autobuild over 4 hours
Andrew Bartlett
abartlet at samba.org
Thu Jul 6 05:12:29 UTC 2017
On Thu, 2017-07-06 at 13:35 +1000, Martin Schwenke via samba-technical
wrote:
> On Thu, 06 Jul 2017 08:02:01 +1200, Andrew Bartlett via samba-
> technical
> <samba-technical at lists.samba.org> wrote:
>
> > Just a quick note to other confused developers:
> >
> > Autobuild on sn-devel has just ticked close to/over 4 hours, so is
> > starting to fail with timelimit exceeded again.
> >
> > The immediate fix is to bump up the time limit to 5 hours, but the
> > better fix is my parallel build patch (saves 60 mins!).
> >
> > Unfortunately that is blocked on the nosymlinks flapping test (but
> > at
> > least we know what is required for that).
>
> How do we increase the time limit? At least in the interim...
We certainly could. I decided not to give up so easily, and I think
I've found a few mins with the attached patches (currently under test).
We avoid quite some time if we don't fork and don't call kinit over and
over in some of the famous DRS tests.
Either way is really fine by me, as cloud VMs are slower I've been
setting a 5 hour max anyway for some time.
Thanks,
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
-------------- next part --------------
From 445a2dd0cb60b3e01ab8a3fe24b2ea199b557d33 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 14:44:46 +1200
Subject: [PATCH 01/17] pycredentials: Allow optional "name" argument to
get_named_ccache() to be missing
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
auth/credentials/pycredentials.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index caf30bff492..0a29c586322 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -526,7 +526,7 @@ static PyObject *PyCredentialCacheContainer_from_ccache_container(struct ccache_
static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
{
PyObject *py_lp_ctx = Py_None;
- char *ccache_name;
+ char *ccache_name = NULL;
struct loadparm_context *lp_ctx;
struct ccache_container *ccc;
struct tevent_context *event_ctx;
--
2.11.0
From 291d19d49e332ffac4fcb3aab8a464f4557b4c7a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 14:47:01 +1200
Subject: [PATCH 02/17] pycredentials: Add set_named_ccache() to set a
particular credentials cache
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
auth/credentials/pycredentials.c | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index 0a29c586322..bf90eb8c9d0 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -31,6 +31,8 @@
#include <tevent.h>
#include "libcli/auth/libcli_auth.h"
#include "auth/credentials/credentials_internal.h"
+#include "system/kerberos.h"
+#include "auth/kerberos/kerberos.h"
void initcredentials(void);
@@ -793,10 +795,37 @@ PyTypeObject PyCredentials = {
.tp_methods = py_creds_methods,
};
+static PyObject *py_ccache_name(PyObject *self, PyObject *unused)
+{
+ struct ccache_container *ccc;
+ char *name;
+ PyObject *py_name;
+ int ret;
+ ccc = pytalloc_get_type(self, struct ccache_container);
+
+ ret = krb5_cc_get_full_name(ccc->smb_krb5_context->krb5_context,
+ ccc->ccache, &name);
+ if (ret == 0) {
+ py_name = PyString_FromStringOrNULL(name);
+ SAFE_FREE(name);
+ } else {
+ PyErr_SetString(PyExc_RuntimeError,
+ "Failed to get ccache name");
+ return NULL;
+ }
+ return py_name;
+}
+
+static PyMethodDef py_ccache_container_methods[] = {
+ { "get_name", py_ccache_name, METH_NOARGS,
+ "S.get_name() -> name\nObtain KRB5 credentials cache name." },
+ { NULL }
+};
PyTypeObject PyCredentialCacheContainer = {
.tp_name = "credentials.CredentialCacheContainer",
.tp_flags = Py_TPFLAGS_DEFAULT,
+ .tp_methods = py_ccache_container_methods,
};
MODULE_INIT_FUNC(credentials)
--
2.11.0
From 10016d4a4e4f318b63a1a7834b28f12120b75813 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 14:48:39 +1200
Subject: [PATCH 03/17] selftest: Add tests for credentials.get_named_ccache()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
python/samba/tests/krb5_credentials.py | 104 +++++++++++++++++++++++++++++++++
source4/selftest/tests.py | 3 +
2 files changed, 107 insertions(+)
create mode 100644 python/samba/tests/krb5_credentials.py
diff --git a/python/samba/tests/krb5_credentials.py b/python/samba/tests/krb5_credentials.py
new file mode 100644
index 00000000000..ca638801522
--- /dev/null
+++ b/python/samba/tests/krb5_credentials.py
@@ -0,0 +1,104 @@
+# Integration tests for pycredentials
+#
+# Copyright (C) Catalyst IT Ltd. 2017
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 3 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+#
+from samba.tests import TestCase, delete_force
+import os
+
+import samba
+from samba.auth import system_session
+from samba.credentials import (
+ Credentials,
+)
+from samba.dsdb import (
+ UF_WORKSTATION_TRUST_ACCOUNT,
+ UF_PASSWD_NOTREQD,
+ UF_NORMAL_ACCOUNT)
+from samba.samdb import SamDB
+
+"""KRB5 Integration tests for pycredentials.
+
+Seperated from py_credentials so as to allow running against just one
+environment so we know the server that we add the user on will be our
+KDC
+
+"""
+
+MACHINE_NAME = "krb5credstest"
+
+class PyKrb5CredentialsTests(TestCase):
+
+ def setUp(self):
+ super(PyKrb5CredentialsTests, self).setUp()
+
+ self.server = os.environ["SERVER"]
+ self.domain = os.environ["DOMAIN"]
+ self.host = os.environ["SERVER_IP"]
+ self.lp = self.get_loadparm()
+
+ self.credentials = self.get_credentials()
+
+ self.session = system_session()
+ self.ldb = SamDB(url="ldap://%s" % self.host,
+ session_info=self.session,
+ credentials=self.credentials,
+ lp=self.lp)
+
+ self.create_machine_account()
+
+
+ def tearDown(self):
+ super(PyKrb5CredentialsTests, self).tearDown()
+ delete_force(self.ldb, self.machine_dn)
+
+ def test_get_named_ccache(self):
+ name = "MEMORY:py_creds_machine"
+ ccache = self.machine_creds.get_named_ccache(self.lp,
+ name)
+ self.assertEqual(ccache.get_name(), name)
+
+ def test_get_unnamed_ccache(self):
+ ccache = self.machine_creds.get_named_ccache(self.lp)
+ self.assertIsNotNone(ccache.get_name())
+
+ #
+ # Create the machine account
+ def create_machine_account(self):
+ self.machine_pass = samba.generate_random_password(32, 32)
+ self.machine_name = MACHINE_NAME
+ self.machine_dn = "cn=%s,%s" % (self.machine_name, self.ldb.domain_dn())
+
+ # remove the account if it exists, this will happen if a previous test
+ # run failed
+ delete_force(self.ldb, self.machine_dn)
+
+ utf16pw = unicode(
+ '"' + self.machine_pass.encode('utf-8') + '"', 'utf-8'
+ ).encode('utf-16-le')
+ self.ldb.add({
+ "dn": self.machine_dn,
+ "objectclass": "computer",
+ "sAMAccountName": "%s$" % self.machine_name,
+ "userAccountControl":
+ str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD),
+ "unicodePwd": utf16pw})
+
+ self.machine_creds = Credentials()
+ self.machine_creds.guess(self.get_loadparm())
+ self.machine_creds.set_password(self.machine_pass)
+ self.machine_creds.set_username(self.machine_name + "$")
+ self.machine_creds.set_workstation(self.machine_name)
+
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 4e0642f6b8a..1b198bf3428 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -659,6 +659,9 @@ planoldpythontestsuite("ad_dc",
extra_args=['-U"$USERNAME%$PASSWORD"'])
planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.lsa_string")
+planoldpythontestsuite("ad_dc_ntvfs",
+ "samba.tests.krb5_credentials",
+ extra_args=['-U"$USERNAME%$PASSWORD"'])
for env in ["ad_dc_ntvfs", "vampire_dc", "promoted_dc"]:
planoldpythontestsuite(env,
"samba.tests.py_credentials",
--
2.11.0
From f6bc6c90f3ec7eb4f57f6ffa7bcd4789c849eacd Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 14:51:22 +1200
Subject: [PATCH 04/17] pycredentials: Add set_named_ccache()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
auth/credentials/pycredentials.c | 42 ++++++++++++++++++++++++++++++++++
python/samba/tests/krb5_credentials.py | 9 ++++++++
2 files changed, 51 insertions(+)
diff --git a/auth/credentials/pycredentials.c b/auth/credentials/pycredentials.c
index bf90eb8c9d0..5f1b7fd2910 100644
--- a/auth/credentials/pycredentials.c
+++ b/auth/credentials/pycredentials.c
@@ -571,6 +571,45 @@ static PyObject *py_creds_get_named_ccache(PyObject *self, PyObject *args)
return NULL;
}
+static PyObject *py_creds_set_named_ccache(PyObject *self, PyObject *args)
+{
+ int ret;
+ char *newval;
+ const char *error_string;
+ TALLOC_CTX *mem_ctx;
+ struct loadparm_context *lp_ctx;
+ PyObject *py_lp_ctx = Py_None;
+ enum credentials_obtained obt = CRED_SPECIFIED;
+ int _obt = obt;
+ if (!PyArg_ParseTuple(args, "s|iO", &newval, &_obt, &py_lp_ctx))
+ return NULL;
+
+ mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ PyErr_NoMemory();
+ return NULL;
+ }
+
+ lp_ctx = lpcfg_from_py_object(mem_ctx, py_lp_ctx);
+ if (lp_ctx == NULL) {
+ talloc_free(mem_ctx);
+ return NULL;
+ }
+
+ ret = cli_credentials_set_ccache(PyCredentials_AsCliCredentials(self),
+ lp_ctx,
+ newval, CRED_SPECIFIED,
+ &error_string);
+
+ if (ret != 0) {
+ PyErr_SetString(PyExc_RuntimeError, error_string?error_string:"NULL");
+ return NULL;
+ }
+
+ talloc_free(mem_ctx);
+ Py_RETURN_NONE;
+}
+
static PyObject *py_creds_set_gensec_features(PyObject *self, PyObject *args)
{
unsigned int gensec_features;
@@ -756,6 +795,9 @@ static PyMethodDef py_creds_methods[] = {
{ "guess", py_creds_guess, METH_VARARGS, NULL },
{ "set_machine_account", py_creds_set_machine_account, METH_VARARGS, NULL },
{ "get_named_ccache", py_creds_get_named_ccache, METH_VARARGS, NULL },
+ { "set_named_ccache", py_creds_set_named_ccache, METH_VARARGS,
+ "S.set_named_ccache(krb5_ccache_name, obtained, lp) -> None\n"
+ "Set credentials to KRB5 Credentials Cache (by name)." },
{ "set_gensec_features", py_creds_set_gensec_features, METH_VARARGS, NULL },
{ "get_gensec_features", py_creds_get_gensec_features, METH_NOARGS, NULL },
{ "get_forced_sasl_mech", py_creds_get_forced_sasl_mech, METH_NOARGS,
diff --git a/python/samba/tests/krb5_credentials.py b/python/samba/tests/krb5_credentials.py
index ca638801522..a30a1869eb8 100644
--- a/python/samba/tests/krb5_credentials.py
+++ b/python/samba/tests/krb5_credentials.py
@@ -74,6 +74,15 @@ class PyKrb5CredentialsTests(TestCase):
ccache = self.machine_creds.get_named_ccache(self.lp)
self.assertIsNotNone(ccache.get_name())
+ def test_set_named_ccache(self):
+ ccache = self.machine_creds.get_named_ccache(self.lp)
+
+ creds = Credentials()
+ creds.set_named_ccache(ccache.get_name())
+
+ ccache2 = creds.get_named_ccache(self.lp)
+ self.assertEqual(ccache.get_name(), ccache2.get_name())
+
#
# Create the machine account
def create_machine_account(self):
--
2.11.0
From 7b0abbee8044a85d5e94e9c1a686562b06e69459 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 14:52:39 +1200
Subject: [PATCH 05/17] python/getopt: Add --krb5-ccache (for samba-tool etc)
to match the C binaries
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
python/samba/getopt.py | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/python/samba/getopt.py b/python/samba/getopt.py
index 9e1fb83167a..befc62b9936 100644
--- a/python/samba/getopt.py
+++ b/python/samba/getopt.py
@@ -158,6 +158,9 @@ class CredentialsOptions(optparse.OptionGroup):
action="callback",
help="Use stored machine account password",
callback=self._set_machine_pass)
+ self._add_option("--krb5-ccache", metavar="KRB5CCNAME",
+ action="callback", type=str,
+ help="Kerberos Credentials cache", callback=self._set_krb5_ccache)
self.creds = Credentials()
def _add_option(self, *args1, **kwargs):
@@ -198,6 +201,9 @@ class CredentialsOptions(optparse.OptionGroup):
def _set_simple_bind_dn(self, option, opt_str, arg, parser):
self.creds.set_bind_dn(arg)
+ def _set_krb5_ccache(self, option, opt_str, arg, parser):
+ self.creds.set_named_ccache(arg)
+
def get_credentials(self, lp, fallback_machine=False):
"""Obtain the credentials set on the command-line.
--
2.11.0
From 38a3ff2ba5cd39da858995407411c2ddc283171a Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 15:02:00 +1200
Subject: [PATCH 06/17] selftest: Use self.runsubcmd() to run samba-tool for
_test_join in ridalloc_exop.py
This is the standard way to run samba-tool from in the test scripts and allows
assertion that the command ran as expected
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/ridalloc_exop.py | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/source4/torture/drs/python/ridalloc_exop.py b/source4/torture/drs/python/ridalloc_exop.py
index 9196f4a13ed..97e109abcd2 100644
--- a/source4/torture/drs/python/ridalloc_exop.py
+++ b/source4/torture/drs/python/ridalloc_exop.py
@@ -305,14 +305,14 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
def _test_join(self, server, netbios_name):
tmpdir = os.path.join(self.tempdir, "targetdir")
creds = self.get_credentials()
- cmd = cmd_sambatool.subcommands['domain'].subcommands['join']
- result = cmd._run("samba-tool domain join",
- creds.get_realm(),
- "dc", "-U%s%%%s" % (creds.get_username(),
- creds.get_password()),
- '--targetdir=%s' % tmpdir,
- '--server=%s' % server,
- "--option=netbios name = %s" % netbios_name)
+ (result, out, err) = self.runsubcmd("domain", "join",
+ creds.get_realm(),
+ "dc", "-U%s%%%s" % (creds.get_username(),
+ creds.get_password()),
+ '--targetdir=%s' % tmpdir,
+ '--server=%s' % server,
+ "--option=netbios name = %s" % netbios_name)
+ self.assertCmdSuccess(result, out, err)
return tmpdir
def _test_force_demote(self, server, netbios_name):
--
2.11.0
From 76f0a1e46f02e6ea938f7487f68cdad42e4bfc6d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 15:05:08 +1200
Subject: [PATCH 07/17] selftest: Use self.runsubcmd() to run samba-tool for
_test_force_demote in ridalloc_exop.py
This is the standard way to run samba-tool from in the test scripts and allows
assertion that the command ran as expected
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/ridalloc_exop.py | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/source4/torture/drs/python/ridalloc_exop.py b/source4/torture/drs/python/ridalloc_exop.py
index 97e109abcd2..8b5a32d7f75 100644
--- a/source4/torture/drs/python/ridalloc_exop.py
+++ b/source4/torture/drs/python/ridalloc_exop.py
@@ -317,12 +317,12 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
def _test_force_demote(self, server, netbios_name):
creds = self.get_credentials()
- cmd = cmd_sambatool.subcommands['domain'].subcommands['demote']
- result = cmd._run("samba-tool domain demote",
- "-U%s%%%s" % (creds.get_username(),
- creds.get_password()),
- '--server=%s' % server,
- "--remove-other-dead-server=%s" % netbios_name)
+ (result, out, err) = self.runsubcmd("domain", "demote",
+ "-U%s%%%s" % (creds.get_username(),
+ creds.get_password()),
+ '--server=%s' % server,
+ "--remove-other-dead-server=%s" % netbios_name)
+ self.assertCmdSuccess(result, out, err)
def test_offline_manual_seized_ridalloc_with_dbcheck(self):
"""Peform the same actions as test_offline_samba_tool_seized_ridalloc,
--
2.11.0
From af9090ba7dc9ea07c3ef1de31db9a2a99713bd91 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 15:06:10 +1200
Subject: [PATCH 08/17] selftest: Remove unused import in ridalloc_exop.py
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/ridalloc_exop.py | 1 -
1 file changed, 1 deletion(-)
diff --git a/source4/torture/drs/python/ridalloc_exop.py b/source4/torture/drs/python/ridalloc_exop.py
index 8b5a32d7f75..e2f6d043a8c 100644
--- a/source4/torture/drs/python/ridalloc_exop.py
+++ b/source4/torture/drs/python/ridalloc_exop.py
@@ -40,7 +40,6 @@ from samba.drs_utils import drs_DsBind
from samba.samdb import SamDB
import shutil, tempfile, os
-from samba.netcmd.main import cmd_sambatool
from samba.auth import system_session, admin_session
from samba.dbchecker import dbcheck
from samba.ndr import ndr_pack
--
2.11.0
From 23d5ec82c2add6e54a02d9eeffd90c3ee4b5ecd0 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 15:25:36 +1200
Subject: [PATCH 09/17] selftest: Port DrsBaseTestCase._net_drs_replicate() to
self.runsubcmd()
This avoids forking a subprocess with self.check_run()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 26 +++++++++++++++++++-------
1 file changed, 19 insertions(+), 7 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index f07592d9e56..bcff1eb7f67 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -108,20 +108,32 @@ class DrsBaseTestCase(SambaToolCmdTest):
# bin/samba-tool drs <drs_command> <cmdline_auth>
return "%s drs %s %s" % (samba_tool_cmd, drs_command, cmdline_auth)
+ def _samba_tool_cmd_list(self, drs_command):
+ # make command line credentials string
+ creds = self.get_credentials()
+ cmdline_auth = "-U%s/%s%%%s" % (creds.get_domain(),
+ creds.get_username(), creds.get_password())
+ # bin/samba-tool drs <drs_command> <cmdline_auth>
+ return ["drs", drs_command, cmdline_auth]
+
def _net_drs_replicate(self, DC, fromDC, nc_dn=None, forced=True, local=False, full_sync=False):
if nc_dn is None:
nc_dn = self.domain_dn
# make base command line
- samba_tool_cmdline = self._samba_tool_cmdline("replicate")
+ samba_tool_cmdline = self._samba_tool_cmd_list("replicate")
+ # bin/samba-tool drs replicate <Dest_DC_NAME> <Src_DC_NAME> <Naming Context>
+ samba_tool_cmdline += [DC, fromDC, nc_dn]
+
if forced:
- samba_tool_cmdline += " --sync-forced"
+ samba_tool_cmdline += ["--sync-forced"]
if local:
- samba_tool_cmdline += " --local"
+ samba_tool_cmdline += ["--local"]
if full_sync:
- samba_tool_cmdline += " --full-sync"
- # bin/samba-tool drs replicate <Dest_DC_NAME> <Src_DC_NAME> <Naming Context>
- cmd_line = "%s %s %s %s" % (samba_tool_cmdline, DC, fromDC, nc_dn)
- return self.check_output(cmd_line)
+ samba_tool_cmdline += ["--full-sync"]
+
+ (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _enable_inbound_repl(self, DC):
# make base command line
--
2.11.0
From e2907816e2fca6ad63fd2fb7058c23e114b9165d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:01:56 +1200
Subject: [PATCH 10/17] selftest: Port DrsBaseTestCase to self.runsubcmd()
This avoids forking a subprocess with self.check_run() for:
- _disable_inbound_repl
- _enable_inbound_repl
- _disable_all_repl
- _enable_all_repl
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 30 +++++++++++++++++++++---------
1 file changed, 21 insertions(+), 9 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index bcff1eb7f67..7b467b98019 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -139,27 +139,39 @@ class DrsBaseTestCase(SambaToolCmdTest):
# make base command line
samba_tool_cmd = self._samba_tool_cmdline("options")
# disable replication
- self.check_run("%s %s --dsa-option=-DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmdline += [DC, "--dsa-option=-DISABLE_INBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _disable_inbound_repl(self, DC):
# make base command line
samba_tool_cmd = self._samba_tool_cmdline("options")
# disable replication
- self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmdline += [DC, "--dsa-option=+DISABLE_INBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _enable_all_repl(self, DC):
+ self.enable_inbound_repl(DC)
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
- # disable replication
- self.check_run("%s %s --dsa-option=-DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
- self.check_run("%s %s --dsa-option=-DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmdline = self._samba_tool_cmdline("options")
+ # enable replication
+ samba_tool_cmdline += [DC, "--dsa-option=-DISABLE_OUTBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _disable_all_repl(self, DC):
+ self.disable_inbound_repl(DC)
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
+ samba_tool_cmdline = self._samba_tool_cmdline("options")
# disable replication
- self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
- self.check_run("%s %s --dsa-option=+DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmdline += [DC, "--dsa-option=+DISABLE_OUTBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _get_highest_hwm_utdv(self, ldb_conn):
res = ldb_conn.search("", scope=ldb.SCOPE_BASE, attrs=["highestCommittedUSN"])
--
2.11.0
From e6766cbb3bb1e1e0d2f35313a027d0ab1c1a6a0d Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:05:00 +1200
Subject: [PATCH 11/17] selftest: Port DrsBaseTestCase._enable_inbound_repl()
to self.runsubcmd()
This avoids forking a subprocess with self.check_run()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 31 +++++++++++--------------------
1 file changed, 11 insertions(+), 20 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index 7b467b98019..b99fa04c999 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -137,10 +137,10 @@ class DrsBaseTestCase(SambaToolCmdTest):
def _enable_inbound_repl(self, DC):
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
+ samba_tool_cmd = self._samba_tool_cmd_list("options")
# disable replication
- samba_tool_cmdline += [DC, "--dsa-option=-DISABLE_INBOUND_REPL"]
- (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
+ samba_tool_cmd += [DC, "--dsa-option=-DISABLE_INBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmd)
self.assertCmdSuccess(result, out, err)
self.assertEquals(err,"","Shouldn't be any error messages")
@@ -148,30 +148,21 @@ class DrsBaseTestCase(SambaToolCmdTest):
# make base command line
samba_tool_cmd = self._samba_tool_cmdline("options")
# disable replication
- samba_tool_cmdline += [DC, "--dsa-option=+DISABLE_INBOUND_REPL"]
- (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
- self.assertCmdSuccess(result, out, err)
- self.assertEquals(err,"","Shouldn't be any error messages")
+ self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
def _enable_all_repl(self, DC):
- self.enable_inbound_repl(DC)
# make base command line
- samba_tool_cmdline = self._samba_tool_cmdline("options")
- # enable replication
- samba_tool_cmdline += [DC, "--dsa-option=-DISABLE_OUTBOUND_REPL"]
- (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
- self.assertCmdSuccess(result, out, err)
- self.assertEquals(err,"","Shouldn't be any error messages")
+ samba_tool_cmd = self._samba_tool_cmdline("options")
+ # disable replication
+ self.check_run("%s %s --dsa-option=-DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
+ self.check_run("%s %s --dsa-option=-DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
def _disable_all_repl(self, DC):
- self.disable_inbound_repl(DC)
# make base command line
- samba_tool_cmdline = self._samba_tool_cmdline("options")
+ samba_tool_cmd = self._samba_tool_cmdline("options")
# disable replication
- samba_tool_cmdline += [DC, "--dsa-option=+DISABLE_OUTBOUND_REPL"]
- (result, out, err) = self.runsubcmd(*samba_tool_cmdline)
- self.assertCmdSuccess(result, out, err)
- self.assertEquals(err,"","Shouldn't be any error messages")
+ self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
+ self.check_run("%s %s --dsa-option=+DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
def _get_highest_hwm_utdv(self, ldb_conn):
res = ldb_conn.search("", scope=ldb.SCOPE_BASE, attrs=["highestCommittedUSN"])
--
2.11.0
From 917985ac47dd8b444ff9448fbd2cd786a9dc1d44 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:09:54 +1200
Subject: [PATCH 12/17] selftest: Port DrsBaseTestCase._disable_inbound_repl()
to self.runsubcmd()
This avoids forking a subprocess with self.check_run()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index b99fa04c999..3fb2743285b 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -146,9 +146,12 @@ class DrsBaseTestCase(SambaToolCmdTest):
def _disable_inbound_repl(self, DC):
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
+ samba_tool_cmd = self._samba_tool_cmd_list("options")
# disable replication
- self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmd += [DC, "--dsa-option=+DISABLE_INBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmd)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _enable_all_repl(self, DC):
# make base command line
--
2.11.0
From e9e63b07c28d7d7427058de9c1ac96c1c3e43103 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:11:12 +1200
Subject: [PATCH 13/17] selftest: Port DrsBaseTestCase._{en,dis}able_all_repl()
to self.runsubcmd()
This avoids forking a subprocess with self.check_run()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 30 +++++++++++++-----------------
1 file changed, 13 insertions(+), 17 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index 3fb2743285b..4f38ea047e9 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -98,16 +98,6 @@ class DrsBaseTestCase(SambaToolCmdTest):
def _make_obj_name(self, prefix):
return prefix + time.strftime("%s", time.gmtime())
- def _samba_tool_cmdline(self, drs_command):
- # find out where is net command
- samba_tool_cmd = os.path.abspath("./bin/samba-tool")
- # make command line credentials string
- creds = self.get_credentials()
- cmdline_auth = "-U%s/%s%%%s" % (creds.get_domain(),
- creds.get_username(), creds.get_password())
- # bin/samba-tool drs <drs_command> <cmdline_auth>
- return "%s drs %s %s" % (samba_tool_cmd, drs_command, cmdline_auth)
-
def _samba_tool_cmd_list(self, drs_command):
# make command line credentials string
creds = self.get_credentials()
@@ -154,18 +144,24 @@ class DrsBaseTestCase(SambaToolCmdTest):
self.assertEquals(err,"","Shouldn't be any error messages")
def _enable_all_repl(self, DC):
+ self._enable_inbound_repl(DC)
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
- # disable replication
- self.check_run("%s %s --dsa-option=-DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
- self.check_run("%s %s --dsa-option=-DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmd = self._samba_tool_cmd_list("options")
+ # enable replication
+ samba_tool_cmd += [DC, "--dsa-option=-DISABLE_OUTBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmd)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _disable_all_repl(self, DC):
+ self._disable_inbound_repl(DC)
# make base command line
- samba_tool_cmd = self._samba_tool_cmdline("options")
+ samba_tool_cmd = self._samba_tool_cmd_list("options")
# disable replication
- self.check_run("%s %s --dsa-option=+DISABLE_INBOUND_REPL" %(samba_tool_cmd, DC))
- self.check_run("%s %s --dsa-option=+DISABLE_OUTBOUND_REPL" %(samba_tool_cmd, DC))
+ samba_tool_cmd += [DC, "--dsa-option=+DISABLE_OUTBOUND_REPL"]
+ (result, out, err) = self.runsubcmd(*samba_tool_cmd)
+ self.assertCmdSuccess(result, out, err)
+ self.assertEquals(err,"","Shouldn't be any error messages")
def _get_highest_hwm_utdv(self, ldb_conn):
res = ldb_conn.search("", scope=ldb.SCOPE_BASE, attrs=["highestCommittedUSN"])
--
2.11.0
From 985e73ebc5c6d53905a3a6fd5bd568568403c454 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:25:19 +1200
Subject: [PATCH 14/17] selftest: Use new --krb5-ccache in drs_base.py
This means that instead of doing a new kinit, the process-wide ccache
is re-used, which is much faster.
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/drs_base.py | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index 4f38ea047e9..fa6079acf2b 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -100,9 +100,15 @@ class DrsBaseTestCase(SambaToolCmdTest):
def _samba_tool_cmd_list(self, drs_command):
# make command line credentials string
+
creds = self.get_credentials()
- cmdline_auth = "-U%s/%s%%%s" % (creds.get_domain(),
- creds.get_username(), creds.get_password())
+ ccache = creds.get_named_ccache(self.get_loadparm())
+ ccache_name = ccache.get_name()
+
+ # Tunnel the command line credentials down to the
+ # subcommand to avoid a new kinit
+ cmdline_auth = "--krb5-ccache=%s" % ccache_name
+
# bin/samba-tool drs <drs_command> <cmdline_auth>
return ["drs", drs_command, cmdline_auth]
--
2.11.0
From e88d0badc24679c2ab6bb52f46ef4938ca4577d3 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:29:14 +1200
Subject: [PATCH 15/17] selftest: Add and use new helper function
get_creds_ccache_name()
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
python/samba/tests/__init__.py | 7 +++++++
source4/torture/drs/python/drs_base.py | 4 +---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/python/samba/tests/__init__.py b/python/samba/tests/__init__.py
index 07c68c4e9f2..2ddfd9d2273 100644
--- a/python/samba/tests/__init__.py
+++ b/python/samba/tests/__init__.py
@@ -67,6 +67,13 @@ class TestCase(unittest.TestCase):
def get_credentials(self):
return cmdline_credentials
+ def get_creds_ccache_name(self):
+ creds = self.get_credentials()
+ ccache = creds.get_named_ccache(self.get_loadparm())
+ ccache_name = ccache.get_name()
+
+ return ccache_name
+
def hexdump(self, src):
N = 0
result = ''
diff --git a/source4/torture/drs/python/drs_base.py b/source4/torture/drs/python/drs_base.py
index fa6079acf2b..01ea74c3e20 100644
--- a/source4/torture/drs/python/drs_base.py
+++ b/source4/torture/drs/python/drs_base.py
@@ -101,9 +101,7 @@ class DrsBaseTestCase(SambaToolCmdTest):
def _samba_tool_cmd_list(self, drs_command):
# make command line credentials string
- creds = self.get_credentials()
- ccache = creds.get_named_ccache(self.get_loadparm())
- ccache_name = ccache.get_name()
+ ccache_name = self.get_creds_ccache_name()
# Tunnel the command line credentials down to the
# subcommand to avoid a new kinit
--
2.11.0
From f43e38b53ef6866b067108af7168f12a2b47b3ae Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:31:15 +1200
Subject: [PATCH 16/17] selftest: Use get_creds_ccache_name() in fsmo.py
This avoids a new kinit for every role transfer
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/fsmo.py | 5 ++---
1 file changed, 2 insertions(+), 3 deletions(-)
diff --git a/source4/torture/drs/python/fsmo.py b/source4/torture/drs/python/fsmo.py
index 4dd652d13be..50b7dc3b2c4 100644
--- a/source4/torture/drs/python/fsmo.py
+++ b/source4/torture/drs/python/fsmo.py
@@ -58,9 +58,8 @@ class DrsFsmoTestCase(drs_base.DrsBaseTestCase):
# find out where is samba-tool command
net_cmd = os.path.abspath("./bin/samba-tool")
# make command line credentials string
- creds = self.get_credentials()
- cmd_line_auth = "-U%s/%s%%%s" % (creds.get_domain(),
- creds.get_username(), creds.get_password())
+ ccache_name = self.get_creds_ccache_name()
+ cmd_line_auth = "--krb5-ccache=%s" % ccache_name
(result, out, err) = self.runsubcmd("fsmo", "transfer",
"--role=%s" % role,
"-H", "ldap://%s:389" % DC,
--
2.11.0
From d8b5fc6100aeb2fafa15dbea73acf324cfcb07f7 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet at samba.org>
Date: Thu, 6 Jul 2017 16:33:41 +1200
Subject: [PATCH 17/17] selftest: Use self.get_creds_ccache_name() in
ridalloc_exop.py
This avoids a new kinit for each join and demote
Signed-off-by: Andrew Bartlett <abartlet at samba.org>
---
source4/torture/drs/python/ridalloc_exop.py | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/source4/torture/drs/python/ridalloc_exop.py b/source4/torture/drs/python/ridalloc_exop.py
index e2f6d043a8c..65629f5b7b6 100644
--- a/source4/torture/drs/python/ridalloc_exop.py
+++ b/source4/torture/drs/python/ridalloc_exop.py
@@ -303,11 +303,11 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
def _test_join(self, server, netbios_name):
tmpdir = os.path.join(self.tempdir, "targetdir")
- creds = self.get_credentials()
+ ccache_name = self.get_creds_ccache_name()
(result, out, err) = self.runsubcmd("domain", "join",
creds.get_realm(),
- "dc", "-U%s%%%s" % (creds.get_username(),
- creds.get_password()),
+ "dc",
+ "--krb5-ccache=%s" % ccache_name,
'--targetdir=%s' % tmpdir,
'--server=%s' % server,
"--option=netbios name = %s" % netbios_name)
@@ -315,10 +315,9 @@ class DrsReplicaSyncTestCase(drs_base.DrsBaseTestCase):
return tmpdir
def _test_force_demote(self, server, netbios_name):
- creds = self.get_credentials()
+ ccache_name = self.get_creds_ccache_name()
(result, out, err) = self.runsubcmd("domain", "demote",
- "-U%s%%%s" % (creds.get_username(),
- creds.get_password()),
+ "--krb5-ccache=%s" % ccache_name,
'--server=%s' % server,
"--remove-other-dead-server=%s" % netbios_name)
self.assertCmdSuccess(result, out, err)
--
2.11.0
More information about the samba-technical
mailing list