The branch, master has been updated
via 7c786f8 s3/winbindd: using default domain with [email protected]
format fails
via ebfe3c8 Add a blackbox tests for id & getent to test domain@realm
type credentials
via c514fb6 dbwrap_watch: Improve a debug message
from 3f1f6e0 heimdal: revert 1f90983324b9f5804dc57f87c5f7695b0e53db8d
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 7c786f89820dc1f8e2a7e8da1b80042dd69b7188
Author: Noel Power <[email protected]>
Date: Tue Sep 20 11:49:49 2016 +0100
s3/winbindd: using default domain with [email protected] format fails
For example for samba client joined to a windows AD DC the following
commands fail if 'winbind use default domain = yes'
getent passwd [email protected]
ssh -o [email protected] localhost
The same commands succeed if the setting above has the default 'no' value
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298
Signed-off-by: Noel Power <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
Autobuild-User(master): Jeremy Allison <[email protected]>
Autobuild-Date(master): Mon Oct 3 23:37:44 CEST 2016 on sn-devel-144
commit ebfe3c85d0bbdf5d5f7459ddd61e3b44c3ec2bd3
Author: Noel Power <[email protected]>
Date: Thu Sep 29 16:50:58 2016 +0100
Add a blackbox tests for id & getent to test domain@realm type credentials
Using domain@realm credentials has been problematic when
global conf setting "winbind use default domain" is enabled, this patch
creates a new s4member_dflt_domain environment (where
"winbind use default domain" is enabled) and runs getent & id against the
normal s4member & and new s4member_dflt_domain environments
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298
Signed-off-by: Noel Power <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
Reviewed-by: Andreas Schneider <[email protected]>
commit c514fb6b62a904b7aaea17a78ea05299e0f462a1
Author: Volker Lendecke <[email protected]>
Date: Tue Sep 20 10:52:46 2016 -0700
dbwrap_watch: Improve a debug message
Signed-off-by: Volker Lendecke <[email protected]>
Reviewed-by: Jeremy Allison <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba.pm | 1 +
selftest/target/Samba4.pm | 34 ++++++++++++++++++++++---
source3/lib/dbwrap/dbwrap_watch.c | 4 ++-
source3/winbindd/winbindd_util.c | 5 ++--
source4/selftest/tests.py | 7 +++++
testprogs/blackbox/{nsstest.sh => dom_parse.sh} | 13 +++++++---
6 files changed, 53 insertions(+), 11 deletions(-)
copy testprogs/blackbox/{nsstest.sh => dom_parse.sh} (56%)
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index d60358e..24484c9 100644
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -307,6 +307,7 @@ sub get_interface($)
$interfaces{"fileserver"} = 35;
$interfaces{"fakednsforwarder1"} = 36;
$interfaces{"fakednsforwarder2"} = 37;
+ $interfaces{"s4member_dflt"} = 38;
# update lib/socket_wrapper/socket_wrapper.c
# #define MAX_WRAPPED_INTERFACES 40
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 176b3c3..a09abea 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -965,9 +965,9 @@ $extra_smbconf_shares
return $self->provision_raw_step2($ctx, $ret);
}
-sub provision_s4member($$$)
+sub provision_s4member($$$$$)
{
- my ($self, $prefix, $dcvars) = @_;
+ my ($self, $prefix, $dcvars, $hostname, $more_conf) = @_;
print "PROVISIONING MEMBER...\n";
my $extra_smb_conf = "
passdb backend = samba_dsdb
@@ -986,9 +986,12 @@ rpc_server:spoolss = embedded
rpc_daemon:spoolssd = embedded
rpc_server:tcpip = no
";
+ if ($more_conf) {
+ $extra_smb_conf = $extra_smb_conf . $more_conf . "\n";
+ }
my $ret = $self->provision($prefix,
"member server",
- "s4member",
+ $hostname,
"SAMBADOMAIN",
"samba.example.com",
"2008",
@@ -1988,6 +1991,11 @@ sub setup_env($$$)
$self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
}
return $self->setup_subdom_dc("$path/subdom_dc",
$self->{vars}->{ad_dc_ntvfs});
+ } elsif ($envname eq "s4member_dflt_domain") {
+ if (not defined($self->{vars}->{ad_dc_ntvfs})) {
+ $self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
+ }
+ return
$self->setup_s4member_dflt_domain("$path/s4member_dflt_domain",
$self->{vars}->{ad_dc_ntvfs});
} elsif ($envname eq "s4member") {
if (not defined($self->{vars}->{ad_dc_ntvfs})) {
$self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
@@ -2026,7 +2034,7 @@ sub setup_s4member($$$)
{
my ($self, $path, $dc_vars) = @_;
- my $env = $self->provision_s4member($path, $dc_vars);
+ my $env = $self->provision_s4member($path, $dc_vars, "s4member");
if (defined $env) {
if (not defined($self->check_or_start($env, "standard"))) {
@@ -2039,6 +2047,24 @@ sub setup_s4member($$$)
return $env;
}
+sub setup_s4member_dflt_domain($$$)
+{
+ my ($self, $path, $dc_vars) = @_;
+
+ my $env = $self->provision_s4member($path, $dc_vars, "s4member_dflt",
+ "winbind use default domain = yes");
+
+ if (defined $env) {
+ if (not defined($self->check_or_start($env, "standard"))) {
+ return undef;
+ }
+
+ $self->{vars}->{s4member_dflt_domain} = $env;
+ }
+
+ return $env;
+}
+
sub setup_rpc_proxy($$$)
{
my ($self, $path, $dc_vars) = @_;
diff --git a/source3/lib/dbwrap/dbwrap_watch.c
b/source3/lib/dbwrap/dbwrap_watch.c
index 00c332f..a44f6f1 100644
--- a/source3/lib/dbwrap/dbwrap_watch.c
+++ b/source3/lib/dbwrap/dbwrap_watch.c
@@ -737,7 +737,9 @@ static bool dbwrap_watched_remove_waiter(struct
db_watched_subrec *subrec,
}
if (i == num_watchers) {
- DBG_WARNING("Did not find id in state->watchers\n");
+ struct server_id_buf buf;
+ DBG_WARNING("Did not find %s in state->watchers\n",
+ server_id_str_buf(id, &buf));
return false;
}
diff --git a/source3/winbindd/winbindd_util.c b/source3/winbindd/winbindd_util.c
index f0344b1..d707173 100644
--- a/source3/winbindd/winbindd_util.c
+++ b/source3/winbindd/winbindd_util.c
@@ -1103,10 +1103,11 @@ bool parse_domain_user(const char *domuser, fstring
domain, fstring user)
if ( !p ) {
fstrcpy(user, domuser);
+ p = strchr(domuser, '@');
- if ( assume_domain(lp_workgroup())) {
+ if ( assume_domain(lp_workgroup()) && p == NULL) {
fstrcpy(domain, lp_workgroup());
- } else if ((p = strchr(domuser, '@')) != NULL) {
+ } else if (p != NULL) {
fstrcpy(domain, p + 1);
user[PTR_DIFF(p, domuser)] = 0;
} else {
diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 61d9a82..5131899 100755
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -519,6 +519,13 @@ for env in ["nt4_dc", "nt4_member", "ad_dc", "ad_member",
"s4member", "chgdcpass
plantestsuite("samba.ntlm_auth.(%s:local)" % env, "%s:local" % env,
[os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_s3.sh"),
valgrindify(python), samba3srcdir, ntlm_auth3, '$DOMAIN', '$DC_USERNAME',
'$DC_PASSWORD', configuration])
+for env in ["s4member_dflt_domain", "s4member"]:
+ for cmd in ["id", "getent"]:
+ users = ["$DC_USERNAME", "$DC_USERNAME@$REALM"]
+ if env == "s4member":
+ users = ["$DOMAIN/$DC_USERNAME", "$DC_USERNAME@$REALM"]
+ for usr in users:
+ plantestsuite("samba4.winbind.dom_name_parse.cmd", env,
"%s/dom_parse.sh %s %s" % (bbdir,cmd,usr))
nsstest4 = binpath("nsstest")
for env in ["ad_dc:local", "s4member:local", "nt4_dc:local",
"ad_member:local", "nt4_member:local"]:
diff --git a/testprogs/blackbox/nsstest.sh b/testprogs/blackbox/dom_parse.sh
similarity index 56%
copy from testprogs/blackbox/nsstest.sh
copy to testprogs/blackbox/dom_parse.sh
index bbca904..dd14f0d 100755
--- a/testprogs/blackbox/nsstest.sh
+++ b/testprogs/blackbox/dom_parse.sh
@@ -5,18 +5,23 @@
if [ $# -lt 2 ]; then
cat <<EOF
-Usage: nsstest.sh NSSTEST LIBNSS_WINBIND
+Usage: dom_parse.sh [id|getent] $USER
EOF
exit 1;
fi
-nsstest=$1
-libnss_winbind=$2
+USER=$2
+CMD=$1
+EXTRA=""
shift 2
failed=0
. `dirname $0`/subunit.sh
-testit "run nsstest" $VALGRIND $nsstest $libnss_winbind || failed=`expr
$failed + 1`
+if [ "$CMD" = "getent" ]; then
+ EXTRA="passwd"
+fi
+
+testit "samba4.winbind.dom_name_parse.cmd.$CMD" $CMD $EXTRA $USER ||
failed=`expr $failed + 1`
exit $failed
--
Samba Shared Repository
