[PATCH 22/23] gpo: Add gpo tests
abartlet at samba.org
Thu Apr 27 19:49:58 UTC 2017
On Thu, 2017-04-27 at 09:43 -0600, David Mulder wrote:
> Here is the latest version of the gpo patches. This version tests
> end points of System Access policies, rather than a single static
> option. Also fixes a crash in the policy read in gpclass.py.
In Subject: [PATCH 02/22] gpo: Add python libgpo bindings:
The py_gpo_get_unix_path() routine and others like it appears to leak
the result of talloc_new(NULL).
I also am totally unclear how py_ads_parse_gp_ext() is used, tested or
even works - it appears to blindly cast a C object to a python object
and has a memory leak.
The same I could say for py_ads_get_gpo_link, which tries to build a
tuple with a raw C object, and leaks memory. It also has really
strange indentation and // comments, and is commented out in the end.
I know this isn't your code! However it means we have to go over
everything with a fine toothed comb. A patch to trim it down to the
bare minimum required would go a long way.
Comprehensive tests for the bindings and for the now modular script
directly would go a long way to improving my confidence with this patch
> On 03/10/2017 02:22 PM, Andrew Bartlett wrote:
> > On Fri, 2017-03-10 at 14:09 -0700, David Mulder wrote:
> > > Here's a patched commit using lpcfg_gpo_update_command() and
> > > lpcfg_path().
> > Thanks! BTW, the reason the parameter is a list is to avoid
> > needing to
> > call system() on it (disliked by security folks), but that may not
> > be
> > worth avoiding in a torture test.
> > Andrew Bartlett
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical