Add a blackbox tests for id & getent to test domain@realm type credentials

Using domain@realm credentials has been problematic when
global conf setting "winbind use default domain" is enabled, this patch
creates a new s4member_dflt_domain environment (where
"winbind use default domain" is enabled) and runs getent & id against the
normal s4member & and new s4member_dflt_domain environments

BUG: https://bugzilla.samba.org/show_bug.cgi?id=12298

Signed-off-by: Noel Power <noel.power@suse.com>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/selftest/target/Samba.pm b/selftest/target/Samba.pm
index d60358e0dcdf335f31e89186908957f384e2a8be..24484c970e7052961fff9a4148d891feda2d1a6b 100644 (file)
--- a/selftest/target/Samba.pm
+++ b/selftest/target/Samba.pm
@@ -307,6 +307,7 @@ sub get_interface($)
     $interfaces{"fileserver"} = 35;
     $interfaces{"fakednsforwarder1"} = 36;
     $interfaces{"fakednsforwarder2"} = 37;
+    $interfaces{"s4member_dflt"} = 38;
 
     # update lib/socket_wrapper/socket_wrapper.c
     #  #define MAX_WRAPPED_INTERFACES 40

diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 176b3c34998945d14f9999f93e44a42675b51535..a09abea59346e5da8c53f70d19b31ddfad03e713 100755 (executable)
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -965,9 +965,9 @@ $extra_smbconf_shares
        return $self->provision_raw_step2($ctx, $ret);
 }
 
-sub provision_s4member($$$)
+sub provision_s4member($$$$$)
 {
-       my ($self, $prefix, $dcvars) = @_;
+       my ($self, $prefix, $dcvars, $hostname, $more_conf) = @_;
        print "PROVISIONING MEMBER...\n";
        my $extra_smb_conf = "
         passdb backend = samba_dsdb
@@ -986,9 +986,12 @@ rpc_server:spoolss = embedded
 rpc_daemon:spoolssd = embedded
 rpc_server:tcpip = no
 ";
+       if ($more_conf) {
+               $extra_smb_conf = $extra_smb_conf . $more_conf . "\n";
+       }
        my $ret = $self->provision($prefix,
                                   "member server",
-                                  "s4member",
+                                  $hostname,
                                   "SAMBADOMAIN",
                                   "samba.example.com",
                                   "2008",
@@ -1988,6 +1991,11 @@ sub setup_env($$$)
                        $self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
                }
                return $self->setup_subdom_dc("$path/subdom_dc", $self->{vars}->{ad_dc_ntvfs});
+       } elsif ($envname eq "s4member_dflt_domain") {
+               if (not defined($self->{vars}->{ad_dc_ntvfs})) {
+                       $self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
+               }
+               return $self->setup_s4member_dflt_domain("$path/s4member_dflt_domain", $self->{vars}->{ad_dc_ntvfs});
        } elsif ($envname eq "s4member") {
                if (not defined($self->{vars}->{ad_dc_ntvfs})) {
                        $self->setup_ad_dc_ntvfs("$path/ad_dc_ntvfs");
@@ -2026,7 +2034,7 @@ sub setup_s4member($$$)
 {
        my ($self, $path, $dc_vars) = @_;
 
-       my $env = $self->provision_s4member($path, $dc_vars);
+       my $env = $self->provision_s4member($path, $dc_vars, "s4member");
 
        if (defined $env) {
                if (not defined($self->check_or_start($env, "standard"))) {
@@ -2039,6 +2047,24 @@ sub setup_s4member($$$)
        return $env;
 }
 
+sub setup_s4member_dflt_domain($$$)
+{
+       my ($self, $path, $dc_vars) = @_;
+
+       my $env = $self->provision_s4member($path, $dc_vars, "s4member_dflt",
+                                           "winbind use default domain = yes");
+
+       if (defined $env) {
+               if (not defined($self->check_or_start($env, "standard"))) {
+                       return undef;
+               }
+
+               $self->{vars}->{s4member_dflt_domain} = $env;
+       }
+
+       return $env;
+}
+
 sub setup_rpc_proxy($$$)
 {
        my ($self, $path, $dc_vars) = @_;

diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py
index 61d9a821058cd088a350b484e219667601c56fce..5131899256d4dda01ec2ea3a50338a6967164981 100755 (executable)
--- a/source4/selftest/tests.py
+++ b/source4/selftest/tests.py
@@ -519,6 +519,13 @@ for env in ["nt4_dc", "nt4_member", "ad_dc", "ad_member", "s4member", "chgdcpass
 
     plantestsuite("samba.ntlm_auth.(%s:local)" % env, "%s:local" % env, [os.path.join(samba3srcdir, "script/tests/test_ntlm_auth_s3.sh"), valgrindify(python), samba3srcdir, ntlm_auth3,  '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD', configuration])
 
+for env in ["s4member_dflt_domain", "s4member"]:
+    for cmd in ["id", "getent"]:
+        users = ["$DC_USERNAME", "$DC_USERNAME@$REALM"]
+        if env == "s4member":
+            users = ["$DOMAIN/$DC_USERNAME", "$DC_USERNAME@$REALM"]
+        for usr in users:
+            plantestsuite("samba4.winbind.dom_name_parse.cmd", env, "%s/dom_parse.sh %s %s" % (bbdir,cmd,usr))
 
 nsstest4 = binpath("nsstest")
 for env in ["ad_dc:local", "s4member:local", "nt4_dc:local", "ad_member:local", "nt4_member:local"]:

diff --git a/testprogs/blackbox/dom_parse.sh b/testprogs/blackbox/dom_parse.sh
new file mode 100755 (executable)
index 0000000..dd14f0d
--- /dev/null
+++ b/testprogs/blackbox/dom_parse.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+# Blackbox wrapper for nsstest
+# Copyright (C) 2006-2007 Jelmer Vernooij <jelmer@samba.org>
+# Copyright (C) 2006-2008 Andrew Bartlett <abartlet@samba.org>
+
+if [ $# -lt 2 ]; then
+cat <<EOF
+Usage: dom_parse.sh [id|getent] $USER
+EOF
+exit 1;
+fi
+
+USER=$2
+CMD=$1
+EXTRA=""
+shift 2
+failed=0
+
+. `dirname $0`/subunit.sh
+
+if [ "$CMD" = "getent" ]; then
+    EXTRA="passwd"
+fi
+
+testit "samba4.winbind.dom_name_parse.cmd.$CMD" $CMD $EXTRA $USER || failed=`expr $failed + 1`
+
+exit $failed