[SCM] Samba Shared Repository - branch v4-2-test updated
Karolin Seeger
kseeger at samba.org
Sat Jun 6 18:30:10 MDT 2015
The branch, v4-2-test has been updated
via 09e0734 tstream: Make socketpair nonblocking
via 3f01e75 nsswitch: Extend idmap_rfc2307 testcase for reverse lookup
via 7a36a93 idmap_rfc2307: Fix wbinfo --gid-to-sid query
via ceb7c09 s4.2/fsmo.py: fixed fsmo transfer exception
from 4233065 s4:lib/tls: fix build with gnutls 3.4
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test
- Log -----------------------------------------------------------------
commit 09e073429c04c32939856e11481a56b4326f8ffc
Author: Volker Lendecke <vl at samba.org>
Date: Wed Jun 3 13:41:24 2015 +0000
tstream: Make socketpair nonblocking
When we have a large RPC reply, we can't block in the RPC server.
Test: Do rpcclient netshareenumall with a thousand shares defined
Signed-off-by: Volker Lendecke <vl at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Bug: https://bugzilla.samba.org/show_bug.cgi?id=11312
Autobuild-User(v4-2-test): Karolin Seeger <kseeger at samba.org>
Autobuild-Date(v4-2-test): Sun Jun 7 02:29:10 CEST 2015 on sn-devel-104
commit 3f01e7513e190b0b7eee2d1f5d23d459dbafdb9b
Author: Christof Schmitt <cs at samba.org>
Date: Fri Jun 5 08:59:50 2015 -0700
nsswitch: Extend idmap_rfc2307 testcase for reverse lookup
Also test the codepaths to map UID and GID back to SID and names. Use
different user and group to avoid returning results cached from the
previous lookups.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11313
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Jun 5 01:24:32 CEST 2015 on sn-devel-104
(cherry picked from commit c1c07b462058f863e706127203e6f30dba89a2a9)
commit 7a36a93c6b4cbbb54ee91fa70baeb8f0ce82e6a8
Author: Christof Schmitt <cs at samba.org>
Date: Thu Jun 4 12:11:27 2015 -0700
idmap_rfc2307: Fix wbinfo --gid-to-sid query
Fix syntax error in LDAP query for gidNumber.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11313
Signed-off-by: Christof Schmitt <cs at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
(cherry picked from commit 835c278e43b9dec98834de0fb12445720e9df2e5)
commit ceb7c090d8f11dc320326ac02cf3dabb1ce121e7
Author: Steve Howells <steve.howells at moscowfirst.com>
Date: Sat Jan 31 16:09:17 2015 +0000
s4.2/fsmo.py: fixed fsmo transfer exception
In transfer_role() there is an duplicate call to samdb.modify() inside the if statement
where the type of role is being determined (specifically for the naming fsmo). This
call is unnecessary as after the if statement their is a correct call, with a try/catch
block, used by all fsmo transfers that will handle errors - such as the DC with the
fsmo role being offline.
The call to samdb.modify() inside the if statement for naming fsmo has been removed.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10924
Signed-off-by: Steve Howells <steve.howells at moscowfirst.com>
Reviewed-by: Stefan Metzmacher <metze at samba.org>
Reviewed-by: Marc Muehlfeld <mmuehlfeld at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
(cherry picked from commit 9198246f91c02e33ed7a3580588557d0fb9f8811)
-----------------------------------------------------------------------
Summary of changes:
libcli/named_pipe_auth/npa_tstream.c | 25 ++++++++++---
nsswitch/tests/test_idmap_rfc2307.sh | 72 +++++++++++++++++++++++++++++++-----
python/samba/netcmd/fsmo.py | 1 -
source3/selftest/tests.py | 2 +-
source3/winbindd/idmap_rfc2307.c | 2 +-
5 files changed, 85 insertions(+), 17 deletions(-)
Changeset truncated at 500 lines:
diff --git a/libcli/named_pipe_auth/npa_tstream.c b/libcli/named_pipe_auth/npa_tstream.c
index 3d3f55e..3539202 100644
--- a/libcli/named_pipe_auth/npa_tstream.c
+++ b/libcli/named_pipe_auth/npa_tstream.c
@@ -1468,17 +1468,23 @@ int _tstream_npa_socketpair(uint16_t file_type,
fd1 = fds[0];
fd2 = fds[1];
+ rc = set_blocking(fd1, false);
+ if (rc == -1) {
+ goto close_fail;
+ }
+
+ rc = set_blocking(fd2, false);
+ if (rc == -1) {
+ goto close_fail;
+ }
+
rc = _tstream_npa_existing_socket(mem_ctx1,
fd1,
file_type,
&stream1,
location);
if (rc == -1) {
- int sys_errno = errno;
- close(fd1);
- close(fd2);
- errno = sys_errno;
- return -1;
+ goto close_fail;
}
rc = _tstream_npa_existing_socket(mem_ctx2,
@@ -1498,4 +1504,13 @@ int _tstream_npa_socketpair(uint16_t file_type,
*pstream2 = stream2;
return 0;
+
+close_fail:
+ {
+ int sys_errno = errno;
+ close(fd1);
+ close(fd2);
+ errno = sys_errno;
+ return -1;
+ }
}
diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh
index cb60364..90e32a7 100755
--- a/nsswitch/tests/test_idmap_rfc2307.sh
+++ b/nsswitch/tests/test_idmap_rfc2307.sh
@@ -1,21 +1,24 @@
#!/bin/sh
# Test id mapping through idmap_rfc2307 module
if [ $# -lt 9 ]; then
- echo Usage: $0 DOMAIN USERNAME UID GROUPNAME GID LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD
+ echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 GROUPNAME GID GROUPNAME2 GID2 LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD
exit 1
fi
DOMAIN="$1"
USERNAME="$2"
USERUID="$3"
-GROUPNAME="$4"
-GROUPGID="$5"
-LDAPPREFIX="$6"
-DC_SERVER="$7"
-DC_USERNAME="$8"
-DC_PASSWORD="$9"
-
-echo called with: $1 $2 $3 $4 $5 $6 $7 $8 $9
+USERNAME2="$4"
+USERUID2="$5"
+GROUPNAME="$6"
+GROUPGID="$7"
+GROUPNAME2="$8"
+GROUPGID2="$9"
+shift 9
+LDAPPREFIX="$1"
+DC_SERVER="$2"
+DC_USERNAME="$3"
+DC_PASSWORD="$4"
wbinfo="$VALGRIND $BINDIR/wbinfo"
@@ -35,7 +38,9 @@ failed=0
# Delete LDAP records
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX"
+$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX"
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX"
+$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX"
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX"
# Add id mapping information to LDAP
@@ -62,6 +67,20 @@ EOF
testit "add ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb
cat > $PREFIX/tmpldb <<EOF
+dn: cn=$USERNAME2,$LDAPPREFIX
+objectClass: organizationalPerson
+objectClass: posixAccount
+ou: People
+cn: $USERNAME2
+uid: $USERNAME2
+uidNumber: $USERUID2
+gidNumber: 2
+homeDirectory: /home/admin
+EOF
+
+testit "add second ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb
+
+cat > $PREFIX/tmpldb <<EOF
dn: cn=$GROUPNAME,$LDAPPREFIX
objectClass: posixGroup
objectClass: groupOfNames
@@ -72,6 +91,17 @@ EOF
testit "add ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb
+cat > $PREFIX/tmpldb <<EOF
+dn: cn=$GROUPNAME2,$LDAPPREFIX
+objectClass: posixGroup
+objectClass: groupOfNames
+cn: $GROUPNAME2
+gidNumber: $GROUPGID2
+member: cn=$USERNAME,$LDAPPREFIX
+EOF
+
+testit "add second ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb
+
rm -f $PREFIX/tmpldbmodify
testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1)
@@ -95,9 +125,33 @@ echo "$DOMAIN/$GROUPNAME resolved to $group_gid"
testit "test $group_gid -eq $GROUPGID" test $group_gid -eq $GROUPGID || failed=$(expr $failed + 1)
+# Use different user and group for reverse lookup to not read from cache
+
+testit "$wbinfo --uid-to-sid=$USERUID2" $wbinfo --uid-to-sid=$USERUID2 || failed=$(expr $failed + 1)
+user_sid2=$($wbinfo --uid-to-sid=$USERUID2 | cut -d " " -f1)
+echo "UID $USERUID2 resolved to SID $user_sid2"
+
+testit "$wbinfo --sid-to-name=$user_sid2" $wbinfo --sid-to-name=$user_sid2 || failed=$(expr $failed + 1)
+user_name2=$($wbinfo --sid-to-name=$user_sid2 | cut -d " " -f1)
+echo "SID $user_sid2 resolved to $user_name2"
+
+testit "test $user_name2 = $DOMAIN/$USERNAME2" test "$(echo $user_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$USERNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1)
+
+testit "$wbinfo --gid-to-sid=$GROUPGID2" $wbinfo --gid-to-sid=$GROUPGID2 || failed=$(expr $failed + 1)
+group_sid2=$($wbinfo --gid-to-sid=$GROUPGID2 | cut -d " " -f1)
+echo "GID $GROUPGID2 resolved to SID $group_sid2"
+
+testit "$wbinfo --sid-to-name=$group_sid2" $wbinfo --sid-to-name=$group_sid2 || failed=$(expr $failed + 1)
+group_name2=$($wbinfo --sid-to-name=$group_sid2 | cut -d " " -f1)
+echo "SID $group_sid2 resolved to $group_name2"
+
+testit "test $group_name2 = $DOMAIN/$GROUPNAME2" test "$(echo $group_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$GROUPNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1)
+
# Delete LDAP records
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX"
+$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX"
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX"
+$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX"
$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX"
exit $failed
diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py
index 02721f9..1bc4a96 100644
--- a/python/samba/netcmd/fsmo.py
+++ b/python/samba/netcmd/fsmo.py
@@ -50,7 +50,6 @@ def transfer_role(outf, role, samdb):
m["becomeDomainMaster"]= ldb.MessageElement(
"1", ldb.FLAG_MOD_REPLACE,
"becomeDomainMaster")
- samdb.modify(m)
elif role == "infrastructure":
m["becomeInfrastructureMaster"]= ldb.MessageElement(
"1", ldb.FLAG_MOD_REPLACE,
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 476652e..3902a2c 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -346,7 +346,7 @@ for t in tests:
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/write-list-tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
elif t == "idmap.rfc2307":
- plantestsuite(t, "s3member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', '"Domain Users"', '2000001', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD'])
+ plantestsuite(t, "s3member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', 'Guest', '2000001', '"Domain Users"', '2000002', 'DnsAdmins', '2000003', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD'])
elif t == "raw.acls":
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple')
diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c
index db8bab6..f2fcd98 100644
--- a/source3/winbindd/idmap_rfc2307.c
+++ b/source3/winbindd/idmap_rfc2307.c
@@ -374,7 +374,7 @@ again:
break;
case ID_TYPE_GID:
fltr_grp = talloc_asprintf_append_buffer(fltr_grp,
- "(gidNumber=%d))", ids[idx]->xid.id);
+ "(gidNumber=%d)", ids[idx]->xid.id);
cnt_grp++;
break;
default:
--
Samba Shared Repository
More information about the samba-cvs
mailing list