diff options
| author | Alexander Bokovoy <ab@samba.org> | 2018-02-16 18:15:28 +0200 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2018-09-05 00:48:17 +0200 |
| commit | 7df505298f71432d5adbcffccde8f97c117a57a6 (patch) | |
| tree | dfd89fad1f8a347943064e31c94b0e6e149ca5a7 /testprogs | |
| parent | 80324ff6e2fab7adb30073fc48a0c512232f1443 (diff) | |
| download | samba-7df505298f71432d5adbcffccde8f97c117a57a6.tar.gz | |
s4:selftest: test kinit with the interdomain trust user account
To test it, add a blackbox test that ensures we pass a keytab-based
authentication with the trust user account for a trusted domain.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13539
Pair-Programmed-With: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Alexander Bokovoy <ab@samba.org>
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'testprogs')
| -rwxr-xr-x | testprogs/blackbox/test_trust_user_account.sh | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/testprogs/blackbox/test_trust_user_account.sh b/testprogs/blackbox/test_trust_user_account.sh new file mode 100755 index 00000000000..9fbe25e16a3 --- /dev/null +++ b/testprogs/blackbox/test_trust_user_account.sh @@ -0,0 +1,44 @@ +#!/bin/sh + +if [ $# -lt 1 ]; then +cat <<EOF +Usage: test_trust_user_account.sh PREFIX OUR_REALM OUR_FLAT REMOTE_REALM REMOTE_FLAT +EOF +exit 1; +fi + +PREFIX="$1" +OUR_REALM="$2" +OUR_FLAT="$3" +REMOTE_REALM="$4" +REMOTE_FLAT="$5" +shift 5 + +. `dirname $0`/subunit.sh + + +samba_tool="$BINDIR/samba-tool" +samba4bindir="$BINDIR" +samba4srcdir="$SRCDIR/source4" +samba4kinit="kinit -k" +if test -x $BINDIR/samba4kinit; then + samba4kinit="$BINDIR/samba4kinit --use-keytab" +fi + +KEYTAB="$PREFIX/tmptda.keytab" + +KRB5_TRACE=/dev/stderr +export KRB5_TRACE + +testit "retrieve keytab for TDA of $REMOTE_REALM" $samba_tool domain exportkeytab $KEYTAB $CONFIGURATION --principal "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1` + +KRB5CCNAME="$PREFIX/tmptda.ccache" +export KRB5CCNAME + +rm -f $KRB5CCNAME + +testit "kinit with keytab for TDA of $REMOTE_REALM" $samba4kinit -t $KEYTAB "$REMOTE_FLAT\$@$OUR_REALM" || failed=`expr $failed + 1` + +rm -f $KRB5CCNAME $KEYTAB + +exit $failed |