new Kerberos tests in Samba3
abartlet at samba.org
Tue Apr 5 20:40:59 MDT 2011
On Wed, 2011-04-06 at 06:45 +1000, Andrew Bartlett wrote:
> On Tue, 2011-04-05 at 16:31 +0200, Guenther Deschner wrote:
> > Hi Andrew,
> > On 04/04/2011 01:32 PM, Andrew Bartlett wrote:
> > > The branch, master has been updated
> > > via a3ef974 s3-rpc_server Remove comment, yes the key is correct.
> > > via 77e6716 s3-auth consolidate create_local_token() into make_server_info_krb5()
> > > via 841d0bc s3-selftest Remove more instances of /tmp in test_smbclient_s3.sh
> > > via 6351dee s3-selftest Add testing of kerberos login
> > > via 55134c9 s4-credentials Add a command line hook to set the kerberos credentials cache
> > > via ffb6003 s3-selftest Disable log rotation in 'make test'
> > > from 513574a talloc - some documentation changes
> > >
> > > http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
> > >
> > >
> > Wow, that is great stuff! Finally we have some security=ads testing on
> > the buildfarm! the only problem is that the ktest tests fail quite
> > often, I tried to nail down the problem using
> > SMBD_OPTIONS=-d10 make test TESTS=lookupsids FAIL_IMMEDIATELY=1 VALGRIND=1
> > but the failure seem not to happen when running under valgrind, do you
> > have any other idea ? If we don't catch it, we should mark the kerberos
> > tests knownfail for now probably.
> Can you give me what details you have of the failure?
> I ran it here often, and got it past autobuild, so I'll need some
> There is only one thing I came across in my testing: a failure to
> contact a newly running server in the test environment. This change
> requires that it contact the server by name, not IP, and so if nmbd
> isn't fast enough, or smbd hasn't really started in time, then we could
> have problems.
> Perhaps that's the issue? Samba4 puts some 'nmblookup' calls in the
> server starting code to ensure things are up and going in it's selftest.
I don't fully understand why netbios name lookups are not reliable in
make test, but I've pushed a change to autobuild that uses the same
'fake dns host file' that Samba4 uses. This should avoid the lookups
and make this reliable.
I've also found and fixed a bug where the previous machine trust account
password was not honoured.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba-technical