#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_group.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
-
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
rm -rf $PREFIX/simple-dc
mkdir -p $PREFIX
testit "user add" $PYTHON $samba_tool user create $CONFIG --given-name="User1" --surname="Tester" --initial="UT" testuser1 testp@ssw0Rd
# test samba-tool user getgroups command
-user_getgroups_primary_only() {
+user_getgroups_primary_only()
+{
res=$($PYTHON $samba_tool user getgroups $CONFIG testuser)
primary_group=$(echo $res)
testit "group addmembers" $PYTHON $samba_tool group addmembers $CONFIG udg testuser,testuser1
# test samba-tool user getgroups command
-user_getgroups() {
+user_getgroups()
+{
groups="dsg gsg usg ddg gdg udg"
res=$($PYTHON $samba_tool user getgroups $CONFIG testuser)
- for g in $groups ; do
+ for g in $groups; do
echo "$res" | grep -q "^${g}$" || return 1
done
testit "user getgroups" user_getgroups
# test samba-tool user getgroups --full-dn command
-user_getgroups_full_dn() {
+user_getgroups_full_dn()
+{
groups="dsg gsg usg ddg gdg udg"
res=$($PYTHON $samba_tool user getgroups --full-dn $CONFIG testuser)
- for g in $groups ; do
+ for g in $groups; do
group_dn=$($PYTHON $samba_tool group show $CONFIG $g --attributes=dn)
echo "$res" | grep -q "^${group_dn}$" || return 1
done
testit "user getgroups full-dn" user_getgroups
# test settings a users primary group
-user_getgroups_primary_first() {
+user_getgroups_primary_first()
+{
expected_primary_group=$1
res=$($PYTHON $samba_tool user getgroups $CONFIG testuser)
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_newuser.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
-
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
rm -rf $PREFIX/simple-dc
testit "simple-dc" $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --use-ntvfs
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_provision.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
#Prepare an empty smb.conf to ensure it is overwritten
rm -rf $PREFIX/simple-default
#And try with just whitespace
rm -rf $PREFIX/simple-dc
mkdir -p $PREFIX/simple-dc/etc
-echo " " > $PREFIX/simple-dc/etc/smb.conf
+echo " " >$PREFIX/simple-dc/etc/smb.conf
testit "simple-dc" $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/simple-dc --use-ntvfs
#The rest of these tests are with no smb.conf file present
rm -rf $PREFIX/blank-dc
testit "blank-dc" $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=FOO --realm=foo.example.com --domain-sid=S-1-5-21-4177067393-1453636373-93818738 --targetdir=$PREFIX/blank-dc --blank --use-ntvfs
-reprovision() {
+reprovision()
+{
$PYTHON $BINDIR/samba-tool domain provision --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/simple-default" --use-ntvfs
}
V_2012_R2=69
V_2008_R2=47
-check_baseschema() {
+check_baseschema()
+{
ldbsearch="ldbsearch"
if [ -x "$BINDIR/ldbsearch" ]; then
- ldbsearch="$BINDIR/ldbsearch"
+ ldbsearch="$BINDIR/ldbsearch"
fi
base=$($ldbsearch -H $PREFIX/$1/private/sam.ldb --scope=base dn)
- dom=$(echo "$base" | grep "dn: " | cut -d " " -f 2);
+ dom=$(echo "$base" | grep "dn: " | cut -d " " -f 2)
if [ -z "$dom" ]; then
- echo "Unexpected ldbsearch output: $base";
+ echo "Unexpected ldbsearch output: $base"
fi
version=$($ldbsearch -H $PREFIX/$1/private/sam.ldb --scope=base \
- "objectVersion" -b "CN=SCHEMA,CN=CONFIGURATION,$dom");
- version_num=$(echo "$version" | grep "objectVersion: " | cut -d " " -f 2);
+ "objectVersion" -b "CN=SCHEMA,CN=CONFIGURATION,$dom")
+ version_num=$(echo "$version" | grep "objectVersion: " | cut -d " " -f 2)
if [ "$version_num" -eq "$2" ]; then
- return 0;
+ return 0
fi
- echo "Fail: schema version $version_num != $2";
- return 1;
+ echo "Fail: schema version $version_num != $2"
+ return 1
}
tname="schema version"
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_s3upgrade.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
-PREFIX=`pwd`"/$1"
+PREFIX=$(pwd)"/$1"
shift 1
samba4bindir="$BINDIR"
samba_net="$samba4bindir/net"
testparm="$samba4bindir/testparm"
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
rm -rf $PREFIX/samba3-upgrade
mkdir -p $PREFIX/samba3-upgrade
cp -a $SRCDIR/testdata/samba3 $PREFIX/samba3-upgrade
# Test 1 (s3 member)
-cat - > $PREFIX/samba3-upgrade/samba3/smb1.conf <<EOF
+cat - >$PREFIX/samba3-upgrade/samba3/smb1.conf <<EOF
[global]
workgroup = SAMBA
security = user
testit "samba3-upgrade-member-getlocalsid" $samba_net getlocalsid s3upgrade --configfile=$PREFIX/samba3-upgrade/s4_1/etc/smb.conf
# Test 2 (s3 dc)
-cat - > $PREFIX/samba3-upgrade/samba3/smb2.conf <<EOF
+cat - >$PREFIX/samba3-upgrade/samba3/smb2.conf <<EOF
[global]
workgroup = SAMBA
netbiosname = S3UPGRADE
rm -f $PREFIX/samba3-upgrade/samba3/wins.dat
# Test 3 (s3 dc using testparm hook)
-cat - > $PREFIX/samba3-upgrade/samba3/smb3.conf <<EOF
+cat - >$PREFIX/samba3-upgrade/samba3/smb3.conf <<EOF
[global]
workgroup = SAMBA
netbiosname = S3UPGRADE
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_setpassword.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
samba_tool="./bin/samba-tool"
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_group.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
-
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
samba_tool="./bin/samba-tool"
# manually (you have to run the samba-tool 'backup restore' command instead).
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: $0 PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
DBPATH=$PREFIX/start-backup
mkdir -p $DBPATH
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
do_provision()
{
- $PYTHON $BINDIR/samba-tool domain provision \
- --domain=FOO --realm=foo.example.com --use-ntvfs \
- --targetdir=$DBPATH --option="pid directory = $DBPATH"
+ $PYTHON $BINDIR/samba-tool domain provision \
+ --domain=FOO --realm=foo.example.com --use-ntvfs \
+ --targetdir=$DBPATH --option="pid directory = $DBPATH"
}
add_backup_marker()
{
-# manually add the backup marker that the backup cmd usually adds
- $BINDIR/ldbmodify \
- -H tdb://$DBPATH/private/sam.ldb <<EOF
+ # manually add the backup marker that the backup cmd usually adds
+ $BINDIR/ldbmodify \
+ -H tdb://$DBPATH/private/sam.ldb <<EOF
dn: @SAMBA_DSDB
changetype: modify
add: backupDate
start_backup()
{
- # start samba in interactive mode (if we don't, samba daemonizes and so the
- # command's exit status is always zero (success), regardless of whether
- # samba actually starts up or not). However, this means if this assertion
- # were ever to fail (i.e. samba DOES startup from a backup file), then the
- # test case would just hang. So we use a max-run-time of 5 secs so that
- # samba will self-destruct in the bad case (max_runtime_handler() returns
- # zero/success in this case, which allows us to tell the good case from the
- # bad case).
- OPTS="--maximum-runtime=5 -i"
-
- # redirect logs to stderr (which we'll then redirect to stdout so we can
- # capture it in a bash variable)
- OPTS="$OPTS --debug-stdout"
-
- # start samba and capture the debug output
- OUTPUT=$($BINDIR/samba --configfile=$DBPATH/etc/smb.conf $OPTS 2>&1)
- if [ $? -eq 0 ] ; then
- echo "ERROR: Samba should not have started successfully"
- return 1
- fi
-
- # check the reason we're failing is because prime_ldb_databases() is
- # detecting that this is a backup DB (and not some other reason)
- echo "$OUTPUT" | grep "failed to start: Database is a backup"
+ # start samba in interactive mode (if we don't, samba daemonizes and so the
+ # command's exit status is always zero (success), regardless of whether
+ # samba actually starts up or not). However, this means if this assertion
+ # were ever to fail (i.e. samba DOES startup from a backup file), then the
+ # test case would just hang. So we use a max-run-time of 5 secs so that
+ # samba will self-destruct in the bad case (max_runtime_handler() returns
+ # zero/success in this case, which allows us to tell the good case from the
+ # bad case).
+ OPTS="--maximum-runtime=5 -i"
+
+ # redirect logs to stderr (which we'll then redirect to stdout so we can
+ # capture it in a bash variable)
+ OPTS="$OPTS --debug-stdout"
+
+ # start samba and capture the debug output
+ OUTPUT=$($BINDIR/samba --configfile=$DBPATH/etc/smb.conf $OPTS 2>&1)
+ if [ $? -eq 0 ]; then
+ echo "ERROR: Samba should not have started successfully"
+ return 1
+ fi
+
+ # check the reason we're failing is because prime_ldb_databases() is
+ # detecting that this is a backup DB (and not some other reason)
+ echo "$OUTPUT" | grep "failed to start: Database is a backup"
}
# setup a DB and manually mark it as being a "backup"
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_supported_features.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
mkdir -p $DBPATH
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
ldbmodify="ldbmodify"
if [ -x "$BINDIR/ldbmodify" ]; then
- ldbmodify="$BINDIR/ldbmodify"
+ ldbmodify="$BINDIR/ldbmodify"
fi
ldbdel="ldbdel"
if [ -x "$BINDIR/ldbdel" ]; then
- ldbdel="$BINDIR/ldbdel"
+ ldbdel="$BINDIR/ldbdel"
fi
ldbsearch="ldbsearch"
if [ -x "$BINDIR/ldbsearch" ]; then
- ldbsearch="$BINDIR/ldbsearch"
+ ldbsearch="$BINDIR/ldbsearch"
fi
testit "provision" $PYTHON $BINDIR/samba-tool domain provision \
- --domain=FOO --realm=foo.example.com \
- --targetdir=$DBPATH --use-ntvfs
+ --domain=FOO --realm=foo.example.com \
+ --targetdir=$DBPATH --use-ntvfs
testit "add-compatible-feature" $ldbmodify \
- -H tdb://$DBPATH/private/sam.ldb <<EOF
+ -H tdb://$DBPATH/private/sam.ldb <<EOF
dn: @SAMBA_DSDB
changetype: modify
add: compatibleFeatures
# should not be listed in compatibleFeatures even though we tried to
# put it there.
-ldb_search_fail() {
- $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
- -s base -b "$1" "$2" \
- | grep -q "$3"
+ldb_search_fail()
+{
+ $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
+ -s base -b "$1" "$2" |
+ grep -q "$3"
}
-
testit_expect_failure "find-compatible-feature" \
- ldb_search_fail '@SAMBA_DSDB' 'compatibleFeatures' non-existent-feature
-
+ ldb_search_fail '@SAMBA_DSDB' 'compatibleFeatures' non-existent-feature
# just make sure the thing we're using is normally findable
testit "find-test-feature" \
- $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
- -b 'CN=LostAndFound,DC=foo,DC=example,DC=com'
-
+ $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
+ -b 'CN=LostAndFound,DC=foo,DC=example,DC=com'
testit "add-required-feature" $ldbmodify \
- -H tdb://$DBPATH/private/sam.ldb <<EOF
+ -H tdb://$DBPATH/private/sam.ldb <<EOF
dn: @SAMBA_DSDB
changetype: modify
add: requiredFeatures
# required by this database. A search for anything should fail.
testit_expect_failure "find-required-feature" \
- $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
- -b 'CN=LostAndFound,DC=foo,DC=example,DC=com'
+ $ldbsearch -H tdb://$DBPATH/private/sam.ldb \
+ -b 'CN=LostAndFound,DC=foo,DC=example,DC=com'
rm -rf $DBPATH
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: blackbox_upgradeprovision.sh PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
[ ! -d $PREFIX ] && mkdir $PREFIX
-upgradeprovision_reference() {
- if [ -d $PREFIX/upgradeprovision_reference ]; then
- rm -fr $PREFIX/upgradeprovision_reference
- fi
+upgradeprovision_reference()
+{
+ if [ -d $PREFIX/upgradeprovision_reference ]; then
+ rm -fr $PREFIX/upgradeprovision_reference
+ fi
$PYTHON $BINDIR/samba-tool domain provision --host-name=bar --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/upgradeprovision_reference" --server-role="dc" --use-ntvfs --base-schema=2008_R2
}
-upgradeprovision() {
- if [ -d $PREFIX/upgradeprovision ]; then
- rm -fr $PREFIX/upgradeprovision
- fi
+upgradeprovision()
+{
+ if [ -d $PREFIX/upgradeprovision ]; then
+ rm -fr $PREFIX/upgradeprovision
+ fi
$PYTHON $BINDIR/samba-tool domain provision --host-name=bar --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/upgradeprovision" --server-role="dc" --use-ntvfs --base-schema=2008_R2
$PYTHON $BINDIR/samba_upgradeprovision --configfile="$PREFIX/upgradeprovision/etc/smb.conf" --debugchange
}
-upgradeprovision_full() {
- if [ -d $PREFIX/upgradeprovision_full ]; then
- rm -fr $PREFIX/upgradeprovision_full
- fi
+upgradeprovision_full()
+{
+ if [ -d $PREFIX/upgradeprovision_full ]; then
+ rm -fr $PREFIX/upgradeprovision_full
+ fi
$PYTHON $BINDIR/samba-tool domain provision --host-name=bar --domain=FOO --realm=foo.example.com --targetdir="$PREFIX/upgradeprovision_full" --server-role="dc" --use-ntvfs --base-schema=2008_R2
$PYTHON $BINDIR/samba_upgradeprovision --configfile="$PREFIX/upgradeprovision_full/etc/smb.conf" --full --debugchange
}
# upgradeprovision (because we did a provision with the same template)
# really doesn't change anything.
-ldapcmp() {
- $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --skip-missing-dn --filter=servicePrincipalName
+ldapcmp()
+{
+ $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --skip-missing-dn --filter=servicePrincipalName
}
-ldapcmp_full() {
- $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision_full/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --skip-missing-dn --filter=servicePrincipalName
+ldapcmp_full()
+{
+ $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision_full/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --skip-missing-dn --filter=servicePrincipalName
}
-ldapcmp_sd() {
- $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --sd --skip-missing-dn --filter=servicePrincipalName
+ldapcmp_sd()
+{
+ $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --sd --skip-missing-dn --filter=servicePrincipalName
}
-ldapcmp_full_sd() {
- $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision_full/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --sd --skip-missing-dn --filter=servicePrincipalName
+ldapcmp_full_sd()
+{
+ $PYTHON $BINDIR/samba-tool ldapcmp tdb://$PREFIX/upgradeprovision_full/private/sam.ldb tdb://$PREFIX/upgradeprovision_reference/private/sam.ldb --two --sd --skip-missing-dn --filter=servicePrincipalName
}
testit "upgradeprovision" upgradeprovision
testit "ldapcmp_full_sd" ldapcmp_full_sd
if [ -d $PREFIX/upgradeprovision ]; then
- rm -fr $PREFIX/upgradeprovision
+ rm -fr $PREFIX/upgradeprovision
fi
if [ -d $PREFIX/upgradeprovision_full ]; then
- rm -fr $PREFIX/upgradeprovision_full
+ rm -fr $PREFIX/upgradeprovision_full
fi
if [ -d $PREFIX/upgradeprovision_reference ]; then
- rm -fr $PREFIX/upgradeprovision_reference
+ rm -fr $PREFIX/upgradeprovision_reference
fi
exit $failed
#!/bin/sh
if [ $# -lt 1 ]; then
-cat <<EOF
+ cat <<EOF
Usage: $0 PREFIX
EOF
-exit 1;
+ exit 1
fi
PREFIX="$1"
shift 1
-. `dirname $0`/../../../testprogs/blackbox/subunit.sh
+. $(dirname $0)/../../../testprogs/blackbox/subunit.sh
# selftest sets the umask to zero. Explicitly set it to 022 here,
# which should mean files should never be writable for anyone else
-ORIG_UMASK=`umask`
+ORIG_UMASK=$(umask)
umask 0022
# checks that the files in the 'private' directory created are not
# world-writable
check_private_file_perms()
{
- target_dir="$1/private"
- result=0
-
- for file in `ls $target_dir/`
- do
- filepath="$target_dir/$file"
-
- # skip directories/sockets for now
- if [ ! -f $filepath ] ; then
- continue;
- fi
-
- # use stat to get the file permissions, i.e. -rw-------
- file_perm=`stat -c "%A" $filepath`
-
- # then use cut to drop the first 4 chars containing the file type
- # and owner permissions. What's left is the group and other users
- global_perm=`echo $file_perm | cut -c4-`
-
- # check the remainder doesn't have write permissions set
- if [ -z "${global_perm##*w*}" ] ; then
- echo "Error: $file has $file_perm permissions"
- result=1
- fi
- done
- return $result
+ target_dir="$1/private"
+ result=0
+
+ for file in $(ls $target_dir/); do
+ filepath="$target_dir/$file"
+
+ # skip directories/sockets for now
+ if [ ! -f $filepath ]; then
+ continue
+ fi
+
+ # use stat to get the file permissions, i.e. -rw-------
+ file_perm=$(stat -c "%A" $filepath)
+
+ # then use cut to drop the first 4 chars containing the file type
+ # and owner permissions. What's left is the group and other users
+ global_perm=$(echo $file_perm | cut -c4-)
+
+ # check the remainder doesn't have write permissions set
+ if [ -z "${global_perm##*w*}" ]; then
+ echo "Error: $file has $file_perm permissions"
+ result=1
+ fi
+ done
+ return $result
}
TARGET_DIR=$PREFIX/basic-dc
# create a dummy smb.conf - we need to use fake ACLs for the file system here
# (but passing --option args with spaces in it proved too difficult in bash)
SMB_CONF=$TARGET_DIR/tmp/smb.conf
-mkdir -p `dirname $SMB_CONF`
-echo "vfs objects = fake_acls xattr_tdb" > $SMB_CONF
+mkdir -p $(dirname $SMB_CONF)
+echo "vfs objects = fake_acls xattr_tdb" >$SMB_CONF
# provision a basic DC
testit "basic-provision" $PYTHON $BINDIR/samba-tool domain provision --server-role="dc" --domain=FOO --realm=foo.example.com --targetdir=$TARGET_DIR --configfile=$SMB_CONF