[PATCHES] re-add and re-enable nss testsuite
Michael Adam
obnox at samba.org
Mon Feb 16 02:55:05 MST 2015
Hi,
attached find a patcheset that re-adds and re-enables
our original nss testsuite. This activates some
amount of integration testing with nss-winbindd again.
This uncovered one extreme strangeness with our testenv:
If run directly, all tests pass against the s3member:local
environment, but some tests fail if one runs the
unix.whoami test against the s3member and the member
environment. A single one of these does not suffice.
I.e. the command line to break the test is this:
make test TESTS="unix.whoami.s3member unix.whoami.member local.nss.s3member"
I have tried to narrow it down, but I am running out of time.
Since the addition is useful anyways, I'd like to add it
to master now and record the test strangeness...
Review/push appreciated.
Michael
-------------- next part --------------
From 1f6d41917f4b6f49a199de9f0ebe51a2bb11cec2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd at samba.org>
Date: Mon, 2 Feb 2015 14:50:30 +0100
Subject: [PATCH 1/3] s4-torture: re-add nss-wrapper torture testsuite.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
(The testsuite got removed with 5bb410f85312196bb24e62a6a0b8350576433dc6).
Although nss_wrapper now also has an upstream testsuite, it is still important
to run the older torture testsuite within Samba so we have some testing on
nss_winbind correctnes and consistency.
Guenther
Signed-off-by: G?nther Deschner <gd at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
Reviewed-by: Andreas Schneider <asn at samba.org>
---
source4/torture/local/local.c | 1 +
source4/torture/local/nss_tests.c | 954 ++++++++++++++++++++++++++++++++++++
source4/torture/local/wscript_build | 3 +-
3 files changed, 957 insertions(+), 1 deletion(-)
create mode 100644 source4/torture/local/nss_tests.c
diff --git a/source4/torture/local/local.c b/source4/torture/local/local.c
index f69c95e..77ff908 100644
--- a/source4/torture/local/local.c
+++ b/source4/torture/local/local.c
@@ -69,6 +69,7 @@
torture_dsdb_syntax,
torture_registry,
torture_local_verif_trailer,
+ torture_local_nss_wrapper,
NULL
};
diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
new file mode 100644
index 0000000..0cd3265
--- /dev/null
+++ b/source4/torture/local/nss_tests.c
@@ -0,0 +1,954 @@
+/*
+ Unix SMB/CIFS implementation.
+
+ local testing of the nss wrapper
+
+ Copyright (C) Guenther Deschner 2009-2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+
+#include "torture/torture.h"
+#include "torture/local/proto.h"
+#include "lib/replace/system/passwd.h"
+
+static bool copy_passwd(struct torture_context *tctx,
+ const struct passwd *pwd,
+ struct passwd *p)
+{
+ p->pw_name = talloc_strdup(tctx, pwd->pw_name);
+ p->pw_passwd = talloc_strdup(tctx, pwd->pw_passwd);
+ p->pw_uid = pwd->pw_uid;
+ p->pw_gid = pwd->pw_gid;
+ p->pw_gecos = talloc_strdup(tctx, pwd->pw_gecos);
+ p->pw_dir = talloc_strdup(tctx, pwd->pw_dir);
+ p->pw_shell = talloc_strdup(tctx, pwd->pw_shell);
+
+ return true;
+}
+
+static void print_passwd(struct passwd *pwd)
+{
+ printf("%s:%s:%lu:%lu:%s:%s:%s\n",
+ pwd->pw_name,
+ pwd->pw_passwd,
+ (unsigned long)pwd->pw_uid,
+ (unsigned long)pwd->pw_gid,
+ pwd->pw_gecos,
+ pwd->pw_dir,
+ pwd->pw_shell);
+}
+
+
+static bool test_nwrap_getpwnam(struct torture_context *tctx,
+ const char *name,
+ struct passwd *pwd_p)
+{
+ struct passwd *pwd;
+
+ torture_comment(tctx, "Testing getpwnam: %s\n", name);
+
+ pwd = getpwnam(name);
+ if (pwd) {
+ print_passwd(pwd);
+ }
+
+ if (pwd_p) {
+ copy_passwd(tctx, pwd, pwd_p);
+ }
+
+ return pwd ? true : false;
+}
+
+static bool test_nwrap_getpwnam_r(struct torture_context *tctx,
+ const char *name,
+ struct passwd *pwd_p)
+{
+ struct passwd pwd, *pwdp;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing getpwnam_r: %s\n", name);
+
+ ret = getpwnam_r(name, &pwd, buffer, sizeof(buffer), &pwdp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ return false;
+ }
+
+ print_passwd(&pwd);
+
+ if (pwd_p) {
+ copy_passwd(tctx, &pwd, pwd_p);
+ }
+
+ return true;
+}
+
+static bool test_nwrap_getpwuid(struct torture_context *tctx,
+ uid_t uid,
+ struct passwd *pwd_p)
+{
+ struct passwd *pwd;
+
+ torture_comment(tctx, "Testing getpwuid: %lu\n", (unsigned long)uid);
+
+ pwd = getpwuid(uid);
+ if (pwd) {
+ print_passwd(pwd);
+ }
+
+ if (pwd_p) {
+ copy_passwd(tctx, pwd, pwd_p);
+ }
+
+ return pwd ? true : false;
+}
+
+static bool test_nwrap_getpwuid_r(struct torture_context *tctx,
+ uid_t uid,
+ struct passwd *pwd_p)
+{
+ struct passwd pwd, *pwdp;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing getpwuid_r: %lu\n", (unsigned long)uid);
+
+ ret = getpwuid_r(uid, &pwd, buffer, sizeof(buffer), &pwdp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ return false;
+ }
+
+ print_passwd(&pwd);
+
+ if (pwd_p) {
+ copy_passwd(tctx, &pwd, pwd_p);
+ }
+
+ return true;
+}
+
+
+static bool copy_group(struct torture_context *tctx,
+ const struct group *grp,
+ struct group *g)
+{
+ int i;
+
+ g->gr_name = talloc_strdup(tctx, grp->gr_name);
+ g->gr_passwd = talloc_strdup(tctx, grp->gr_passwd);
+ g->gr_gid = grp->gr_gid;
+ g->gr_mem = NULL;
+
+ for (i=0; grp->gr_mem && grp->gr_mem[i]; i++) {
+ g->gr_mem = talloc_realloc(tctx, g->gr_mem, char *, i + 2);
+ g->gr_mem[i] = talloc_strdup(g->gr_mem, grp->gr_mem[i]);
+ g->gr_mem[i+1] = NULL;
+ }
+
+ return true;
+}
+
+static void print_group(struct group *grp)
+{
+ int i;
+ printf("%s:%s:%lu:",
+ grp->gr_name,
+ grp->gr_passwd,
+ (unsigned long)grp->gr_gid);
+
+ if ((grp->gr_mem == NULL) || !grp->gr_mem[0]) {
+ printf("\n");
+ return;
+ }
+
+ for (i=0; grp->gr_mem[i+1]; i++) {
+ printf("%s,", grp->gr_mem[i]);
+ }
+ printf("%s\n", grp->gr_mem[i]);
+}
+
+static bool test_nwrap_getgrnam(struct torture_context *tctx,
+ const char *name,
+ struct group *grp_p)
+{
+ struct group *grp;
+
+ torture_comment(tctx, "Testing getgrnam: %s\n", name);
+
+ grp = getgrnam(name);
+ if (grp) {
+ print_group(grp);
+ }
+
+ if (grp_p) {
+ copy_group(tctx, grp, grp_p);
+ }
+
+ return grp ? true : false;
+}
+
+static bool test_nwrap_getgrnam_r(struct torture_context *tctx,
+ const char *name,
+ struct group *grp_p)
+{
+ struct group grp, *grpp;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing getgrnam_r: %s\n", name);
+
+ ret = getgrnam_r(name, &grp, buffer, sizeof(buffer), &grpp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ return false;
+ }
+
+ print_group(&grp);
+
+ if (grp_p) {
+ copy_group(tctx, &grp, grp_p);
+ }
+
+ return true;
+}
+
+
+static bool test_nwrap_getgrgid(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
+{
+ struct group *grp;
+
+ torture_comment(tctx, "Testing getgrgid: %lu\n", (unsigned long)gid);
+
+ grp = getgrgid(gid);
+ if (grp) {
+ print_group(grp);
+ }
+
+ if (grp_p) {
+ copy_group(tctx, grp, grp_p);
+ }
+
+ return grp ? true : false;
+}
+
+static bool test_nwrap_getgrgid_r(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
+{
+ struct group grp, *grpp;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing getgrgid_r: %lu\n", (unsigned long)gid);
+
+ ret = getgrgid_r(gid, &grp, buffer, sizeof(buffer), &grpp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ return false;
+ }
+
+ print_group(&grp);
+
+ if (grp_p) {
+ copy_group(tctx, &grp, grp_p);
+ }
+
+ return true;
+}
+
+static bool test_nwrap_enum_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
+{
+ struct passwd *pwd;
+ struct passwd *pwd_array = NULL;
+ size_t num_pwd = 0;
+
+ torture_comment(tctx, "Testing setpwent\n");
+ setpwent();
+
+ while ((pwd = getpwent()) != NULL) {
+ torture_comment(tctx, "Testing getpwent\n");
+
+ print_passwd(pwd);
+ if (pwd_array_p && num_pwd_p) {
+ pwd_array = talloc_realloc(tctx, pwd_array, struct passwd, num_pwd+1);
+ torture_assert(tctx, pwd_array, "out of memory");
+ copy_passwd(tctx, pwd, &pwd_array[num_pwd]);
+ num_pwd++;
+ }
+ }
+
+ torture_comment(tctx, "Testing endpwent\n");
+ endpwent();
+
+ if (pwd_array_p) {
+ *pwd_array_p = pwd_array;
+ }
+ if (num_pwd_p) {
+ *num_pwd_p = num_pwd;
+ }
+
+ return true;
+}
+
+static bool test_nwrap_enum_r_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
+{
+ struct passwd pwd, *pwdp;
+ struct passwd *pwd_array = NULL;
+ size_t num_pwd = 0;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing setpwent\n");
+ setpwent();
+
+ while (1) {
+ torture_comment(tctx, "Testing getpwent_r\n");
+
+ ret = getpwent_r(&pwd, buffer, sizeof(buffer), &pwdp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ break;
+ }
+ print_passwd(&pwd);
+ if (pwd_array_p && num_pwd_p) {
+ pwd_array = talloc_realloc(tctx, pwd_array, struct passwd, num_pwd+1);
+ torture_assert(tctx, pwd_array, "out of memory");
+ copy_passwd(tctx, &pwd, &pwd_array[num_pwd]);
+ num_pwd++;
+ }
+ }
+
+ torture_comment(tctx, "Testing endpwent\n");
+ endpwent();
+
+ if (pwd_array_p) {
+ *pwd_array_p = pwd_array;
+ }
+ if (num_pwd_p) {
+ *num_pwd_p = num_pwd;
+ }
+
+ return true;
+}
+
+static bool torture_assert_passwd_equal(struct torture_context *tctx,
+ const struct passwd *p1,
+ const struct passwd *p2,
+ const char *comment)
+{
+ torture_assert_str_equal(tctx, p1->pw_name, p2->pw_name, comment);
+ torture_assert_str_equal(tctx, p1->pw_passwd, p2->pw_passwd, comment);
+ torture_assert_int_equal(tctx, p1->pw_uid, p2->pw_uid, comment);
+ torture_assert_int_equal(tctx, p1->pw_gid, p2->pw_gid, comment);
+ torture_assert_str_equal(tctx, p1->pw_gecos, p2->pw_gecos, comment);
+ torture_assert_str_equal(tctx, p1->pw_dir, p2->pw_dir, comment);
+ torture_assert_str_equal(tctx, p1->pw_shell, p2->pw_shell, comment);
+
+ return true;
+}
+
+static bool test_nwrap_passwd(struct torture_context *tctx)
+{
+ int i;
+ struct passwd *pwd, pwd1, pwd2;
+ size_t num_pwd;
+
+ torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+ torture_assert(tctx, test_nwrap_getpwnam(tctx, pwd[i].pw_name, &pwd1),
+ "failed to call getpwnam for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
+ "getpwent and getpwnam gave different results");
+ torture_assert(tctx, test_nwrap_getpwuid(tctx, pwd[i].pw_uid, &pwd2),
+ "failed to call getpwuid for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
+ "getpwent and getpwuid gave different results");
+ torture_assert_passwd_equal(tctx, &pwd1, &pwd2,
+ "getpwnam and getpwuid gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_passwd_r(struct torture_context *tctx)
+{
+ int i;
+ struct passwd *pwd, pwd1, pwd2;
+ size_t num_pwd;
+
+ torture_assert(tctx, test_nwrap_enum_r_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+ torture_assert(tctx, test_nwrap_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
+ "failed to call getpwnam_r for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
+ "getpwent_r and getpwnam_r gave different results");
+ torture_assert(tctx, test_nwrap_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
+ "failed to call getpwuid_r for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
+ "getpwent_r and getpwuid_r gave different results");
+ torture_assert_passwd_equal(tctx, &pwd1, &pwd2,
+ "getpwnam_r and getpwuid_r gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_passwd_r_cross(struct torture_context *tctx)
+{
+ int i;
+ struct passwd *pwd, pwd1, pwd2, pwd3, pwd4;
+ size_t num_pwd;
+
+ torture_assert(tctx, test_nwrap_enum_r_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+ torture_assert(tctx, test_nwrap_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
+ "failed to call getpwnam_r for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
+ "getpwent_r and getpwnam_r gave different results");
+ torture_assert(tctx, test_nwrap_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
+ "failed to call getpwuid_r for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
+ "getpwent_r and getpwuid_r gave different results");
+ torture_assert_passwd_equal(tctx, &pwd1, &pwd2,
+ "getpwnam_r and getpwuid_r gave different results");
+ torture_assert(tctx, test_nwrap_getpwnam(tctx, pwd[i].pw_name, &pwd3),
+ "failed to call getpwnam for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd3,
+ "getpwent_r and getpwnam gave different results");
+ torture_assert(tctx, test_nwrap_getpwuid(tctx, pwd[i].pw_uid, &pwd4),
+ "failed to call getpwuid for enumerated user");
+ torture_assert_passwd_equal(tctx, &pwd[i], &pwd4,
+ "getpwent_r and getpwuid gave different results");
+ torture_assert_passwd_equal(tctx, &pwd3, &pwd4,
+ "getpwnam and getpwuid gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_enum_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
+{
+ struct group *grp;
+ struct group *grp_array = NULL;
+ size_t num_grp = 0;
+
+ torture_comment(tctx, "Testing setgrent\n");
+ setgrent();
+
+ while ((grp = getgrent()) != NULL) {
+ torture_comment(tctx, "Testing getgrent\n");
+
+ print_group(grp);
+ if (grp_array_p && num_grp_p) {
+ grp_array = talloc_realloc(tctx, grp_array, struct group, num_grp+1);
+ torture_assert(tctx, grp_array, "out of memory");
+ copy_group(tctx, grp, &grp_array[num_grp]);
+ num_grp++;
+ }
+ }
+
+ torture_comment(tctx, "Testing endgrent\n");
+ endgrent();
+
+ if (grp_array_p) {
+ *grp_array_p = grp_array;
+ }
+ if (num_grp_p) {
+ *num_grp_p = num_grp;
+ }
+
+ return true;
+}
+
+static bool test_nwrap_enum_r_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
+{
+ struct group grp, *grpp;
+ struct group *grp_array = NULL;
+ size_t num_grp = 0;
+ char buffer[4096];
+ int ret;
+
+ torture_comment(tctx, "Testing setgrent\n");
+ setgrent();
+
+ while (1) {
+ torture_comment(tctx, "Testing getgrent_r\n");
+
+ ret = getgrent_r(&grp, buffer, sizeof(buffer), &grpp);
+ if (ret != 0) {
+ if (ret != ENOENT) {
+ torture_comment(tctx, "got %d return code\n", ret);
+ }
+ break;
+ }
+ print_group(&grp);
+ if (grp_array_p && num_grp_p) {
+ grp_array = talloc_realloc(tctx, grp_array, struct group, num_grp+1);
+ torture_assert(tctx, grp_array, "out of memory");
+ copy_group(tctx, &grp, &grp_array[num_grp]);
+ num_grp++;
+ }
+ }
+
+ torture_comment(tctx, "Testing endgrent\n");
+ endgrent();
+
+ if (grp_array_p) {
+ *grp_array_p = grp_array;
+ }
+ if (num_grp_p) {
+ *num_grp_p = num_grp;
+ }
+
+ return true;
+}
+
+static bool torture_assert_group_equal(struct torture_context *tctx,
+ const struct group *g1,
+ const struct group *g2,
+ const char *comment)
+{
+ int i;
+ torture_assert_str_equal(tctx, g1->gr_name, g2->gr_name, comment);
+ torture_assert_str_equal(tctx, g1->gr_passwd, g2->gr_passwd, comment);
+ torture_assert_int_equal(tctx, g1->gr_gid, g2->gr_gid, comment);
+ if (g1->gr_mem && !g2->gr_mem) {
+ return false;
+ }
+ if (!g1->gr_mem && g2->gr_mem) {
+ return false;
+ }
+ if (!g1->gr_mem && !g2->gr_mem) {
+ return true;
+ }
+ for (i=0; g1->gr_mem[i] && g2->gr_mem[i]; i++) {
+ torture_assert_str_equal(tctx, g1->gr_mem[i], g2->gr_mem[i], comment);
+ }
+
+ return true;
+}
+
+static bool test_nwrap_group(struct torture_context *tctx)
+{
+ int i;
+ struct group *grp, grp1, grp2;
+ size_t num_grp;
+
+ torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+ torture_assert(tctx, test_nwrap_getgrnam(tctx, grp[i].gr_name, &grp1),
+ "failed to call getgrnam for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp1,
+ "getgrent and getgrnam gave different results");
+ torture_assert(tctx, test_nwrap_getgrgid(tctx, grp[i].gr_gid, &grp2),
+ "failed to call getgrgid for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp2,
+ "getgrent and getgrgid gave different results");
+ torture_assert_group_equal(tctx, &grp1, &grp2,
+ "getgrnam and getgrgid gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_group_r(struct torture_context *tctx)
+{
+ int i;
+ struct group *grp, grp1, grp2;
+ size_t num_grp;
+
+ torture_assert(tctx, test_nwrap_enum_r_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+ torture_assert(tctx, test_nwrap_getgrnam_r(tctx, grp[i].gr_name, &grp1),
+ "failed to call getgrnam_r for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp1,
+ "getgrent_r and getgrnam_r gave different results");
+ torture_assert(tctx, test_nwrap_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
+ "failed to call getgrgid_r for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp2,
+ "getgrent_r and getgrgid_r gave different results");
+ torture_assert_group_equal(tctx, &grp1, &grp2,
+ "getgrnam_r and getgrgid_r gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_group_r_cross(struct torture_context *tctx)
+{
+ int i;
+ struct group *grp, grp1, grp2, grp3, grp4;
+ size_t num_grp;
+
+ torture_assert(tctx, test_nwrap_enum_r_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+ torture_assert(tctx, test_nwrap_getgrnam_r(tctx, grp[i].gr_name, &grp1),
+ "failed to call getgrnam_r for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp1,
+ "getgrent_r and getgrnam_r gave different results");
+ torture_assert(tctx, test_nwrap_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
+ "failed to call getgrgid_r for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp2,
+ "getgrent_r and getgrgid_r gave different results");
+ torture_assert_group_equal(tctx, &grp1, &grp2,
+ "getgrnam_r and getgrgid_r gave different results");
+ torture_assert(tctx, test_nwrap_getgrnam(tctx, grp[i].gr_name, &grp3),
+ "failed to call getgrnam for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp3,
+ "getgrent_r and getgrnam gave different results");
+ torture_assert(tctx, test_nwrap_getgrgid(tctx, grp[i].gr_gid, &grp4),
+ "failed to call getgrgid for enumerated user");
+ torture_assert_group_equal(tctx, &grp[i], &grp4,
+ "getgrent_r and getgrgid gave different results");
+ torture_assert_group_equal(tctx, &grp3, &grp4,
+ "getgrnam and getgrgid gave different results");
+ }
+
+ return true;
+}
+
+static bool test_nwrap_getgrouplist(struct torture_context *tctx,
+ const char *user,
+ gid_t gid,
+ gid_t **gids_p,
+ int *num_gids_p)
+{
+ int ret;
+ int num_groups = 0;
+ gid_t *groups = NULL;
+
+ torture_comment(tctx, "Testing getgrouplist: %s\n", user);
+
+ ret = getgrouplist(user, gid, NULL, &num_groups);
+ if (ret == -1 || num_groups != 0) {
+
+ groups = talloc_array(tctx, gid_t, num_groups);
+ torture_assert(tctx, groups, "out of memory\n");
+
+ ret = getgrouplist(user, gid, groups, &num_groups);
+ }
+
+ torture_assert(tctx, (ret != -1), "failed to call getgrouplist");
+
+ torture_comment(tctx, "%s is member in %d groups\n", user, num_groups);
+
+ if (gids_p) {
+ *gids_p = groups;
+ }
+ if (num_gids_p) {
+ *num_gids_p = num_groups;
+ }
+
+ return true;
+}
+
+static bool test_nwrap_user_in_group(struct torture_context *tctx,
+ const struct passwd *pwd,
+ const struct group *grp)
+{
+ int i;
+
+ for (i=0; grp->gr_mem && grp->gr_mem[i] != NULL; i++) {
+ if (strequal(grp->gr_mem[i], pwd->pw_name)) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+static bool test_nwrap_membership_user(struct torture_context *tctx,
+ const struct passwd *pwd,
+ struct group *grp_array,
+ size_t num_grp)
+{
+ int num_user_groups = 0;
+ int num_user_groups_from_enum = 0;
+ gid_t *user_groups = NULL;
+ int g, i;
+ bool primary_group_had_user_member = false;
+
+ torture_assert(tctx, test_nwrap_getgrouplist(tctx,
+ pwd->pw_name,
+ pwd->pw_gid,
+ &user_groups,
+ &num_user_groups),
+ "failed to test getgrouplist");
+
+ for (g=0; g < num_user_groups; g++) {
+ torture_assert(tctx, test_nwrap_getgrgid(tctx, user_groups[g], NULL),
+ "failed to find the group the user is a member of");
+ }
+
+
+ for (i=0; i < num_grp; i++) {
+
+ struct group grp = grp_array[i];
+
+ if (test_nwrap_user_in_group(tctx, pwd, &grp)) {
+
+ struct group current_grp;
+ num_user_groups_from_enum++;
+
+ torture_assert(tctx, test_nwrap_getgrnam(tctx, grp.gr_name, ¤t_grp),
+ "failed to find the group the user is a member of");
+
+ if (current_grp.gr_gid == pwd->pw_gid) {
+ torture_comment(tctx, "primary group %s of user %s lists user as member\n",
+ current_grp.gr_name,
+ pwd->pw_name);
+ primary_group_had_user_member = true;
+ }
+
+ continue;
+ }
+ }
+
+ if (!primary_group_had_user_member) {
+ num_user_groups_from_enum++;
+ }
+
+ torture_assert_int_equal(tctx, num_user_groups, num_user_groups_from_enum,
+ "getgrouplist and real inspection of grouplist gave different results\n");
+
+ return true;
+}
+
+static bool test_nwrap_membership(struct torture_context *tctx)
+{
+ const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
+ const char *old_group = getenv("NSS_WRAPPER_GROUP");
+ struct passwd *pwd;
+ size_t num_pwd;
+ struct group *grp;
+ size_t num_grp;
+ int i;
+
+ if (!old_pwd || !old_group) {
+ torture_comment(tctx, "ENV NSS_WRAPPER_PASSWD or NSS_WRAPPER_GROUP not set\n");
+ torture_skip(tctx, "nothing to test\n");
+ }
+
+ torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+ torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_pwd; i++) {
+
+ torture_assert(tctx, test_nwrap_membership_user(tctx, &pwd[i], grp, num_grp),
+ "failed to test membership for user");
+
+ }
+
+ return true;
+}
+
+static bool test_nwrap_enumeration(struct torture_context *tctx)
+{
+ const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
+ const char *old_group = getenv("NSS_WRAPPER_GROUP");
+
+ if (!old_pwd || !old_group) {
+ torture_comment(tctx, "ENV NSS_WRAPPER_PASSWD or NSS_WRAPPER_GROUP not set\n");
+ torture_skip(tctx, "nothing to test\n");
+ }
+
+ torture_assert(tctx, test_nwrap_passwd(tctx),
+ "failed to test users");
+ torture_assert(tctx, test_nwrap_group(tctx),
+ "failed to test groups");
+
+ return true;
+}
+
+static bool test_nwrap_reentrant_enumeration(struct torture_context *tctx)
+{
+ const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
+ const char *old_group = getenv("NSS_WRAPPER_GROUP");
+
+ if (!old_pwd || !old_group) {
+ torture_comment(tctx, "ENV NSS_WRAPPER_PASSWD or NSS_WRAPPER_GROUP not set\n");
+ torture_skip(tctx, "nothing to test\n");
+ }
+
+ torture_comment(tctx, "Testing re-entrant calls\n");
+
+ torture_assert(tctx, test_nwrap_passwd_r(tctx),
+ "failed to test users");
+ torture_assert(tctx, test_nwrap_group_r(tctx),
+ "failed to test groups");
+
+ return true;
+}
+
+static bool test_nwrap_reentrant_enumeration_crosschecks(struct torture_context *tctx)
+{
+ const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
+ const char *old_group = getenv("NSS_WRAPPER_GROUP");
+
+ if (!old_pwd || !old_group) {
+ torture_comment(tctx, "ENV NSS_WRAPPER_PASSWD or NSS_WRAPPER_GROUP not set\n");
+ torture_skip(tctx, "nothing to test\n");
+ }
+
+ torture_comment(tctx, "Testing re-entrant calls with cross checks\n");
+
+ torture_assert(tctx, test_nwrap_passwd_r_cross(tctx),
+ "failed to test users");
+ torture_assert(tctx, test_nwrap_group_r_cross(tctx),
+ "failed to test groups");
+
+ return true;
+}
+
+static bool test_nwrap_passwd_duplicates(struct torture_context *tctx)
+{
+ int i, d;
+ struct passwd *pwd;
+ size_t num_pwd;
+ int duplicates = 0;
+
+ torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+
+ for (i=0; i < num_pwd; i++) {
+ const char *current_name = pwd[i].pw_name;
+ for (d=0; d < num_pwd; d++) {
+ const char *dup_name = pwd[d].pw_name;
+ if (d == i) {
+ continue;
+ }
+ if (!strequal(current_name, dup_name)) {
+ continue;
+ }
+
+ torture_warning(tctx, "found duplicate names:");
+ print_passwd(&pwd[d]);
+ print_passwd(&pwd[i]);
+ duplicates++;
+ }
+ }
+
+ if (duplicates) {
+ torture_fail(tctx, talloc_asprintf(tctx, "found %d duplicate names", duplicates));
+ }
+
+ return true;
+}
+
+static bool test_nwrap_group_duplicates(struct torture_context *tctx)
+{
+ int i, d;
+ struct group *grp;
+ size_t num_grp;
+ int duplicates = 0;
+
+ torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
+
+ for (i=0; i < num_grp; i++) {
+ const char *current_name = grp[i].gr_name;
+ for (d=0; d < num_grp; d++) {
+ const char *dup_name = grp[d].gr_name;
+ if (d == i) {
+ continue;
+ }
+ if (!strequal(current_name, dup_name)) {
+ continue;
+ }
+
+ torture_warning(tctx, "found duplicate names:");
+ print_group(&grp[d]);
+ print_group(&grp[i]);
+ duplicates++;
+ }
+ }
+
+ if (duplicates) {
+ torture_fail(tctx, talloc_asprintf(tctx, "found %d duplicate names", duplicates));
+ }
+
+ return true;
+}
+
+
+static bool test_nwrap_duplicates(struct torture_context *tctx)
+{
+ const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
+ const char *old_group = getenv("NSS_WRAPPER_GROUP");
+
+ if (!old_pwd || !old_group) {
+ torture_comment(tctx, "ENV NSS_WRAPPER_PASSWD or NSS_WRAPPER_GROUP not set\n");
+ torture_skip(tctx, "nothing to test\n");
+ }
+
+ torture_assert(tctx, test_nwrap_passwd_duplicates(tctx),
+ "failed to test users");
+ torture_assert(tctx, test_nwrap_group_duplicates(tctx),
+ "failed to test groups");
+
+ return true;
+}
+
+
+struct torture_suite *torture_local_nss_wrapper(TALLOC_CTX *mem_ctx)
+{
+ struct torture_suite *suite = torture_suite_create(mem_ctx, "nss-wrapper");
+
+ torture_suite_add_simple_test(suite, "enumeration", test_nwrap_enumeration);
+ torture_suite_add_simple_test(suite, "reentrant enumeration", test_nwrap_reentrant_enumeration);
+ torture_suite_add_simple_test(suite, "reentrant enumeration crosschecks", test_nwrap_reentrant_enumeration_crosschecks);
+ torture_suite_add_simple_test(suite, "membership", test_nwrap_membership);
+ torture_suite_add_simple_test(suite, "duplicates", test_nwrap_duplicates);
+
+ return suite;
+}
diff --git a/source4/torture/local/wscript_build b/source4/torture/local/wscript_build
index eb0b99b..41775fe 100644
--- a/source4/torture/local/wscript_build
+++ b/source4/torture/local/wscript_build
@@ -17,7 +17,8 @@ TORTURE_LOCAL_SOURCE = '''../../../lib/util/charset/tests/iconv.c
dbspeed.c torture.c ../ldb/ldb.c ../../dsdb/common/tests/dsdb_dn.c
../../dsdb/schema/tests/schema_syntax.c
../../../lib/util/tests/anonymous_shared.c
- verif_trailer.c'''
+ verif_trailer.c
+ nss_tests.c'''
TORTURE_LOCAL_DEPS = 'RPC_NDR_ECHO TDR LIBCLI_SMB MESSAGING iconv POPT_CREDENTIALS TORTURE_AUTH TORTURE_UTIL TORTURE_NDR TORTURE_LIBCRYPTO share torture_registry PROVISION ldb samdb replace-test'
--
2.1.0
From 68066eaec58b3e9f8cee374e8ef8d8dfa2a418d7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?G=C3=BCnther=20Deschner?= <gd at samba.org>
Date: Sat, 7 Feb 2015 14:10:01 +0100
Subject: [PATCH 2/3] s4-torture: cleanup nsswrapper test a little by removing
nwrap references.
Guenther
Signed-off-by: Guenther Deschner <gd at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
---
source4/torture/local/local.c | 2 +-
source4/torture/local/nss_tests.c | 240 +++++++++++++++++++-------------------
2 files changed, 121 insertions(+), 121 deletions(-)
diff --git a/source4/torture/local/local.c b/source4/torture/local/local.c
index 77ff908..45cc712 100644
--- a/source4/torture/local/local.c
+++ b/source4/torture/local/local.c
@@ -69,7 +69,7 @@
torture_dsdb_syntax,
torture_registry,
torture_local_verif_trailer,
- torture_local_nss_wrapper,
+ torture_local_nss,
NULL
};
diff --git a/source4/torture/local/nss_tests.c b/source4/torture/local/nss_tests.c
index 0cd3265..a6baf21 100644
--- a/source4/torture/local/nss_tests.c
+++ b/source4/torture/local/nss_tests.c
@@ -53,9 +53,9 @@ static void print_passwd(struct passwd *pwd)
}
-static bool test_nwrap_getpwnam(struct torture_context *tctx,
- const char *name,
- struct passwd *pwd_p)
+static bool test_getpwnam(struct torture_context *tctx,
+ const char *name,
+ struct passwd *pwd_p)
{
struct passwd *pwd;
@@ -73,9 +73,9 @@ static bool test_nwrap_getpwnam(struct torture_context *tctx,
return pwd ? true : false;
}
-static bool test_nwrap_getpwnam_r(struct torture_context *tctx,
- const char *name,
- struct passwd *pwd_p)
+static bool test_getpwnam_r(struct torture_context *tctx,
+ const char *name,
+ struct passwd *pwd_p)
{
struct passwd pwd, *pwdp;
char buffer[4096];
@@ -100,9 +100,9 @@ static bool test_nwrap_getpwnam_r(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_getpwuid(struct torture_context *tctx,
- uid_t uid,
- struct passwd *pwd_p)
+static bool test_getpwuid(struct torture_context *tctx,
+ uid_t uid,
+ struct passwd *pwd_p)
{
struct passwd *pwd;
@@ -120,9 +120,9 @@ static bool test_nwrap_getpwuid(struct torture_context *tctx,
return pwd ? true : false;
}
-static bool test_nwrap_getpwuid_r(struct torture_context *tctx,
- uid_t uid,
- struct passwd *pwd_p)
+static bool test_getpwuid_r(struct torture_context *tctx,
+ uid_t uid,
+ struct passwd *pwd_p)
{
struct passwd pwd, *pwdp;
char buffer[4096];
@@ -187,9 +187,9 @@ static void print_group(struct group *grp)
printf("%s\n", grp->gr_mem[i]);
}
-static bool test_nwrap_getgrnam(struct torture_context *tctx,
- const char *name,
- struct group *grp_p)
+static bool test_getgrnam(struct torture_context *tctx,
+ const char *name,
+ struct group *grp_p)
{
struct group *grp;
@@ -207,9 +207,9 @@ static bool test_nwrap_getgrnam(struct torture_context *tctx,
return grp ? true : false;
}
-static bool test_nwrap_getgrnam_r(struct torture_context *tctx,
- const char *name,
- struct group *grp_p)
+static bool test_getgrnam_r(struct torture_context *tctx,
+ const char *name,
+ struct group *grp_p)
{
struct group grp, *grpp;
char buffer[4096];
@@ -235,9 +235,9 @@ static bool test_nwrap_getgrnam_r(struct torture_context *tctx,
}
-static bool test_nwrap_getgrgid(struct torture_context *tctx,
- gid_t gid,
- struct group *grp_p)
+static bool test_getgrgid(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
{
struct group *grp;
@@ -255,9 +255,9 @@ static bool test_nwrap_getgrgid(struct torture_context *tctx,
return grp ? true : false;
}
-static bool test_nwrap_getgrgid_r(struct torture_context *tctx,
- gid_t gid,
- struct group *grp_p)
+static bool test_getgrgid_r(struct torture_context *tctx,
+ gid_t gid,
+ struct group *grp_p)
{
struct group grp, *grpp;
char buffer[4096];
@@ -282,9 +282,9 @@ static bool test_nwrap_getgrgid_r(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_enum_passwd(struct torture_context *tctx,
- struct passwd **pwd_array_p,
- size_t *num_pwd_p)
+static bool test_enum_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
{
struct passwd *pwd;
struct passwd *pwd_array = NULL;
@@ -318,9 +318,9 @@ static bool test_nwrap_enum_passwd(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_enum_r_passwd(struct torture_context *tctx,
- struct passwd **pwd_array_p,
- size_t *num_pwd_p)
+static bool test_enum_r_passwd(struct torture_context *tctx,
+ struct passwd **pwd_array_p,
+ size_t *num_pwd_p)
{
struct passwd pwd, *pwdp;
struct passwd *pwd_array = NULL;
@@ -379,21 +379,21 @@ static bool torture_assert_passwd_equal(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_passwd(struct torture_context *tctx)
+static bool test_passwd(struct torture_context *tctx)
{
int i;
struct passwd *pwd, pwd1, pwd2;
size_t num_pwd;
- torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
- "failed to enumerate passwd");
+ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
for (i=0; i < num_pwd; i++) {
- torture_assert(tctx, test_nwrap_getpwnam(tctx, pwd[i].pw_name, &pwd1),
+ torture_assert(tctx, test_getpwnam(tctx, pwd[i].pw_name, &pwd1),
"failed to call getpwnam for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
"getpwent and getpwnam gave different results");
- torture_assert(tctx, test_nwrap_getpwuid(tctx, pwd[i].pw_uid, &pwd2),
+ torture_assert(tctx, test_getpwuid(tctx, pwd[i].pw_uid, &pwd2),
"failed to call getpwuid for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
"getpwent and getpwuid gave different results");
@@ -404,21 +404,21 @@ static bool test_nwrap_passwd(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_passwd_r(struct torture_context *tctx)
+static bool test_passwd_r(struct torture_context *tctx)
{
int i;
struct passwd *pwd, pwd1, pwd2;
size_t num_pwd;
- torture_assert(tctx, test_nwrap_enum_r_passwd(tctx, &pwd, &num_pwd),
- "failed to enumerate passwd");
+ torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
for (i=0; i < num_pwd; i++) {
- torture_assert(tctx, test_nwrap_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
+ torture_assert(tctx, test_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
"failed to call getpwnam_r for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
"getpwent_r and getpwnam_r gave different results");
- torture_assert(tctx, test_nwrap_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
+ torture_assert(tctx, test_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
"failed to call getpwuid_r for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
"getpwent_r and getpwuid_r gave different results");
@@ -429,31 +429,31 @@ static bool test_nwrap_passwd_r(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_passwd_r_cross(struct torture_context *tctx)
+static bool test_passwd_r_cross(struct torture_context *tctx)
{
int i;
struct passwd *pwd, pwd1, pwd2, pwd3, pwd4;
size_t num_pwd;
- torture_assert(tctx, test_nwrap_enum_r_passwd(tctx, &pwd, &num_pwd),
- "failed to enumerate passwd");
+ torture_assert(tctx, test_enum_r_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
for (i=0; i < num_pwd; i++) {
- torture_assert(tctx, test_nwrap_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
+ torture_assert(tctx, test_getpwnam_r(tctx, pwd[i].pw_name, &pwd1),
"failed to call getpwnam_r for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd1,
"getpwent_r and getpwnam_r gave different results");
- torture_assert(tctx, test_nwrap_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
+ torture_assert(tctx, test_getpwuid_r(tctx, pwd[i].pw_uid, &pwd2),
"failed to call getpwuid_r for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd2,
"getpwent_r and getpwuid_r gave different results");
torture_assert_passwd_equal(tctx, &pwd1, &pwd2,
"getpwnam_r and getpwuid_r gave different results");
- torture_assert(tctx, test_nwrap_getpwnam(tctx, pwd[i].pw_name, &pwd3),
+ torture_assert(tctx, test_getpwnam(tctx, pwd[i].pw_name, &pwd3),
"failed to call getpwnam for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd3,
"getpwent_r and getpwnam gave different results");
- torture_assert(tctx, test_nwrap_getpwuid(tctx, pwd[i].pw_uid, &pwd4),
+ torture_assert(tctx, test_getpwuid(tctx, pwd[i].pw_uid, &pwd4),
"failed to call getpwuid for enumerated user");
torture_assert_passwd_equal(tctx, &pwd[i], &pwd4,
"getpwent_r and getpwuid gave different results");
@@ -464,9 +464,9 @@ static bool test_nwrap_passwd_r_cross(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_enum_group(struct torture_context *tctx,
- struct group **grp_array_p,
- size_t *num_grp_p)
+static bool test_enum_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
{
struct group *grp;
struct group *grp_array = NULL;
@@ -500,9 +500,9 @@ static bool test_nwrap_enum_group(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_enum_r_group(struct torture_context *tctx,
- struct group **grp_array_p,
- size_t *num_grp_p)
+static bool test_enum_r_group(struct torture_context *tctx,
+ struct group **grp_array_p,
+ size_t *num_grp_p)
{
struct group grp, *grpp;
struct group *grp_array = NULL;
@@ -570,21 +570,21 @@ static bool torture_assert_group_equal(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_group(struct torture_context *tctx)
+static bool test_group(struct torture_context *tctx)
{
int i;
struct group *grp, grp1, grp2;
size_t num_grp;
- torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
- "failed to enumerate group");
+ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
for (i=0; i < num_grp; i++) {
- torture_assert(tctx, test_nwrap_getgrnam(tctx, grp[i].gr_name, &grp1),
+ torture_assert(tctx, test_getgrnam(tctx, grp[i].gr_name, &grp1),
"failed to call getgrnam for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp1,
"getgrent and getgrnam gave different results");
- torture_assert(tctx, test_nwrap_getgrgid(tctx, grp[i].gr_gid, &grp2),
+ torture_assert(tctx, test_getgrgid(tctx, grp[i].gr_gid, &grp2),
"failed to call getgrgid for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp2,
"getgrent and getgrgid gave different results");
@@ -595,21 +595,21 @@ static bool test_nwrap_group(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_group_r(struct torture_context *tctx)
+static bool test_group_r(struct torture_context *tctx)
{
int i;
struct group *grp, grp1, grp2;
size_t num_grp;
- torture_assert(tctx, test_nwrap_enum_r_group(tctx, &grp, &num_grp),
- "failed to enumerate group");
+ torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
for (i=0; i < num_grp; i++) {
- torture_assert(tctx, test_nwrap_getgrnam_r(tctx, grp[i].gr_name, &grp1),
+ torture_assert(tctx, test_getgrnam_r(tctx, grp[i].gr_name, &grp1),
"failed to call getgrnam_r for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp1,
"getgrent_r and getgrnam_r gave different results");
- torture_assert(tctx, test_nwrap_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
+ torture_assert(tctx, test_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
"failed to call getgrgid_r for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp2,
"getgrent_r and getgrgid_r gave different results");
@@ -620,31 +620,31 @@ static bool test_nwrap_group_r(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_group_r_cross(struct torture_context *tctx)
+static bool test_group_r_cross(struct torture_context *tctx)
{
int i;
struct group *grp, grp1, grp2, grp3, grp4;
size_t num_grp;
- torture_assert(tctx, test_nwrap_enum_r_group(tctx, &grp, &num_grp),
- "failed to enumerate group");
+ torture_assert(tctx, test_enum_r_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
for (i=0; i < num_grp; i++) {
- torture_assert(tctx, test_nwrap_getgrnam_r(tctx, grp[i].gr_name, &grp1),
+ torture_assert(tctx, test_getgrnam_r(tctx, grp[i].gr_name, &grp1),
"failed to call getgrnam_r for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp1,
"getgrent_r and getgrnam_r gave different results");
- torture_assert(tctx, test_nwrap_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
+ torture_assert(tctx, test_getgrgid_r(tctx, grp[i].gr_gid, &grp2),
"failed to call getgrgid_r for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp2,
"getgrent_r and getgrgid_r gave different results");
torture_assert_group_equal(tctx, &grp1, &grp2,
"getgrnam_r and getgrgid_r gave different results");
- torture_assert(tctx, test_nwrap_getgrnam(tctx, grp[i].gr_name, &grp3),
+ torture_assert(tctx, test_getgrnam(tctx, grp[i].gr_name, &grp3),
"failed to call getgrnam for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp3,
"getgrent_r and getgrnam gave different results");
- torture_assert(tctx, test_nwrap_getgrgid(tctx, grp[i].gr_gid, &grp4),
+ torture_assert(tctx, test_getgrgid(tctx, grp[i].gr_gid, &grp4),
"failed to call getgrgid for enumerated user");
torture_assert_group_equal(tctx, &grp[i], &grp4,
"getgrent_r and getgrgid gave different results");
@@ -655,11 +655,11 @@ static bool test_nwrap_group_r_cross(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_getgrouplist(struct torture_context *tctx,
- const char *user,
- gid_t gid,
- gid_t **gids_p,
- int *num_gids_p)
+static bool test_getgrouplist(struct torture_context *tctx,
+ const char *user,
+ gid_t gid,
+ gid_t **gids_p,
+ int *num_gids_p)
{
int ret;
int num_groups = 0;
@@ -690,9 +690,9 @@ static bool test_nwrap_getgrouplist(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_user_in_group(struct torture_context *tctx,
- const struct passwd *pwd,
- const struct group *grp)
+static bool test_user_in_group(struct torture_context *tctx,
+ const struct passwd *pwd,
+ const struct group *grp)
{
int i;
@@ -705,10 +705,10 @@ static bool test_nwrap_user_in_group(struct torture_context *tctx,
return false;
}
-static bool test_nwrap_membership_user(struct torture_context *tctx,
- const struct passwd *pwd,
- struct group *grp_array,
- size_t num_grp)
+static bool test_membership_user(struct torture_context *tctx,
+ const struct passwd *pwd,
+ struct group *grp_array,
+ size_t num_grp)
{
int num_user_groups = 0;
int num_user_groups_from_enum = 0;
@@ -716,15 +716,15 @@ static bool test_nwrap_membership_user(struct torture_context *tctx,
int g, i;
bool primary_group_had_user_member = false;
- torture_assert(tctx, test_nwrap_getgrouplist(tctx,
- pwd->pw_name,
- pwd->pw_gid,
- &user_groups,
- &num_user_groups),
- "failed to test getgrouplist");
+ torture_assert(tctx, test_getgrouplist(tctx,
+ pwd->pw_name,
+ pwd->pw_gid,
+ &user_groups,
+ &num_user_groups),
+ "failed to test getgrouplist");
for (g=0; g < num_user_groups; g++) {
- torture_assert(tctx, test_nwrap_getgrgid(tctx, user_groups[g], NULL),
+ torture_assert(tctx, test_getgrgid(tctx, user_groups[g], NULL),
"failed to find the group the user is a member of");
}
@@ -733,12 +733,12 @@ static bool test_nwrap_membership_user(struct torture_context *tctx,
struct group grp = grp_array[i];
- if (test_nwrap_user_in_group(tctx, pwd, &grp)) {
+ if (test_user_in_group(tctx, pwd, &grp)) {
struct group current_grp;
num_user_groups_from_enum++;
- torture_assert(tctx, test_nwrap_getgrnam(tctx, grp.gr_name, ¤t_grp),
+ torture_assert(tctx, test_getgrnam(tctx, grp.gr_name, ¤t_grp),
"failed to find the group the user is a member of");
if (current_grp.gr_gid == pwd->pw_gid) {
@@ -762,7 +762,7 @@ static bool test_nwrap_membership_user(struct torture_context *tctx,
return true;
}
-static bool test_nwrap_membership(struct torture_context *tctx)
+static bool test_membership(struct torture_context *tctx)
{
const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
const char *old_group = getenv("NSS_WRAPPER_GROUP");
@@ -777,14 +777,14 @@ static bool test_nwrap_membership(struct torture_context *tctx)
torture_skip(tctx, "nothing to test\n");
}
- torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
- "failed to enumerate passwd");
- torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
- "failed to enumerate group");
+ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
+ "failed to enumerate passwd");
+ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
+ "failed to enumerate group");
for (i=0; i < num_pwd; i++) {
- torture_assert(tctx, test_nwrap_membership_user(tctx, &pwd[i], grp, num_grp),
+ torture_assert(tctx, test_membership_user(tctx, &pwd[i], grp, num_grp),
"failed to test membership for user");
}
@@ -792,7 +792,7 @@ static bool test_nwrap_membership(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_enumeration(struct torture_context *tctx)
+static bool test_enumeration(struct torture_context *tctx)
{
const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
const char *old_group = getenv("NSS_WRAPPER_GROUP");
@@ -802,15 +802,15 @@ static bool test_nwrap_enumeration(struct torture_context *tctx)
torture_skip(tctx, "nothing to test\n");
}
- torture_assert(tctx, test_nwrap_passwd(tctx),
+ torture_assert(tctx, test_passwd(tctx),
"failed to test users");
- torture_assert(tctx, test_nwrap_group(tctx),
+ torture_assert(tctx, test_group(tctx),
"failed to test groups");
return true;
}
-static bool test_nwrap_reentrant_enumeration(struct torture_context *tctx)
+static bool test_reentrant_enumeration(struct torture_context *tctx)
{
const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
const char *old_group = getenv("NSS_WRAPPER_GROUP");
@@ -822,15 +822,15 @@ static bool test_nwrap_reentrant_enumeration(struct torture_context *tctx)
torture_comment(tctx, "Testing re-entrant calls\n");
- torture_assert(tctx, test_nwrap_passwd_r(tctx),
+ torture_assert(tctx, test_passwd_r(tctx),
"failed to test users");
- torture_assert(tctx, test_nwrap_group_r(tctx),
+ torture_assert(tctx, test_group_r(tctx),
"failed to test groups");
return true;
}
-static bool test_nwrap_reentrant_enumeration_crosschecks(struct torture_context *tctx)
+static bool test_reentrant_enumeration_crosschecks(struct torture_context *tctx)
{
const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
const char *old_group = getenv("NSS_WRAPPER_GROUP");
@@ -842,22 +842,22 @@ static bool test_nwrap_reentrant_enumeration_crosschecks(struct torture_context
torture_comment(tctx, "Testing re-entrant calls with cross checks\n");
- torture_assert(tctx, test_nwrap_passwd_r_cross(tctx),
+ torture_assert(tctx, test_passwd_r_cross(tctx),
"failed to test users");
- torture_assert(tctx, test_nwrap_group_r_cross(tctx),
+ torture_assert(tctx, test_group_r_cross(tctx),
"failed to test groups");
return true;
}
-static bool test_nwrap_passwd_duplicates(struct torture_context *tctx)
+static bool test_passwd_duplicates(struct torture_context *tctx)
{
int i, d;
struct passwd *pwd;
size_t num_pwd;
int duplicates = 0;
- torture_assert(tctx, test_nwrap_enum_passwd(tctx, &pwd, &num_pwd),
+ torture_assert(tctx, test_enum_passwd(tctx, &pwd, &num_pwd),
"failed to enumerate passwd");
for (i=0; i < num_pwd; i++) {
@@ -885,14 +885,14 @@ static bool test_nwrap_passwd_duplicates(struct torture_context *tctx)
return true;
}
-static bool test_nwrap_group_duplicates(struct torture_context *tctx)
+static bool test_group_duplicates(struct torture_context *tctx)
{
int i, d;
struct group *grp;
size_t num_grp;
int duplicates = 0;
- torture_assert(tctx, test_nwrap_enum_group(tctx, &grp, &num_grp),
+ torture_assert(tctx, test_enum_group(tctx, &grp, &num_grp),
"failed to enumerate group");
for (i=0; i < num_grp; i++) {
@@ -921,7 +921,7 @@ static bool test_nwrap_group_duplicates(struct torture_context *tctx)
}
-static bool test_nwrap_duplicates(struct torture_context *tctx)
+static bool test_duplicates(struct torture_context *tctx)
{
const char *old_pwd = getenv("NSS_WRAPPER_PASSWD");
const char *old_group = getenv("NSS_WRAPPER_GROUP");
@@ -931,24 +931,24 @@ static bool test_nwrap_duplicates(struct torture_context *tctx)
torture_skip(tctx, "nothing to test\n");
}
- torture_assert(tctx, test_nwrap_passwd_duplicates(tctx),
+ torture_assert(tctx, test_passwd_duplicates(tctx),
"failed to test users");
- torture_assert(tctx, test_nwrap_group_duplicates(tctx),
+ torture_assert(tctx, test_group_duplicates(tctx),
"failed to test groups");
return true;
}
-struct torture_suite *torture_local_nss_wrapper(TALLOC_CTX *mem_ctx)
+struct torture_suite *torture_local_nss(TALLOC_CTX *mem_ctx)
{
- struct torture_suite *suite = torture_suite_create(mem_ctx, "nss-wrapper");
+ struct torture_suite *suite = torture_suite_create(mem_ctx, "nss");
- torture_suite_add_simple_test(suite, "enumeration", test_nwrap_enumeration);
- torture_suite_add_simple_test(suite, "reentrant enumeration", test_nwrap_reentrant_enumeration);
- torture_suite_add_simple_test(suite, "reentrant enumeration crosschecks", test_nwrap_reentrant_enumeration_crosschecks);
- torture_suite_add_simple_test(suite, "membership", test_nwrap_membership);
- torture_suite_add_simple_test(suite, "duplicates", test_nwrap_duplicates);
+ torture_suite_add_simple_test(suite, "enumeration", test_enumeration);
+ torture_suite_add_simple_test(suite, "reentrant enumeration", test_reentrant_enumeration);
+ torture_suite_add_simple_test(suite, "reentrant enumeration crosschecks", test_reentrant_enumeration_crosschecks);
+ torture_suite_add_simple_test(suite, "membership", test_membership);
+ torture_suite_add_simple_test(suite, "duplicates", test_duplicates);
return suite;
}
--
2.1.0
From ed0186e620d3f5bd98e97e2de664388be1a1c854 Mon Sep 17 00:00:00 2001
From: Michael Adam <obnox at samba.org>
Date: Mon, 2 Feb 2015 16:16:45 +0100
Subject: [PATCH 3/3] selftest: re-enable nsswrapper integration testing for dc
and member environments.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
There are some failures:
- The dc environment fails consistently due to duplicate uid,
(for the calling user and the domain administrator).
==> Marked as knownfail.
- The s3member environment only fails under very strange
circumstances:
- one needs to run the unix.whoami test in the
member and s3member environment for the local.nss
test to fail in the s3member:local env. The failure
is then related to builtin administrators sharing
a gid with a different group.
--> This is really really strange!!!
==> Marked as knownfail.
Pair-Programmed-With: Guenther Deschner <gd at samba.org>
Signed-off-by: Michael Adam <obnox at samba.org>
Signed-off-by: G?nther Deschner <gd at samba.org>
---
selftest/knownfail | 14 ++++++++++++++
source3/selftest/tests.py | 5 ++++-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/selftest/knownfail b/selftest/knownfail
index fef56a1..b3cc2d6 100644
--- a/selftest/knownfail
+++ b/selftest/knownfail
@@ -273,6 +273,20 @@
^samba.wbinfo_simple.\(s4member:local\).--user-groups
^samba.nss.test using winbind\(s4member:local\)
#
+# These fail since dc assigns the local user's uid to SAMBADOMAIN/Administrator
+# hence we have a duplicate UID in nsswitch.
+#
+^samba3.local.nss.reentrant enumeration crosschecks\(dc:local\)
+^samba3.local.nss.reentrant enumeration\(dc:local\)
+^samba3.local.nss.enumeration\(dc:local\)
+#
+# These fail only if we run the unix.whoami test before them
+# in the member and s3member environments. ==> Strange!!!
+#
+^samba3.local.nss.reentrant enumeration crosschecks\(s3member:local\)
+^samba3.local.nss.reentrant enumeration\(s3member:local\)
+^samba3.local.nss.enumeration\(s3member:local\)
+#
# These just happen to fail for some reason (probably because they run against the s4 winbind)
#
^samba4.winbind.struct.getdcname\(s3member:local\)
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index c60f531..1a881a8 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -280,7 +280,7 @@ rpc = ["rpc.authcontext", "rpc.samba3.bind", "rpc.samba3.srvsvc", "rpc.samba3.sh
"rpc.netlogon.admin",
"rpc.schannel", "rpc.schannel2", "rpc.bench-schannel1", "rpc.join", "rpc.bind"]
-local = ["local.ndr"]
+local = ["local.nss", "local.ndr"]
idmap = [ "idmap.rfc2307" ]
@@ -372,6 +372,9 @@ for t in tests:
elif t == "vfs.fruit":
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:share1=vfs_fruit --option=torture:share2=tmp --option=torture:localdir=$SELFTEST_PREFIX/s3dc/share')
plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD --option=torture:share1=vfs_fruit --option=torture:share2=tmp --option=torture:localdir=$SELFTEST_PREFIX/plugin_s4_dc/share')
+ elif t == "local.nss":
+ for env in ["s3dc:local", "s3member:local", "member:local", "plugin_s4_dc:local", "dc:local"]:
+ plansmbtorture4testsuite(t, env, '//$SERVER/tmp -U$USERNAME%$PASSWORD')
else:
plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD')
plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD')
--
2.1.0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20150216/89eb90e8/attachment.pgp>
More information about the samba-technical
mailing list