def _test_backup_untar(self, primary_domain_secrets=0):
"""Creates a backup, untars the raw files, and sanity-checks the DB"""
backup_file = self.create_backup()
self.untar_backup(backup_file)
private_dir = os.path.join(self.restore_dir(), "private")
samdb_path = os.path.join(private_dir, "sam.ldb")
lp = env_loadparm()
samdb = SamDB(url=samdb_path, session_info=system_session(), lp=lp)
# check that backup markers were added to the DB
res = samdb.search(base=ldb.Dn(samdb, "@SAMBA_DSDB"),
scope=ldb.SCOPE_BASE,
attrs=self.backup_markers)
self.assertEqual(len(res), 1)
for marker in self.backup_markers:
self.assertIsNotNone(res[0].get(marker),
"%s backup marker missing" % marker)
# check the secrets.ldb entry for the primary domain. (Online/clone
# backups shouldn't have this, as they never got it during the backup)
secrets_path = os.path.join(private_dir, "secrets.ldb")
res = get_prim_dom(secrets_path, lp)
self.assertEqual(len(res), primary_domain_secrets)
# sanity-check that all the partitions got backed up
self.assert_partitions_present(samdb)
def open_samdb(self):
self.lp = env_loadparm()
self.domain = os.environ["DOMAIN"]
self.creds = Credentials()
self.creds.guess(self.lp)
self.session = system_session()
self.samdb = SamDB(
session_info=self.session, credentials=self.creds, lp=self.lp)
def setUp(self):
super(Bug13653Tests, self).setUp()
self.env = environ["TEST_ENV"]
self.server = environ["SERVER"]
self.prefix = environ["PREFIX_ABS"]
lp = env_loadparm()
creds = Credentials()
session = system_session()
creds.guess(lp)
self.ldb = SamDB(session_info=session, credentials=creds, lp=lp)
def setUp(self):
self.lp = env_loadparm()
self.lp.set("workgroup", "TESTS")
self.lp.set("netbios name", "TESTS")
super(MapBaseTestCase, self).setUp()
def make_dn(basedn, rdn):
return "%s,sambaDomainName=TESTS,%s" % (rdn, basedn)
def make_s4dn(basedn, rdn):
return "%s,%s" % (rdn, basedn)
self.ldbfile = os.path.join(self.tempdir, "test.ldb")
self.ldburl = "tdb://" + self.ldbfile
tempdir = self.tempdir
class Target:
"""Simple helper class that contains data for a specific SAM
connection."""
def __init__(self, basedn, dn, lp):
self.db = Ldb(lp=lp, session_info=system_session())
self.db.set_opaque("skip_allocate_sids", "true");
self.basedn = basedn
self.basedn_casefold = ldb.Dn(self.db, basedn).get_casefold()
self.substvars = {"BASEDN": self.basedn}
self.file = os.path.join(tempdir, "%s.ldb" % self.basedn_casefold)
self.url = "tdb://" + self.file
self._dn = dn
def dn(self, rdn):
return self._dn(self.basedn, rdn)
def connect(self):
return self.db.connect(self.url)
def setup_data(self, path):
self.add_ldif(read_datafile(path))
def subst(self, text):
return substitute_var(text, self.substvars)
def add_ldif(self, ldif):
self.db.add_ldif(self.subst(ldif))
def modify_ldif(self, ldif):
self.db.modify_ldif(self.subst(ldif))
self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn, self.lp)
self.samba3 = Target("cn=Samba3Sam", make_dn, self.lp)
self.samba3.connect()
self.samba4.connect()
def setUp(self):
self.lp = env_loadparm()
self.lp.set("workgroup", "TESTS")
self.lp.set("netbios name", "TESTS")
super(MapBaseTestCase, self).setUp()
def make_dn(basedn, rdn):
return "%s,sambaDomainName=TESTS,%s" % (rdn, basedn)
def make_s4dn(basedn, rdn):
return "%s,%s" % (rdn, basedn)
self.ldbfile = os.path.join(self.tempdir, "test.ldb")
self.ldburl = "tdb://" + self.ldbfile
tempdir = self.tempdir
class Target:
"""Simple helper class that contains data for a specific SAM
connection."""
def __init__(self, basedn, dn, lp):
self.db = Ldb(lp=lp, session_info=system_session())
self.db.set_opaque("skip_allocate_sids", "true")
self.basedn = basedn
self.basedn_casefold = ldb.Dn(self.db, basedn).get_casefold()
self.substvars = {"BASEDN": self.basedn}
self.file = os.path.join(tempdir,
"%s.ldb" % self.basedn_casefold)
self.url = "tdb://" + self.file
self._dn = dn
def dn(self, rdn):
return self._dn(self.basedn, rdn)
def connect(self):
return self.db.connect(self.url)
def setup_data(self, path):
self.add_ldif(read_datafile(path))
def subst(self, text):
return substitute_var(text, self.substvars)
def add_ldif(self, ldif):
self.db.add_ldif(self.subst(ldif))
def modify_ldif(self, ldif):
self.db.modify_ldif(self.subst(ldif))
self.samba4 = Target("dc=vernstok,dc=nl", make_s4dn, self.lp)
self.samba3 = Target("cn=Samba3Sam", make_dn, self.lp)
self.samba3.connect()
self.samba4.connect()
def setUp(self):
super(UpgradeProvisionWithLdbTestCase, self).setUp()
paths = get_paths(param, None, smb_conf_path)
self.creds = Credentials()
self.lp = env_loadparm()
self.creds.guess(self.lp)
self.paths = paths
self.ldbs = get_ldbs(paths, self.creds, system_session(), self.lp)
self.names = find_provision_key_parameters(
self.ldbs.sam, self.ldbs.secrets, self.ldbs.idmap, paths, smb_conf_path, self.lp
)
self.referencedb = create_dummy_secretsdb(os.path.join(self.tempdir, "ref.ldb"))
def setUp(self):
super(DNSTKeyTest, self).setUp()
self.settings = {}
self.settings["lp_ctx"] = self.lp_ctx = tests.env_loadparm()
self.settings["target_hostname"] = self.server
self.creds = credentials.Credentials()
self.creds.guess(self.lp_ctx)
self.creds.set_username(tests.env_get_var_value('USERNAME'))
self.creds.set_password(tests.env_get_var_value('PASSWORD'))
self.creds.set_kerberos_state(credentials.MUST_USE_KERBEROS)
self.newrecname = "tkeytsig.%s" % self.get_dns_domain()
def setUp(self):
super(DNSTKeyTest, self).setUp()
self.settings = {}
self.settings["lp_ctx"] = self.lp_ctx = tests.env_loadparm()
self.settings["target_hostname"] = self.server
self.creds = credentials.Credentials()
self.creds.guess(self.lp_ctx)
self.creds.set_username(tests.env_get_var_value('USERNAME'))
self.creds.set_password(tests.env_get_var_value('PASSWORD'))
self.creds.set_kerberos_state(credentials.MUST_USE_KERBEROS)
self.newrecname = "tkeytsig.%s" % self.get_dns_domain()
def test_find_key_param(self):
paths = get_paths(param, None, smb_conf_path)
creds = Credentials()
lp = env_loadparm()
creds.guess(lp)
rootdn = "dc=samba,dc=example,dc=com"
ldbs = get_ldbs(paths, creds, system_session(), lp)
names = find_provision_key_parameters(ldbs.sam, ldbs.secrets, ldbs.idmap, paths, smb_conf_path, lp)
self.assertEquals(names.realm, "SAMBA.EXAMPLE.COM")
self.assertEquals(str(names.rootdn).lower(), rootdn.lower())
self.assertNotEquals(names.policyid_dc, None)
self.assertNotEquals(names.ntdsguid, "")
def setUp(self):
super(NtaclsBackupRestoreTests, self).setUp()
self.server = os.environ["SERVER"] # addc
samdb_url = 'ldap://' + self.server
self.service = 'test1' # service/share to test
# root path for service
self.service_root = os.path.join(os.environ["LOCAL_PATH"],
self.service)
self.smb_conf_path = os.environ['SMB_CONF_PATH']
self.creds = self.insta_creds(template=self.get_credentials())
self.samdb_conn = samdb.SamDB(url=samdb_url,
session_info=system_session(),
credentials=self.creds,
lp=env_loadparm())
self.dom_sid = security.dom_sid(self.samdb_conn.get_domain_sid())
# helper will load conf into lp, that's how smbd can find services.
self.ntacls_helper = ntacls.NtaclsHelper(self.service,
self.smb_conf_path,
self.dom_sid)
self.lp = self.ntacls_helper.lp
self.smb_conn = libsmb.Conn(self.server,
self.service,
lp=self.lp,
creds=self.creds)
self.smb_helper = ntacls.SMBHelper(self.smb_conn, self.dom_sid)
self.tarfile_path = os.path.join(self.tempdir, 'ntacls-backup.tar.gz')
# an example file tree
self.tree = {
'file0.txt': b'test file0',
'dir1': {
'file1.txt': b'test file1',
'dir2': {} # an empty dir in dir
},
}
self._delete_tarfile()
self.smb_helper.delete_tree()
self.smb_helper.create_tree(self.tree)
self._check_tree()
# keep a copy of ntacls after tree just created
self.original_ntacls = self.smb_helper.get_ntacls()
def setUp(self):
super(UpgradeProvisionWithLdbTestCase, self).setUp()
paths = get_paths(param, None, smb_conf_path)
self.creds = Credentials()
self.lp = env_loadparm()
self.creds.guess(self.lp)
self.paths = paths
self.ldbs = get_ldbs(paths, self.creds, system_session(), self.lp)
self.names = find_provision_key_parameters(self.ldbs.sam,
self.ldbs.secrets, self.ldbs.idmap, paths, smb_conf_path,
self.lp)
self.referencedb = create_dummy_secretsdb(
os.path.join(self.tempdir, "ref.ldb"))
def test_setup_secretsdb(self):
path = os.path.join(self.tempdir, "secrets.ldb")
paths = ProvisionPaths()
paths.secrets = path
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
ldb = setup_secretsdb(paths, None, None, lp=env_loadparm())
try:
self.assertEquals("LSA Secrets", ldb.searchone(basedn="CN=LSA Secrets", attribute="CN"))
finally:
del ldb
os.unlink(path)
def tearDown(self):
super(UserCmdTestCase, self).tearDown()
# clean up all the left over users, just in case
for user in self.users:
if self._find_user(user["name"]):
self.runsubcmd("user", "delete", user["name"])
lp = env_loadparm()
# second run of this test
# the cache is still there and '--cache-ldb-initialize'
# will fail
cachedb = lp.private_path("user-syncpasswords-cache.ldb")
if os.path.exists(cachedb):
os.remove(cachedb)
def test_find_key_param(self):
paths = get_paths(param, None, smb_conf_path)
creds = Credentials()
lp = env_loadparm()
creds.guess(lp)
rootdn = "dc=samba,dc=example,dc=com"
ldbs = get_ldbs(paths, creds, system_session(), lp)
names = find_provision_key_parameters(ldbs.sam, ldbs.secrets, ldbs.idmap,
paths, smb_conf_path, lp)
self.assertEquals(names.realm, "SAMBA.EXAMPLE.COM")
self.assertEquals(str(names.rootdn).lower(), rootdn.lower())
self.assertNotEquals(names.policyid_dc, None)
self.assertNotEquals(names.ntdsguid, "")
def test_setup_secretsdb(self):
path = os.path.join(self.tempdir, "secrets.ldb")
paths = ProvisionPaths()
paths.secrets = path
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
ldb = setup_secretsdb(paths, None, None, lp=env_loadparm())
try:
self.assertEquals(
"LSA Secrets",
ldb.searchone(basedn="CN=LSA Secrets", attribute="CN"))
finally:
del ldb
os.unlink(path)
def create_dummy_secretsdb(path, lp=None):
"""Create a dummy secrets database for use in tests.
:param path: Path to store the secrets db
:param lp: Optional loadparm context. A simple one will
be generated if not specified.
"""
if lp is None:
lp = env_loadparm()
paths = ProvisionPaths()
paths.secrets = path
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
secrets_ldb = setup_secretsdb(paths, None, None, lp=lp)
secrets_ldb.transaction_commit()
return secrets_ldb
def create_dummy_secretsdb(path, lp=None):
"""Create a dummy secrets database for use in tests.
:param path: Path to store the secrets db
:param lp: Optional loadparm context. A simple one will
be generated if not specified.
"""
if lp is None:
lp = env_loadparm()
paths = ProvisionPaths()
paths.secrets = path
paths.private_dir = os.path.dirname(path)
paths.keytab = "no.keytab"
paths.dns_keytab = "no.dns.keytab"
secrets_ldb = setup_secretsdb(paths, None, None, lp=lp)
secrets_ldb.transaction_commit()
return secrets_ldb
def test_get_ldbs(self):
paths = get_paths(param, None, smb_conf_path)
creds = Credentials()
lp = env_loadparm()
creds.guess(lp)
get_ldbs(paths, creds, system_session(), lp)
def test_get_ldbs(self):
paths = get_paths(param, None, smb_conf_path)
creds = Credentials()
lp = env_loadparm()
creds.guess(lp)
get_ldbs(paths, creds, system_session(), lp)
