37201
> Author: Matthias Dieter Wallnöfer<mdw at samba.org>
> Date:   Sat Jul 3 11:07:10 2010 +0200
>
>      s4:dsdb/tests/passwords.py - set and reset the "minPwdAge" properly
>
>      After a patch proposal of Nadya and some reflection I think that it's really
>      worth to change all tests which need a "0" "minPwdAge" to set it manually and
>      reset the default afterwards.
>
>      So we can finally introduce the default "minPwdAge" on provision.
>
>      Patch proposal by: Nadya Ivanova
>
> -----------------------------------------------------------------------
>
> Summary of changes:
>   source4/dsdb/tests/python/passwords.py             |   23 ++++++++++++++++++-
>   .../scripting/python/samba/netcmd/pwsettings.py    |    4 +-
>   source4/setup/provision_basedn_modify.ldif         |    3 +-
>   testprogs/blackbox/test_passwords.sh               |    4 +-
>   4 files changed, 26 insertions(+), 8 deletions(-)
>
>
> Changeset truncated at 500 lines:
>
> diff --git a/source4/dsdb/tests/python/passwords.py b/source4/dsdb/tests/python/passwords.py
> index bf9e909..c288ed5 100755
> --- a/source4/dsdb/tests/python/passwords.py
> +++ b/source4/dsdb/tests/python/passwords.py
> @@ -7,8 +7,6 @@
>   # Notice: This tests will also work against Windows Server if the connection is
>   # secured enough (SASL with a minimum of 128 Bit encryption) - consider
>   # MS-ADTS 3.1.1.3.1.5
> -#
> -# Important: Make sure that the minimum password age is set to "0"!
>
>   import optparse
>   import sys
> @@ -584,6 +582,11 @@ res = ldb.search(base="", expression="", scope=SCOPE_BASE,
>                    attrs=["configurationNamingContext"])
>   configuration_dn = res[0]["configurationNamingContext"][0]
>
> +# Gets back the basedn
> +res = ldb.search(base="", expression="", scope=SCOPE_BASE,
> +                 attrs=["defaultNamingContext"])
> +base_dn = res[0]["defaultNamingContext"][0]
> +
>   # Get the old "dSHeuristics" if it was set
>   res = ldb.search("CN=Directory Service, CN=Windows NT, CN=Services, "
>                    + configuration_dn, scope=SCOPE_BASE, attrs=["dSHeuristics"])
> @@ -600,6 +603,16 @@ m["dSHeuristics"] = MessageElement("000000001", FLAG_MOD_REPLACE,
>     "dSHeuristics")
>   ldb.modify(m)
>
> +# Get the old "minPwdAge"
> +res = ldb.search(base_dn, scope=SCOPE_BASE, attrs=["minPwdAge"])
> +minPwdAge = res[0]["minPwdAge"][0]
> +
> +# Set it temporarely to "0"
> +m = Message()
> +m.dn = Dn(ldb, base_dn)
> +m["minPwdAge"] = MessageElement("0", FLAG_MOD_REPLACE, "minPwdAge")
> +ldb.modify(m)
> +
>   runner = SubunitTestRunner()
>   rc = 0
>   if not runner.run(unittest.makeSuite(PasswordTests)).wasSuccessful():
> @@ -616,4 +629,10 @@ else:
>       m["dSHeuristics"] = MessageElement([], FLAG_MOD_DELETE, "dsHeuristics")
>   ldb.modify(m)
>
> +# Reset the "minPwdAge" as it was before
> +m = Message()
> +m.dn = Dn(ldb, base_dn)
> +m["minPwdAge"] = MessageElement(minPwdAge, FLAG_MOD_REPLACE, "minPwdAge")
> +ldb.modify(m)
> +
>   sys.exit(rc)
> diff --git a/source4/scripting/python/samba/netcmd/pwsettings.py b/source4/scripting/python/samba/netcmd/pwsettings.py
> index f4f8270..bfec13c 100644
> --- a/source4/scripting/python/samba/netcmd/pwsettings.py
> +++ b/source4/scripting/python/samba/netcmd/pwsettings.py
> @@ -55,7 +55,7 @@ class cmd_pwsettings(Command):
>           Option("--min-pwd-length",
>             help="The minimum password length (<integer>  | default).  Default is 7.", type=str),
>           Option("--min-pwd-age",
> -          help="The minimum password age (<integer in days>  | default).  Default is 0.", type=str),
> +          help="The minimum password age (<integer in days>  | default).  Default is 1.", type=str),
>           Option("--max-pwd-age",
>             help="The maximum password age (<integer in days>  | default).  Default is 43.", type=str),
>             ]
> @@ -142,7 +142,7 @@ class cmd_pwsettings(Command):
>
>               if min_pwd_age is not None:
>                   if min_pwd_age == "default":
> -                    min_pwd_age = 0
> +                    min_pwd_age = 1
>                   else:
>                       min_pwd_age = int(min_pwd_age)
>
> diff --git a/source4/setup/provision_basedn_modify.ldif b/source4/setup/provision_basedn_modify.ldif
> index b4f3016..53845f7 100644
> --- a/source4/setup/provision_basedn_modify.ldif
> +++ b/source4/setup/provision_basedn_modify.ldif
> @@ -35,9 +35,8 @@ lockoutThreshold: 0
>   replace: maxPwdAge
>   maxPwdAge: -36288000000000
>   -
> -# "minPwdAge" is "0" in order to let the password change tests pass
>   replace: minPwdAge
> -minPwdAge: 0
> +minPwdAge: -864000000000
>   -
>   replace: minPwdLength
>   minPwdLength: 7
> diff --git a/testprogs/blackbox/test_passwords.sh b/testprogs/blackbox/test_passwords.sh
> index 167c1b2..de7e31e 100755
> --- a/testprogs/blackbox/test_passwords.sh
> +++ b/testprogs/blackbox/test_passwords.sh
> @@ -48,6 +48,8 @@ test_smbclient() {
>   CONFIG="--configfile=$PREFIX/dc/etc/smb.conf"
>   export CONFIG
>
> +testit "reset password policies beside of minimum password age of 0 days" $VALGRIND $net pwsettings $CONFIG set --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=0 --max-pwd-age=default || failed=`expr $failed + 1`
> +
>   USERPASS=testPaSS at 01%
>
>   testit "create user locally" $VALGRIND $newuser $CONFIG nettestuser $USERPASS $@ || failed=`expr $failed + 1`
> @@ -161,8 +163,6 @@ USERPASS=$NEWUSERPASS
>
>   test_smbclient "Test login with user kerberos" 'ls' -k yes -Unettestuser@$REALM%$NEWUSERPASS || failed=`expr $failed + 1`
>
> -testit "reset password policies" $VALGRIND $net pwsettings set $CONFIG --complexity=default --history-length=default --min-pwd-length=default --min-pwd-age=default --max-pwd-age=default || failed=`expr $failed + 1`
> -
>   NEWUSERPASS=abcdefg
>   testit_expect_failure "try to set a non-complex password (command should not succeed)" $VALGRIND $net password change -W$DOMAIN "-U$DOMAIN/nettestuser%$USERPASS" -k no "$NEWUSERPASS" $@&&  failed=`expr $failed + 1`
>
>
>


-- 
Matthieu Patou
Samba Team        http://samba.org

More information about the samba-cvs mailing list