What's the point of the samba.blackbox.pdbtest.s4winbind tests???

Andrew Bartlett abartlet at samba.org
Tue Nov 28 02:49:11 UTC 2017


On Tue, 2017-11-28 at 00:57 +0100, Stefan Metzmacher wrote:
> Hi Andrew,
> 
> can you explain why we have the
> samba.blackbox.pdbtest.s4winbind tests?

The purpose of the tests is to run a test of the auth_winbind and
auth_winbind_wbclient code so as to avoid regressions. 

The other pdbtest tests are likewise to ensure that less-used parts of
the auth stack still remain tested.  

> They are marked as knownfail anyway...

That is due to the changes that were made to winbind authentication 
2368f57b4d7bc26ba08273020d7281fab6f817c8 for the RODC, which meant that
for the irpc path we did not check the local SAM.  

> While removing support for "auth methods", I'd like to
> avoid adding some "pdbtest:auth methods" hacks.
> 
> Can we just remove these tests?

If we must remove winbind_wbclient then I guess so.  While nobody uses
winbind_wbclient, the protocols it drives are used. 

> I already have a patch to remove the unused winbind_wbclient backend.

What this helps with is to validate the winbindd authentication
protocols, which otherwise don't have a unit test for the info3
response etc.  

Another approach might be to make winbind_wbclient be in ntlm_auth,
instead of the bare struct handling. 

Andrew Bartlett

-- 
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team         https://samba.org
Samba Development and Support, Catalyst IT   
https://catalyst.net.nz/services/samba



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 862 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20171128/6dabf97b/signature.sig>


More information about the samba-technical mailing list