new Kerberos tests in Samba3

Stefan (metze) Metzmacher metze at
Wed Apr 6 02:16:46 MDT 2011

Am 06.04.2011 04:40, schrieb Andrew Bartlett:
> On Wed, 2011-04-06 at 06:45 +1000, Andrew Bartlett wrote:
>> On Tue, 2011-04-05 at 16:31 +0200, Guenther Deschner wrote:
>>> Hi Andrew,
>>> On 04/04/2011 01:32 PM, Andrew Bartlett wrote:
>>>> The branch, master has been updated
>>>>         via  a3ef974 s3-rpc_server Remove comment, yes the key is correct.
>>>>         via  77e6716 s3-auth consolidate create_local_token() into make_server_info_krb5()
>>>>         via  841d0bc s3-selftest Remove more instances of /tmp in
>>>>         via  6351dee s3-selftest Add testing of kerberos login
>>>>         via  55134c9 s4-credentials Add a command line hook to set the kerberos credentials cache
>>>>         via  ffb6003 s3-selftest Disable log rotation in 'make test'
>>>>        from  513574a talloc - some documentation changes
>>> Wow, that is great stuff! Finally we have some security=ads testing on 
>>> the buildfarm! the only problem is that the ktest tests fail quite 
>>> often, I tried to nail down the problem using
>>> SMBD_OPTIONS=-d10 make test TESTS=lookupsids FAIL_IMMEDIATELY=1 VALGRIND=1
>>> but the failure seem not to happen when running under valgrind, do you 
>>> have any other idea ? If we don't catch it, we should mark the kerberos 
>>> tests knownfail for now probably.
>> Can you give me what details you have of the failure?
>> I ran it here often, and got it past autobuild, so I'll need some
>> clues.  
>> There is only one thing I came across in my testing: a failure to
>> contact a newly running server in the test environment.  This change
>> requires that it contact the server by name, not IP, and so if nmbd
>> isn't fast enough, or smbd hasn't really started in time, then we could
>> have problems.  
>> Perhaps that's the issue?  Samba4 puts some 'nmblookup' calls in the
>> server starting code to ensure things are up and going in it's selftest.
> I don't fully understand why netbios name lookups are not reliable in
> make test, but I've pushed a change to autobuild that uses the same
> 'fake dns host file' that Samba4 uses.  This should avoid the lookups
> and make this reliable.
> I've also found and fixed a bug where the previous machine trust account
> password was not honoured. 

It seems it's still flakey, see


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list