[SCM] Samba Shared Repository - branch master updated
Andrew Bartlett
abartlet at samba.org
Tue Sep 26 02:39:03 UTC 2017
The branch, master has been updated
via 3982b77 tfork: set waiter process title
via 4aa1c09 s4:smbd: set samba root process title
via 4f84b6d s4:smbd: call setproctitle_init
via 25b9e06 selftest: Use a unique hostname/IP for the no_nss testenv
via 8c56aa2 selftest: Rename ntlmauth tests to ntlmdisabled
via 1a1c4ad selftest: Add new AD DC testenv with NTLM disabled
from 82c17bc rpcclient: Fix "capabilities" command
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3982b774f4f41661e890dc2ef2d9403db33c7195
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Sep 6 15:59:55 2017 +1200
tfork: set waiter process title
Display a meaningful process title for the waiter process, now that smbd is
calling setproctitle_init() and this value will be displayed in ps
output.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Tue Sep 26 04:38:59 CEST 2017 on sn-devel-144
commit 4aa1c09dbcbb58c089d93ba436183785371519f3
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Wed Sep 6 16:04:50 2017 +1200
s4:smbd: set samba root process title
Set the process title in the samba root process to clearly identify it
in ps output.
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Ralph Boehme <slow at samba.org>
commit 4f84b6dfa87964d8b99a45021fa51835c962876c
Author: Gary Lockyer <gary at catalyst.net.nz>
Date: Thu Sep 14 09:36:21 2017 +1200
s4:smbd: call setproctitle_init
Call setproctitle_init() in main which suppresses the
"samba: setproctitle not initialized, please either call
setproctitle_init() or link against libbsd-ctor."
messages, but more importantly it displays meaningful details in ps
output.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=9816
Signed-off-by: Gary Lockyer <gary at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
commit 25b9e06f4a66a5269221fa7477eda0eab8344c79
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Tue Aug 1 17:18:45 2017 +1200
selftest: Use a unique hostname/IP for the no_nss testenv
The ad_dc_no_nss was re-using the ad_dc testenv but changing an
environment variable to disable the NSS wrapper module.
Presumably this would setup a second AD DC server with the same
hostname/IP as another DC (but with NSS disabled). This doesn't seem
like a good thing to be doing in the selftests. This patch changes
it so that the no_nss testenv uses a unique IP/hostname.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
commit 8c56aa2c91c7946ef17b1eba6ed70ba9b5d0c16c
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Wed Jul 5 14:32:54 2017 +1200
selftest: Rename ntlmauth tests to ntlmdisabled
There are already some existing ntlm_auth tests, so the new tests I've
added make things a bit confusing. Also, ntlmdisabled probably better
reflects the specific case we're trying to test.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
commit 1a1c4ad71c268b143f59b7995099c63adf4ceda7
Author: Tim Beale <timbeale at catalyst.net.nz>
Date: Wed Jul 5 14:03:17 2017 +1200
selftest: Add new AD DC testenv with NTLM disabled
This is so that we test the source4 case as well. Currently the only
testenv with NTLM disabled is ktest, and that only exercises the source3
code.
I've tried to support the new test environment with minimal changes to the
Samba4.pm setup code.
Signed-off-by: Tim Beale <timbeale at catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall at catalyst.net.nz>
-----------------------------------------------------------------------
Summary of changes:
lib/replace/replace.c | 5 ++
lib/replace/replace.h | 4 ++
lib/replace/wscript | 2 +
lib/util/tfork.c | 1 +
.../samba/tests/{ntlmauth.py => ntlmdisabled.py} | 12 ++--
selftest/knownfail | 6 +-
selftest/target/Samba.pm | 2 +
selftest/target/Samba4.pm | 83 ++++++++++++++++++----
source4/selftest/tests.py | 6 +-
source4/smbd/server.c | 4 ++
10 files changed, 102 insertions(+), 23 deletions(-)
rename python/samba/tests/{ntlmauth.py => ntlmdisabled.py} (90%)
Changeset truncated at 500 lines:
diff --git a/lib/replace/replace.c b/lib/replace/replace.c
index 9351b6c..dc81e9c 100644
--- a/lib/replace/replace.c
+++ b/lib/replace/replace.c
@@ -942,3 +942,8 @@ void rep_setproctitle(const char *fmt, ...)
{
}
#endif
+#ifndef HAVE_SETPROCTITLE_INIT
+void rep_setproctitle_init(int argc, char *argv[], char *envp[])
+{
+}
+#endif
diff --git a/lib/replace/replace.h b/lib/replace/replace.h
index a41e9f8..128978c 100644
--- a/lib/replace/replace.h
+++ b/lib/replace/replace.h
@@ -918,6 +918,10 @@ int usleep(useconds_t);
void rep_setproctitle(const char *fmt, ...) PRINTF_ATTRIBUTE(1, 2);
#endif
+#ifndef HAVE_SETPROCTITLE_INIT
+#define setproctitle_init rep_setproctitle_init
+void rep_setproctitle_init(int argc, char *argv[], char *envp[]);
+#endif
bool nss_wrapper_enabled(void);
bool nss_wrapper_hosts_enabled(void);
bool socket_wrapper_enabled(void);
diff --git a/lib/replace/wscript b/lib/replace/wscript
index 6972f2d..9526632 100644
--- a/lib/replace/wscript
+++ b/lib/replace/wscript
@@ -271,6 +271,8 @@ def configure(conf):
conf.CHECK_FUNCS_IN('getpeereid', 'bsd', headers='sys/types.h bsd/unistd.h')
if not conf.CHECK_FUNCS_IN('setproctitle', 'setproctitle', headers='setproctitle.h'):
conf.CHECK_FUNCS_IN('setproctitle', 'bsd', headers='sys/types.h bsd/unistd.h')
+ if not conf.CHECK_FUNCS('setproctitle_init'):
+ conf.CHECK_FUNCS_IN('setproctitle_init', 'bsd', headers='sys/types.h bsd/unistd.h')
if not conf.CHECK_FUNCS('closefrom'):
conf.CHECK_FUNCS_IN('closefrom', 'bsd', headers='bsd/unistd.h')
diff --git a/lib/util/tfork.c b/lib/util/tfork.c
index ca4ab50..8ed5811 100644
--- a/lib/util/tfork.c
+++ b/lib/util/tfork.c
@@ -537,6 +537,7 @@ static pid_t tfork_start_waiter_and_worker(struct tfork_state *state,
/*
* The "waiter" child.
*/
+ setproctitle("tfork waiter process");
CatchSignal(SIGCHLD, SIG_DFL);
close(status_sp_caller_fd);
diff --git a/python/samba/tests/ntlmauth.py b/python/samba/tests/ntlmdisabled.py
similarity index 90%
rename from python/samba/tests/ntlmauth.py
rename to python/samba/tests/ntlmdisabled.py
index a232bf2..90341a5 100644
--- a/python/samba/tests/ntlmauth.py
+++ b/python/samba/tests/ntlmdisabled.py
@@ -1,4 +1,4 @@
-# Tests to check basic NTLM authentication
+# Tests basic behaviour when NTLM is disabled
#
# Copyright (C) Catalyst IT Ltd. 2017
#
@@ -28,13 +28,13 @@ from samba import credentials
from samba.dcerpc import srvsvc, samr, lsa
"""
-Tests basic NTLM authentication
+Tests behaviour when NTLM is disabled
"""
-class NtlmAuthTests(TestCase):
+class NtlmDisabledTests(TestCase):
def setUp(self):
- super(NtlmAuthTests, self).setUp()
+ super(NtlmDisabledTests, self).setUp()
self.lp = self.get_loadparm()
self.server = os.getenv("SERVER")
@@ -47,7 +47,7 @@ class NtlmAuthTests(TestCase):
self.creds.set_kerberos_state(DONT_USE_KERBEROS)
def tearDown(self):
- super(NtlmAuthTests, self).tearDown()
+ super(NtlmDisabledTests, self).tearDown()
def test_ntlm_connection(self):
try:
@@ -76,7 +76,7 @@ class NtlmAuthTests(TestCase):
try:
conn.ChangePasswordUser2(server, username, None, None, True, None, None)
except NTSTATUSError as e:
- # changing passwords is rejected when NTLM is disabled
+ # changing passwords should be rejected when NTLM is disabled
enum = ctypes.c_uint32(e[0]).value
if enum == ntstatus.NT_STATUS_NTLM_BLOCKED:
self.fail("NTLM is disabled on this server")
diff --git a/selftest/knownfail b/selftest/knownfail
index 953b181..15e6b1d 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -333,6 +333,8 @@
^samba.tests.netlogonsvc.python\(simpleserver\)
^samba.tests.netlogonsvc.python\(fileserver\)
# NTLM authentication is (intentionally) disabled in ktest
-^samba.tests.ntlmauth.python\(ktest\).ntlmauth.NtlmAuthTests.test_ntlm_connection\(ktest\)
+^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ktest\)
+^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ad_dc_no_ntlm\)
# Disabling NTLM means you can't use samr to change the password
-^samba.tests.ntlmauth.python\(ktest\).ntlmauth.NtlmAuthTests.test_samr_change_password\(ktest\)
+^samba.tests.ntlmdisabled.python\(ktest\).ntlmdisabled.NtlmDisabledTests.test_samr_change_password\(ktest\)
+^samba.tests.ntlmdisabled.python\(ad_dc_no_ntlm\).ntlmdisabled.NtlmDisabledTests.test_ntlm_connection\(ad_dc_no_ntlm\)
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index 5968772..ba0cc7d 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -346,6 +346,8 @@ sub get_interface($)
# 11-16 used by selftest.pl for client interfaces
+ $interfaces{"addc_no_nss"} = 17;
+ $interfaces{"addc_no_ntlm"} = 18;
$interfaces{"idmapadmember"} = 19;
$interfaces{"idmapridmember"} = 20;
$interfaces{"localdc"} = 21;
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 7930a4e..ea23c66 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1757,9 +1757,9 @@ sub read_config_h($)
return \%ret;
}
-sub provision_ad_dc($$)
+sub provision_ad_dc($$$$$$)
{
- my ($self, $prefix) = @_;
+ my ($self, $prefix, $hostname, $domain, $realm, $smbconf_args) = @_;
my $prefix_abs = abs_path($prefix);
@@ -1823,6 +1823,7 @@ sub provision_ad_dc($$)
print notify backchannel = yes
auth event notification = true
+ $smbconf_args
";
my $extra_smbconf_shares = "
@@ -1867,9 +1868,9 @@ sub provision_ad_dc($$)
print "PROVISIONING AD DC...\n";
my $ret = $self->provision($prefix,
"domain controller",
- "addc",
- "ADDOMAIN",
- "addom.samba.example.com",
+ $hostname,
+ $domain,
+ $realm,
"2008",
"locDCpass1",
undef,
@@ -2126,7 +2127,9 @@ sub setup_env($$$)
} elsif ($envname eq "ad_dc") {
return $self->setup_ad_dc("$path/ad_dc");
} elsif ($envname eq "ad_dc_no_nss") {
- return $self->setup_ad_dc("$path/ad_dc_no_nss", "no_nss");
+ return $self->setup_ad_dc_no_nss("$path/ad_dc_no_nss");
+ } elsif ($envname eq "ad_dc_no_ntlm") {
+ return $self->setup_ad_dc_no_ntlm("$path/ad_dc_no_ntlm");
} elsif ($envname eq "ad_member_rfc2307") {
if (not defined($self->{vars}->{ad_dc_ntvfs})) {
$self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
@@ -2499,21 +2502,77 @@ sub setup_rodc($$$)
sub setup_ad_dc($$)
{
- my ($self, $path, $no_nss) = @_;
+ my ($self, $path) = @_;
+
+ # If we didn't build with ADS, pretend this env was never available
+ if (not $self->{target3}->have_ads()) {
+ return "UNKNOWN";
+ }
+
+ my $env = $self->provision_ad_dc($path, "addc", "ADDOMAIN",
+ "addom.samba.example.com", "");
+ unless ($env) {
+ return undef;
+ }
+
+ if (not defined($self->check_or_start($env, "single"))) {
+ return undef;
+ }
+
+ my $upn_array = ["$env->{REALM}.upn"];
+ my $spn_array = ["$env->{REALM}.spn"];
+
+ $self->setup_namespaces($env, $upn_array, $spn_array);
+
+ $self->{vars}->{ad_dc} = $env;
+ return $env;
+}
+
+sub setup_ad_dc_no_nss($$)
+{
+ my ($self, $path) = @_;
# If we didn't build with ADS, pretend this env was never available
if (not $self->{target3}->have_ads()) {
return "UNKNOWN";
}
- my $env = $self->provision_ad_dc($path);
+ my $env = $self->provision_ad_dc($path, "addc_no_nss", "ADNONSSDOMAIN",
+ "adnonssdom.samba.example.com", "");
unless ($env) {
return undef;
}
- if (defined($no_nss) and $no_nss) {
- $env->{NSS_WRAPPER_MODULE_SO_PATH} = undef;
- $env->{NSS_WRAPPER_MODULE_FN_PREFIX} = undef;
+ $env->{NSS_WRAPPER_MODULE_SO_PATH} = undef;
+ $env->{NSS_WRAPPER_MODULE_FN_PREFIX} = undef;
+
+ if (not defined($self->check_or_start($env, "single"))) {
+ return undef;
+ }
+
+ my $upn_array = ["$env->{REALM}.upn"];
+ my $spn_array = ["$env->{REALM}.spn"];
+
+ $self->setup_namespaces($env, $upn_array, $spn_array);
+
+ $self->{vars}->{ad_dc_no_nss} = $env;
+ return $env;
+}
+
+sub setup_ad_dc_no_ntlm($$)
+{
+ my ($self, $path) = @_;
+
+ # If we didn't build with ADS, pretend this env was never available
+ if (not $self->{target3}->have_ads()) {
+ return "UNKNOWN";
+ }
+
+ my $env = $self->provision_ad_dc($path, "addc_no_ntlm", "ADNONTLMDOMAIN",
+ "adnontlmdom.samba.example.com",
+ "ntlm auth = disabled");
+ unless ($env) {
+ return undef;
}
if (not defined($self->check_or_start($env, "single"))) {
@@ -2525,7 +2584,7 @@ sub setup_ad_dc($$)
$self->setup_namespaces($env, $upn_array, $spn_array);
- $self->{vars}->{ad_dc} = $env;
+ $self->{vars}->{ad_dc_no_ntlm} = $env;
return $env;
}
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index f8d2229..cdc62cd 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -964,10 +964,10 @@ for env in [ "simpleserver", "fileserver", "nt4_dc", "ad_dc", "ad_dc_ntvfs", "ad
extra_path=[os.path.join(srcdir(), 'python/samba/tests')],
name="samba.tests.netlogonsvc.python(%s)" % env)
-for env in [ "ktest", "ad_member"]:
- planoldpythontestsuite(env, "ntlmauth",
+for env in [ "ktest", "ad_member", "ad_dc_no_ntlm" ]:
+ planoldpythontestsuite(env, "ntlmdisabled",
extra_path=[os.path.join(srcdir(), 'python/samba/tests')],
- name="samba.tests.ntlmauth.python(%s)" % env)
+ name="samba.tests.ntlmdisabled.python(%s)" % env)
# Demote the vampire DC, it must be the last test each DC, before the dbcheck
for env in ['vampire_dc', 'promoted_dc', 'rodc']:
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index ba520e0..249391c 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -382,6 +382,8 @@ static int binary_smbd_main(const char *binary_name,
struct server_state *state = NULL;
struct tevent_signal *se = NULL;
+ setproctitle("root process");
+
pc = poptGetContext(binary_name, argc, argv, long_options, 0);
while((opt = poptGetNextOpt(pc)) != -1) {
switch(opt) {
@@ -631,5 +633,7 @@ static int binary_smbd_main(const char *binary_name,
int main(int argc, const char *argv[])
{
+ setproctitle_init(argc, discard_const(argv), environ);
+
return binary_smbd_main("samba", argc, argv);
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list