The branch, master has been updated
via 945e55c s3-selftest: Add a substituions testcase
via dadcfe9 selftest: Create a share with %D %U and %G substituion
via 619ca5f s3-lib: Fix %G substitution in AD member environment
via dd5c44b selftest: Create AD users alice and bob
from f6f6263 torture/ioctl: test compression responses when unsupported
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 945e55c511bb8fd0040cba0e5950de5972ef9875
Author: Andreas Schneider <[email protected]>
Date: Sun Sep 25 19:35:12 2016 +0200
s3-selftest: Add a substituions testcase
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
Autobuild-User(master): Andreas Schneider <[email protected]>
Autobuild-Date(master): Fri Oct 7 15:52:36 CEST 2016 on sn-devel-144
commit dadcfe9fca276f729917dbe893e8fc9f852e580b
Author: Andreas Schneider <[email protected]>
Date: Sun Sep 25 18:42:17 2016 +0200
selftest: Create a share with %D %U and %G substituion
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit 619ca5f63c47ff8b021692aaa756dcb0d883b8dd
Author: Andreas Schneider <[email protected]>
Date: Mon Sep 19 13:59:54 2016 +0200
s3-lib: Fix %G substitution in AD member environment
If we are a domain member we should look up the user with the domain
name specified else it will only work if we have
'winbind use default domain' set.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=12276
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
commit dd5c44b98d493ccc4406437247535f4b892f0b64
Author: Andreas Schneider <[email protected]>
Date: Sun Sep 25 18:41:50 2016 +0200
selftest: Create AD users alice and bob
Signed-off-by: Andreas Schneider <[email protected]>
Reviewed-by: Ralph Boehme <[email protected]>
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 25 ++++++++++++++++++++++-
selftest/target/Samba4.pm | 16 +++++++++++++++
source3/lib/substitute.c | 24 ++++++++++++++++------
source3/script/tests/test_substitutions.sh | 32 ++++++++++++++++++++++++++++++
source3/selftest/tests.py | 2 +-
5 files changed, 91 insertions(+), 8 deletions(-)
create mode 100755 source3/script/tests/test_substitutions.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index d0dcdf1..3746d53 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -370,6 +370,9 @@ sub setup_admember($$$$)
{
my ($self, $prefix, $dcvars) = @_;
+ my $prefix_abs = abs_path($prefix);
+ my @dirs = ();
+
# If we didn't build with ADS, pretend this env was never available
if (not $self->have_ads()) {
return "UNKNOWN";
@@ -377,11 +380,30 @@ sub setup_admember($$$$)
print "PROVISIONING S3 AD MEMBER...";
+ mkdir($prefix_abs, 0777);
+
+ my $share_dir="$prefix_abs/share";
+ push(@dirs, $share_dir);
+
+ my $substitution_path = "$share_dir/D_SAMBADOMAIN";
+ push(@dirs, $substitution_path);
+
+ $substitution_path = "$share_dir/D_SAMBADOMAIN/U_alice";
+ push(@dirs, $substitution_path);
+
+ $substitution_path = "$share_dir/D_SAMBADOMAIN/U_alice/G_domain users";
+ push(@dirs, $substitution_path);
+
my $member_options = "
security = ads
workgroup = $dcvars->{DOMAIN}
realm = $dcvars->{REALM}
netbios aliases = foo bar
+
+[subDUG]
+ path = $share_dir/D_%D/U_%U/G_%G
+ writeable = yes
+
";
my $ret = $self->provision($prefix,
@@ -393,12 +415,13 @@ sub setup_admember($$$$)
$ret or return undef;
+ mkdir($_, 0777) foreach(@dirs);
+
close(USERMAP);
$ret->{DOMAIN} = $dcvars->{DOMAIN};
$ret->{REALM} = $dcvars->{REALM};
my $ctx;
- my $prefix_abs = abs_path($prefix);
$ctx = {};
$ctx->{krb5_conf} = "$prefix_abs/lib/krb5.conf";
$ctx->{domain} = $dcvars->{DOMAIN};
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index a09abea..40cca94 100755
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -805,6 +805,22 @@ userPrincipalName: testdenied_upn\@$ctx->{realm}.upn
return undef;
}
+ # Create to users alice and bob!
+ my $user_account_array = ["alice", "bob"];
+
+ foreach my $user_account (@{$user_account_array}) {
+ my $samba_tool_cmd = "";
+
+ $samba_tool_cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $samba_tool_cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" ";
+ $samba_tool_cmd .= Samba::bindir_path($self, "samba-tool")
+ . " user create --configfile=$ctx->{smb_conf} $user_account
Secret007";
+ unless (system($samba_tool_cmd) == 0) {
+ warn("Unable to create user:
$user_account\n$samba_tool_cmd\n");
+ return undef;
+ }
+ }
+
return $ret;
}
diff --git a/source3/lib/substitute.c b/source3/lib/substitute.c
index bcfdd29..752f108 100644
--- a/source3/lib/substitute.c
+++ b/source3/lib/substitute.c
@@ -499,15 +499,18 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx,
break;
case 'G' : {
struct passwd *pass;
+ bool is_domain_name = false;
+ const char *sep = lp_winbind_separator();
if (domain_name != NULL && domain_name[0] != '\0' &&
- !strequal(domain_name, my_sam_name()))
- {
+ (lp_security() == SEC_ADS ||
+ lp_security() == SEC_DOMAIN)) {
r = talloc_asprintf(tmp_ctx,
"%s%c%s",
domain_name,
- *lp_winbind_separator(),
+ *sep,
smb_name);
+ is_domain_name = true;
} else {
r = talloc_strdup(tmp_ctx, smb_name);
}
@@ -517,9 +520,18 @@ char *talloc_sub_basic(TALLOC_CTX *mem_ctx,
pass = Get_Pwnam_alloc(tmp_ctx, r);
if (pass != NULL) {
- a_string = realloc_string_sub(
- a_string, "%G",
- gidtoname(pass->pw_gid));
+ char *group_name;
+
+ group_name = gidtoname(pass->pw_gid);
+ if (is_domain_name) {
+ p = strchr_m(group_name, *sep);
+ if (p != NULL) {
+ group_name = p + 1;
+ }
+ }
+ a_string = realloc_string_sub(a_string,
+ "%G",
+ group_name);
}
TALLOC_FREE(pass);
break;
diff --git a/source3/script/tests/test_substitutions.sh
b/source3/script/tests/test_substitutions.sh
new file mode 100755
index 0000000..0852ad9
--- /dev/null
+++ b/source3/script/tests/test_substitutions.sh
@@ -0,0 +1,32 @@
+#!/bin/sh
+# Blackbox tests for substitutions
+#
+# Copyright (c) 2016 Andreas Schneider <[email protected]>
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: test_substitutions.sh SERVER USERNAME PASSWORD PREFIX
+EOF
+exit 1;
+fi
+
+SERVER=$1
+USERNAME=$2
+PASSWORD=$3
+PREFIX=$4
+shift 4
+failed=0
+
+samba_bindir="$BINDIR"
+samba_srcdir="$SRCDIR"
+smbclient="$samba_bindir/smbclient"
+
+. $samba_srcdir/testprogs/blackbox/subunit.sh
+. $samba_srcdir/testprogs/blackbox/common_test_fns.inc
+
+SMB_UNC="//$SERVER/subDUG"
+
+test_smbclient "Test login to share with substitution" \
+ "ls" "$SMB_UNC" "-U$USERNAME%$PASSWORD" || failed=$(expr $failed + 1)
+
+exit $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index d0f5334..ff61714 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -150,7 +150,7 @@ t = "--krb5auth=$DOMAIN/$DC_USERNAME%$DC_PASSWORD"
plantestsuite("samba3.wbinfo_simple.(%s:local).%s" % (env, t), "%s:local" %
env, [os.path.join(srcdir(), "nsswitch/tests/test_wbinfo_simple.sh"), t])
t = "WBCLIENT-MULTI-PING"
plantestsuite("samba3.smbtorture_s3.%s" % t, env, [os.path.join(samba3srcdir,
"script/tests/test_smbtorture_s3.sh"), t, '//foo/bar', '""', '""', smbtorture3,
""])
-
+plantestsuite("samba3.substitutions", env, [os.path.join(samba3srcdir,
"script/tests/test_substitutions.sh"), "$SERVER", "alice", "Secret007",
"$PREFIX"])
plantestsuite("samba3.ntlm_auth.krb5 with old ccache(ktest:local)",
"ktest:local", [os.path.join(samba3srcdir,
"script/tests/test_ntlm_auth_krb5.sh"), valgrindify(python), samba3srcdir,
ntlm_auth3, '$PREFIX/ktest/krb5_ccache-2', '$SERVER', configuration])
--
Samba Shared Repository
