[SCM] Samba Shared Repository - branch master updated
Andreas Schneider
asn at samba.org
Wed Feb 23 11:55:01 UTC 2022
The branch, master has been updated
via a5bcbc239db autobuild: Run admem_idmap_autorid tests
via 14a98f3fa9c s3:tests: Run test_idmap_rid.sh against admem_idmap_autorid
via cc30757d439 selftest: Add ad member with idmap_autorid backend
from 5e2386336c4 s3:trusts_utils: use a password length of 120 for machine accounts
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit a5bcbc239dbf0a986f7786302d18e49e013cecbb
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 15 12:38:00 2022 +0100
autobuild: Run admem_idmap_autorid tests
They will be part of the samba-admem runners.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
Autobuild-User(master): Andreas Schneider <asn at cryptomilk.org>
Autobuild-Date(master): Wed Feb 23 11:54:01 UTC 2022 on sn-devel-184
commit 14a98f3fa9c3ce80657499ccc17a49fee6359593
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 15 12:33:33 2022 +0100
s3:tests: Run test_idmap_rid.sh against admem_idmap_autorid
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
commit cc30757d4399a1dc7d169e167a54fec3bba13566
Author: Andreas Schneider <asn at samba.org>
Date: Tue Feb 15 09:44:34 2022 +0100
selftest: Add ad member with idmap_autorid backend
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Guenther Deschner <gd at samba.org>
-----------------------------------------------------------------------
Summary of changes:
script/autobuild.py | 4 ++
selftest/target/Samba.pm | 1 +
selftest/target/Samba3.pm | 99 ++++++++++++++++++++++++++++++++++++++++++++++-
source3/selftest/tests.py | 6 +++
4 files changed, 109 insertions(+), 1 deletion(-)
Changeset truncated at 500 lines:
diff --git a/script/autobuild.py b/script/autobuild.py
index 276f15fa29c..148dbe8487b 100755
--- a/script/autobuild.py
+++ b/script/autobuild.py
@@ -308,6 +308,7 @@ tasks = {
"fl2008r2dc",
"ad_member",
"ad_member_idmap_rid",
+ "admem_idmap_autorid",
"ad_member_idmap_ad",
"ad_member_rfc2307",
"ad_member_oneway",
@@ -376,6 +377,7 @@ tasks = {
"fl2008r2dc",
"ad_member",
"ad_member_idmap_rid",
+ "admem_idmap_autorid",
"ad_member_idmap_ad",
"ad_member_rfc2307",
"ad_member_oneway",
@@ -475,6 +477,7 @@ tasks = {
("test", make_test(include_envs=[
"ad_member",
"ad_member_idmap_rid",
+ "admem_idmap_autorid",
"ad_member_idmap_ad",
"ad_member_rfc2307",
"ad_member_offlogon",
@@ -680,6 +683,7 @@ tasks = {
("test", make_test(include_envs=[
"ad_member",
"ad_member_idmap_rid",
+ "admem_idmap_autorid",
"ad_member_idmap_ad",
"ad_member_rfc2307",
"ad_member_offlogon",
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index b6e6acf290a..4245db2703a 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -620,6 +620,7 @@ sub get_interface($)
s2kmember => 59,
admemidmapnss => 60,
localadmember2 => 61,
+ admemautorid => 62,
rootdnsforwarder => 64,
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 2cc2d13d9e0..8c271d80ff0 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -247,6 +247,7 @@ sub check_env($$)
ad_member => ["ad_dc", "fl2008r2dc", "fl2003dc"],
ad_member_rfc2307 => ["ad_dc_ntvfs"],
ad_member_idmap_rid => ["ad_dc"],
+ admem_idmap_autorid => ["ad_dc"],
ad_member_idmap_ad => ["fl2008r2dc"],
ad_member_fips => ["ad_dc_fips"],
ad_member_offlogon => ["ad_dc"],
@@ -1110,6 +1111,102 @@ sub setup_ad_member_rfc2307
return $ret;
}
+sub setup_admem_idmap_autorid
+{
+ my ($self, $prefix, $dcvars) = @_;
+
+ # If we didn't build with ADS, pretend this env was never available
+ if (not $self->have_ads()) {
+ return "UNKNOWN";
+ }
+
+ print "PROVISIONING S3 AD MEMBER WITH idmap_autorid config...";
+
+ my $member_options = "
+ security = ads
+ workgroup = $dcvars->{DOMAIN}
+ realm = $dcvars->{REALM}
+ idmap config * : backend = autorid
+ idmap config * : range = 1000000-19999999
+ idmap config * : rangesize = 1000000
+
+ # Prevent overridding the provisioned lib/krb5.conf which sets certain
+ # values required for tests to succeed
+ create krb5 conf = no
+";
+
+ my $ret = $self->provision(
+ prefix => $prefix,
+ domain => $dcvars->{DOMAIN},
+ realm => $dcvars->{REALM},
+ server => "ADMEMAUTORID",
+ password => "loCalMemberPass",
+ extra_options => $member_options,
+ resolv_conf => $dcvars->{RESOLV_CONF});
+
+ $ret or return undef;
+
+ $ret->{DOMAIN} = $dcvars->{DOMAIN};
+ $ret->{REALM} = $dcvars->{REALM};
+ $ret->{DOMSID} = $dcvars->{DOMSID};
+
+ my $ctx;
+ my $prefix_abs = abs_path($prefix);
+ $ctx = {};
+ $ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
+ $ctx->{domain} = $dcvars->{DOMAIN};
+ $ctx->{realm} = $dcvars->{REALM};
+ $ctx->{dnsname} = lc($dcvars->{REALM});
+ $ctx->{kdc_ipv4} = $dcvars->{SERVER_IP};
+ $ctx->{kdc_ipv6} = $dcvars->{SERVER_IPV6};
+ $ctx->{krb5_ccname} = "$prefix_abs/krb5cc_%{uid}";
+ Samba::mk_krb5_conf($ctx, "");
+
+ $ret->{KRB5_CONFIG} = $ctx->{krb5_conf};
+
+ my $net = Samba::bindir_path($self, "net");
+ # Add hosts file for name lookups
+ my $cmd = "NSS_WRAPPER_HOSTS='$ret->{NSS_WRAPPER_HOSTS}' ";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ if (defined($ret->{RESOLV_WRAPPER_CONF})) {
+ $cmd .= "RESOLV_WRAPPER_CONF=\"$ret->{RESOLV_WRAPPER_CONF}\" ";
+ } else {
+ $cmd .= "RESOLV_WRAPPER_HOSTS=\"$ret->{RESOLV_WRAPPER_HOSTS}\" ";
+ }
+ $cmd .= "RESOLV_CONF=\"$ret->{RESOLV_CONF}\" ";
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "SELFTEST_WINBINDD_SOCKET_DIR=\"$ret->{SELFTEST_WINBINDD_SOCKET_DIR}\" ";
+ $cmd .= "$net join $ret->{CONFIGURATION}";
+ $cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+ if (system($cmd) != 0) {
+ warn("Join failed\n$cmd");
+ return undef;
+ }
+
+ # We need world access to this share, as otherwise the domain
+ # administrator from the AD domain provided by Samba4 can't
+ # access the share for tests.
+ chmod 0777, "$prefix/share";
+
+ if (not $self->check_or_start(
+ env_vars => $ret,
+ nmbd => "yes",
+ winbindd => "yes",
+ smbd => "yes")) {
+ return undef;
+ }
+
+ $ret->{DC_SERVER} = $dcvars->{SERVER};
+ $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+ $ret->{DC_SERVER_IPV6} = $dcvars->{SERVER_IPV6};
+ $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+ $ret->{DC_USERNAME} = $dcvars->{USERNAME};
+ $ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+ return $ret;
+}
+
sub setup_ad_member_idmap_rid
{
my ($self, $prefix, $dcvars) = @_;
@@ -3935,4 +4032,4 @@ sub wait_for_start_ctdb($$)
return 1;
}
-1;
+1;
\ No newline at end of file
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index 95192ae19ae..3acd5e5180a 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -878,6 +878,12 @@ for t in tests:
plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss.sh"), '$DOMAIN'])
elif t == "idmap.rid":
plantestsuite(t, "ad_member_idmap_rid", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rid.sh"), '$DOMAIN', '2000000'])
+ plantestsuite(t,
+ "admem_idmap_autorid",
+ [os.path.join(samba3srcdir,
+ "../nsswitch/tests/test_idmap_rid.sh"),
+ '$DOMAIN',
+ '2000000'])
elif t == "idmap.ad":
plantestsuite(t, "ad_member_idmap_ad", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_ad.sh"), '$DOMAIN', '$DC_SERVER', '$DC_PASSWORD', '$TRUST_DOMAIN', '$TRUST_SERVER', '$TRUST_PASSWORD'])
elif t == "raw.acls":
--
Samba Shared Repository
More information about the samba-cvs
mailing list