[SCM] Samba Shared Repository - branch master updated
David Mulder
dmulder at samba.org
Tue Oct 25 15:22:01 UTC 2022
The branch, master has been updated
via 4f63c128078 gpo: Fix startup scripts to not fail w/out params
via 42069152554 gpo: Test to ensure startup scripts don't crash w/out params
from d385058ce7c CVE-2022-3592 smbd: Slightly simplify filename_convert_dirfsp()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 4f63c1280786a47185b0e1aac40ab96a2ac78ee3
Author: David Mulder <dmulder at samba.org>
Date: Mon Oct 24 16:50:37 2022 -0600
gpo: Fix startup scripts to not fail w/out params
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15212
Signed-off-by: David Mulder <dmulder at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): David Mulder <dmulder at samba.org>
Autobuild-Date(master): Tue Oct 25 15:21:08 UTC 2022 on sn-devel-184
commit 42069152554f2768e52424841e633eeeb154aed5
Author: David Mulder <dmulder at samba.org>
Date: Mon Oct 24 16:49:21 2022 -0600
gpo: Test to ensure startup scripts don't crash w/out params
Startup scripts were failing to execute when no
parameters were provided to the script.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=15212
Signed-off-by: David Mulder <dmulder at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
python/samba/gp/vgp_startup_scripts_ext.py | 12 ++++++--
python/samba/tests/gpo.py | 49 +++++++++++++++++++++++++++++-
2 files changed, 58 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/python/samba/gp/vgp_startup_scripts_ext.py b/python/samba/gp/vgp_startup_scripts_ext.py
index 71be4c0e32c..b46c641d6d3 100644
--- a/python/samba/gp/vgp_startup_scripts_ext.py
+++ b/python/samba/gp/vgp_startup_scripts_ext.py
@@ -62,7 +62,11 @@ class vgp_startup_scripts_ext(gp_xml_ext):
script_file = os.path.join(local_path,
os.path.dirname(check_safe_path(path)).upper(),
script.upper())
- parameters = listelement.find('parameters').text
+ parameters = listelement.find('parameters')
+ if parameters is not None:
+ parameters = parameters.text
+ else:
+ parameters = ''
hash = listelement.find('hash').text
attribute = '%s:%s:%s' % (script, hash, parameters)
old_val = self.gp_db.retrieve(str(self), attribute)
@@ -105,7 +109,11 @@ class vgp_startup_scripts_ext(gp_xml_ext):
script_file = os.path.join(local_path,
os.path.dirname(check_safe_path(path)).upper(),
script.upper())
- parameters = listelement.find('parameters').text
+ parameters = listelement.find('parameters')
+ if parameters is not None:
+ parameters = parameters.text
+ else:
+ parameters = ''
run_as = listelement.find('run_as')
if run_as is not None:
run_as = run_as.text
diff --git a/python/samba/tests/gpo.py b/python/samba/tests/gpo.py
index 48f794b490c..c620a1270f7 100644
--- a/python/samba/tests/gpo.py
+++ b/python/samba/tests/gpo.py
@@ -8240,7 +8240,6 @@ class GPOTests(tests.TestCase):
# Unstage the manifest.xml and script files
unstage_file(manifest)
- unstage_file(test_script)
# Stage the manifest.xml file for run once scripts
etree.SubElement(listelement, 'run_once')
@@ -8285,6 +8284,54 @@ class GPOTests(tests.TestCase):
self.assertIn(entry, list(ret.values())[0][0],
'The target entry was not listed by rsop')
+ # Unstage the manifest.xml and script files
+ unstage_file(manifest)
+
+ # Stage the manifest.xml file for a script without parameters
+ stage = etree.Element('vgppolicy')
+ policysetting = etree.SubElement(stage, 'policysetting')
+ version = etree.SubElement(policysetting, 'version')
+ version.text = '1'
+ data = etree.SubElement(policysetting, 'data')
+ listelement = etree.SubElement(data, 'listelement')
+ script = etree.SubElement(listelement, 'script')
+ script.text = os.path.basename(test_script).lower()
+ hash = etree.SubElement(listelement, 'hash')
+ hash.text = \
+ hashlib.md5(open(test_script, 'rb').read()).hexdigest().upper()
+ run_as = etree.SubElement(listelement, 'run_as')
+ run_as.text = 'root'
+ ret = stage_file(manifest, etree.tostring(stage))
+ self.assertTrue(ret, 'Could not create the target %s' % manifest)
+
+ # Process all gpos, with temp output directory
+ with TemporaryDirectory() as dname:
+ try:
+ ext.process_group_policy([], gpos, dname)
+ except Exception as e:
+ self.fail(str(e))
+ files = os.listdir(dname)
+ self.assertEquals(len(files), 1,
+ 'The target script was not created')
+ entry = '@reboot %s %s' % (run_as.text, test_script)
+ self.assertIn(entry,
+ open(os.path.join(dname, files[0]), 'r').read(),
+ 'The test entry was not found')
+
+ # Remove policy
+ gp_db = store.get_gplog(machine_creds.get_username())
+ del_gpos = get_deleted_gpos_list(gp_db, [])
+ ext.process_group_policy(del_gpos, [])
+ files = os.listdir(dname)
+ self.assertEquals(len(files), 0,
+ 'The target script was not removed')
+
+ # Test rsop
+ g = [g for g in gpos if g.name == guid][0]
+ ret = ext.rsop(g)
+ self.assertIn(entry, list(ret.values())[0][0],
+ 'The target entry was not listed by rsop')
+
# Unstage the manifest.xml and script files
unstage_file(manifest)
unstage_file(test_script)
--
Samba Shared Repository
More information about the samba-cvs
mailing list