diff options
author | David Mulder <dmulder@samba.org> | 2022-11-16 10:44:22 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2022-11-21 21:01:30 +0000 |
commit | 4c2b418882ecdb6293cc1d033c33685ada684c2e (patch) | |
tree | 255133973e243d3375f6059147a0740454cb9559 | |
parent | f03665bb7e8ea97699062630f2aa1bac4c5dfc7f (diff) | |
download | samba-4c2b418882ecdb6293cc1d033c33685ada684c2e.tar.gz |
gp: Test that samba-tool gpo manage lists gpme sudoers
The file format for storing the sudo rules
changed in samba-tool, but these can still be
added via the GPME. We should still include them
here.
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
-rw-r--r-- | python/samba/tests/samba_tool/gpo.py | 18 | ||||
-rw-r--r-- | selftest/knownfail.d/gpo | 1 |
2 files changed, 19 insertions, 0 deletions
diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py index d60e5b96c34..f1a9a14ea16 100644 --- a/python/samba/tests/samba_tool/gpo.py +++ b/python/samba/tests/samba_tool/gpo.py @@ -825,6 +825,21 @@ class GpoCmdTestCase(SambaToolCmdTest): ret = stage_file(vgp_xml, etree.tostring(stage, 'utf-8')) self.assertTrue(ret, 'Could not create the target %s' % vgp_xml) + reg_pol = os.path.join(local_path, lp.get('realm').lower(), 'Policies', + self.gpo_guid, 'Machine/Registry.pol') + + # Stage the Registry.pol file with test data + stage = preg.file() + e = preg.entry() + e.keyname = b'Software\\Policies\\Samba\\Unix Settings\\Sudo Rights' + e.valuename = b'Software\\Policies\\Samba\\Unix Settings' + e.type = 1 + e.data = b'fakeu3 ALL=(ALL) NOPASSWD: ALL' + stage.num_entries = 1 + stage.entries = [e] + ret = stage_file(reg_pol, ndr_pack(stage)) + self.assertTrue(ret, 'Could not create the target %s' % reg_pol) + sudoer = 'fakeu ALL=(ALL) NOPASSWD: ALL' sudoer2 = 'fakeu2,fakeg2% ALL=(ALL) NOPASSWD: ALL' sudoer_no_principal = 'ALL ALL=(ALL) NOPASSWD: ALL' @@ -839,6 +854,7 @@ class GpoCmdTestCase(SambaToolCmdTest): self.assertCmdSuccess(result, out, err, 'Sudoers list failed') self.assertIn(sudoer, out, 'The test entry was not found!') self.assertIn(sudoer2, out, 'The test entry was not found!') + self.assertIn(get_string(e.data), out, 'The test entry was not found!') self.assertIn(sudoer_no_principal, out, 'The test entry was not found!') @@ -877,6 +893,8 @@ class GpoCmdTestCase(SambaToolCmdTest): # Unstage the manifest.xml file unstage_file(vgp_xml) + # Unstage the Registry.pol file + unstage_file(reg_pol) def test_symlink_list(self): lp = LoadParm() diff --git a/selftest/knownfail.d/gpo b/selftest/knownfail.d/gpo new file mode 100644 index 00000000000..1c578f3bc2c --- /dev/null +++ b/selftest/knownfail.d/gpo @@ -0,0 +1 @@ +^samba.tests.samba_tool.gpo.samba.tests.samba_tool.gpo.GpoCmdTestCase.test_sudoers_list |