[PATCH] selftest: create a temporary client env for net ads test

Uri Simchoni uri at samba.org
Tue Feb 9 18:40:18 UTC 2016 

Hi,

Paying a long overdue technical debt, this patch fixes an issue with 
samba4.blackbox.net_ads test, namely that it runs in the ad_member test 
env, and changes the shared secret of the member server while it is 
running. Apparently this didn't break autobuild, but a test should 
ideally test one thing only and in our case - just the join/leave 
functionality, not how a member server survives join/leave while it is 
running.

The patch creates a new temporary client env, with a random string as 
host name, so that except for the AD DC which gets to see an account 
added and removed, no other component of the test env is affected by the 
test.

Review appreciated,
Uri.

-------------- next part --------------
From 1f0410f0b45f8cd7cb9b07c439a6bbdb0a2e3ed6 Mon Sep 17 00:00:00 2001
From: Uri Simchoni <uri at samba.org>
Date: Wed, 4 Nov 2015 07:31:47 +0200
Subject: [PATCH 1/2] selftest: run net ads join test in a private client env

net ads join command changes machine password, thus affecting
the test environment beyond the thing we want to test.

This cange runs the test in a private client env, with its
own hostname, newly-generated machine SID, and a separate
secrets.tdb, thus not affecting the running AD member server,

Signed-off-by: Uri Simchoni <uri at samba.org>
---
 source4/selftest/tests.py          |  2 +-
 testprogs/blackbox/test_net_ads.sh | 25 ++++++++++++++++++++++---
 2 files changed, 23 insertions(+), 4 deletions(-)

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 6160152..2732065 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -340,7 +340,7 @@ plantestsuite("samba4.blackbox.gentest(ad_dc_ntvfs)", "ad_dc_ntvfs", [os.path.jo
 plantestsuite("samba4.blackbox.rfc2307_mapping(ad_dc_ntvfs:local)", "ad_dc_ntvfs:local", [os.path.join(samba4srcdir, "../nsswitch/tests/test_rfc2307_mapping.sh"), '$DOMAIN', '$USERNAME', '$PASSWORD', "$SERVER", "$UID_RFC2307TEST", "$GID_RFC2307TEST", configuration])
 plantestsuite("samba4.blackbox.chgdcpass", "chgdcpass", [os.path.join(bbdir, "test_chgdcpass.sh"), '$SERVER', "CHGDCPASS\$", '$REALM', '$DOMAIN', '$PREFIX', "aes256-cts-hmac-sha1-96", '$SELFTEST_PREFIX/chgdcpass', smbclient4])
 plantestsuite("samba4.blackbox.samba_upgradedns(chgdcpass:local)", "chgdcpass:local", [os.path.join(bbdir, "test_samba_upgradedns.sh"), '$SERVER', '$REALM', '$PREFIX', '$SELFTEST_PREFIX/chgdcpass'])
-plantestsuite("samba4.blackbox.net_ads(ad_member:local)", "ad_member:local", [os.path.join(bbdir, "test_net_ads.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD'])
+plantestsuite("samba4.blackbox.net_ads(ad_member:client)", "ad_member:client", [os.path.join(bbdir, "test_net_ads.sh"), '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD', '$PREFIX_ABS'])
 plantestsuite_loadlist("samba4.rpc.echo against NetBIOS alias", "ad_dc_ntvfs", [valgrindify(smbtorture4), "$LISTOPT", "$LOADLIST", 'ncacn_np:$NETBIOSALIAS', '-U$DOMAIN/$USERNAME%$PASSWORD', 'rpc.echo'])
 
 # Tests using the "Simple" NTVFS backend
diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index 487014d..f26b4c4 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -1,6 +1,6 @@
-if [ $# -lt 3 ]; then
+if [ $# -lt 4 ]; then
 cat <<EOF
-Usage: test_net.sh SERVER USERNAME PASSWORD
+Usage: test_net.sh DC_SERVER DC_USERNAME DC_PASSWORD PREFIX_ABS
 EOF
 exit 1;
 fi
@@ -8,14 +8,29 @@ fi
 DC_SERVER=$1
 DC_USERNAME=$2
 DC_PASSWORD=$3
+BASEDIR=$4
+
+HOSTNAME=`dd if=/dev/urandom bs=1 count=32 2>/dev/null | sha1sum | cut -b 1-10`
+
+RUNDIR=`pwd`
+cd $BASEDIR
+WORKDIR=`mktemp -d -p .`
+WORKDIR=`basename $WORKDIR`
+cp -a client/* $WORKDIR/
+sed -ri "s@(dir|directory) = (.*)/client/@\1 = \2/$WORKDIR/@" $WORKDIR/client.conf
+sed -ri "s/netbios name = .*/netbios name = $HOSTNAME/" $WORKDIR/client.conf
+rm -f $WORKDIR/private/secrets.tdb
+cd $RUNDIR
 
 failed=0
 
-net_tool="$BINDIR/net"
+net_tool="$BINDIR/net -s $BASEDIR/$WORKDIR/client.conf --option=security=ads"
 
 # Load test functions
 . `dirname $0`/subunit.sh
 
+testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
 testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
 testit "join+server" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD -S$DC_SERVER || failed=`expr $failed + 1`
@@ -31,5 +46,9 @@ testit_expect_failure "leave+invalid_server" $VALGRIND $net_tool ads leave -U$DC
 testit "testjoin" $VALGRIND $net_tool ads testjoin -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
 testit "testjoin_machine_account" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+##Goodbye...
+testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+
+rm -rf $BASEDIR/$WORKDIR
 
 exit $failed
-- 
2.5.0


From 25c97f0dfadde04bc0644fe0b8960319130af425 Mon Sep 17 00:00:00 2001
From: Uri Simchoni <uri at samba.org>
Date: Wed, 4 Nov 2015 07:32:57 +0200
Subject: [PATCH 2/2] selftest: add some test cases to net ads join

Perform a testjoin between steps to verify join status
Perform most testjoins with machine account because that's
the more common case.

Signed-off-by: Uri Simchoni <uri at samba.org>
---
 testprogs/blackbox/test_net_ads.sh | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/testprogs/blackbox/test_net_ads.sh b/testprogs/blackbox/test_net_ads.sh
index f26b4c4..2120814 100755
--- a/testprogs/blackbox/test_net_ads.sh
+++ b/testprogs/blackbox/test_net_ads.sh
@@ -31,8 +31,12 @@ net_tool="$BINDIR/net -s $BASEDIR/$WORKDIR/client.conf --option=security=ads"
 
 testit "join" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
+testit "testjoin" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+
 testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
+testit_expect_failure "testjoin(not joined)" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
+
 testit "join+server" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD -S$DC_SERVER || failed=`expr $failed + 1`
 
 testit "leave+server" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD -S$DC_SERVER || failed=`expr $failed + 1`
@@ -43,9 +47,8 @@ testit "join+server" $VALGRIND $net_tool ads join -U$DC_USERNAME%$DC_PASSWORD ||
 
 testit_expect_failure "leave+invalid_server" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD -SINVALID && failed=`expr $failed + 1`
 
-testit "testjoin" $VALGRIND $net_tool ads testjoin -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+testit "testjoin user+password" $VALGRIND $net_tool ads testjoin -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
-testit "testjoin_machine_account" $VALGRIND $net_tool ads testjoin -kP || failed=`expr $failed + 1`
 ##Goodbye...
 testit "leave" $VALGRIND $net_tool ads leave -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
 
-- 
2.5.0

More information about the samba-technical mailing list