summaryrefslogtreecommitdiff
path: root/python
Commit message (Collapse)AuthorAgeFilesLines
* selftest: Test behaviour of DNS scavenge with an existing dNSTombstoned valueAndrew Bartlett2020-02-261-0/+39
| | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14258 Signed-off-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Thu Feb 6 16:24:25 UTC 2020 on sn-devel-184 (cherry picked from commit c8e3c78d4f2a6f3e122fe458aa6835772290a700) Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-11-test): Wed Feb 26 13:53:10 UTC 2020 on sn-devel-184
* s3:auth_sam: map an empty domain or '.' to the local SAM nameStefan Metzmacher2020-02-111-2/+2
| | | | | | | | | | | | | | | When a domain member gets an empty domain name or '.', it should not forward the authentication to domain controllers of the primary domain. But we need to keep passing UPN account names with an empty domain to the DCs as a domain member. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14247 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org> (cherry picked from commit 590df382bea44eec2dbfd2a28c659b0a29188bca)
* upgradedns: ensure lmdb lock files linkedGary Lockyer2020-01-141-0/+10
| | | | | | | | | | | | | | Ensure that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 0bd479140c18ab79479ced4f25f366744c3afe18)
* test upgradedns: ensure lmdb lock files linkedGary Lockyer2020-01-141-0/+75
| | | | | | | | | | | | | | Add tests to check that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit f0cebbe4dd0317e2abfcbe252977383e6f37f3bd)
* python: tests. Add test for fuzzing smbd crash bug.Jeremy Allison2019-12-131-0/+77
| | | | | | | | | | Mark knownfail for now. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14205 Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 46899ecf836d350c0c29b615869851da7d0ad6fb)
* samba-tool: add user-sensitive command to set not-delegated flagIsaac Boukris2019-12-031-0/+58
| | | | Signed-off-by: Isaac Boukris <iboukris@gmail.com>
* CVE-2019-14861: Test to demonstrate the bugAndrew Bartlett2019-12-031-0/+47
| | | | | | | | | This test does not fail every time, but when it does it casues a segfault which takes out the rpc_server master process, as this hosts the dnsserver pipe. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* CVE-2019-14861: s4-rpc/dnsserver: Confirm sort behaviour in ↵Andrew Bartlett2019-12-031-0/+101
| | | | | | | | | | | dcesrv_DnssrvEnumRecords The sort behaviour for child records is not correct in Samba so we add a flapping entry. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14138 Signed-off-by: Andrew Bartlett <abartlet@samba.org>
* python/tests/gensec: add spnego downgrade python testsIsaac Boukris2019-10-161-1/+23
| | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Pair-Programmed-With: Andreas Schneider <asn@samba.org> Signed-off-by: Isaac Boukris <iboukris@gmail.com> Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* python/tests/gensec: make it possible to add knownfail tests for gensec.update()Stefan Metzmacher2019-10-161-2/+8
| | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14106 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* test_pam_winbind.sh: allow different pam_winbindd config options to be specifiedStefan Metzmacher2019-10-023-14/+22
| | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 3d38a8e9135bb72bc4ca079fab0eb5358942b3f1)
* tests/pam_winbind.py: allow upn names to be used in USERNAME with an empty ↵Stefan Metzmacher2019-10-023-4/+16
| | | | | | | | | | DOMAIN value BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit 653e90485854d978dc522e689cd78c19dcc22a70)
* tests/pam_winbind.py: turn pypamtest.PamTestError into a failureStefan Metzmacher2019-10-023-5/+20
| | | | | | | | | | | A failure generated by the AssertionError() checks can be added to selftest/knownfail.d/*. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Guenther Deschner <gd@samba.org> (cherry picked from commit cd3ffaabb568db26e0de5e83178487e5947c4f09)
* classicupgrade: fix a a bytes-like object is required, not 'str' errorBjörn Jacke2019-09-241-1/+1
| | | | | | | | | | | | | | | BUG: https://bugzilla.samba.org/show_bug.cgi?id=14136 Signed-off-by: Bjoern Jacke <bjacke@samba.org> Reviewed-by: Björn Baumbach <bb@samba.org> Autobuild-User(master): Björn Jacke <bjacke@samba.org> Autobuild-Date(master): Mon Sep 23 12:58:20 UTC 2019 on sn-devel-184 (cherry picked from commit 465e518d6cc200eefa38643e720ce64e53abac2e) Autobuild-User(v4-11-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-11-test): Tue Sep 24 18:30:08 UTC 2019 on sn-devel-184
* downgradedatabase: installing scriptAaron Haslett2019-08-261-0/+2
| | | | | | | | | | | | | | | Installing downgrade script so people don't need the source tree for it. Exception added in usage test because running the script without arguments is valid. (This avoids the need to knownfail it). BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059 Signed-off-by: Aaron Haslett <aaronhaslett@catalyst.net.nz> Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> (cherry picked from commit 6dcf00ba0a470ba25aabae06b409ec95404c246f)
* downgradedatabase: rename to samba_downgrade_dbTim Beale2019-08-261-1/+1
| | | | | | | | | | | Just so that it's slightly less of a mouthful for users. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> (cherry picked from commit fdaaee8d3aac77d91642a7d75d4bcd15d4df8657)
* tests: Avoid hardcoding relative filepathTim Beale2019-08-261-2/+2
| | | | | | | | | | | If we move the test file, the test will break. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14059 Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Garming Sam <garming@catalyst.net.nz> (cherry picked from commit a8cdbe0b824f57f73eee09143148f009a9c58582)
* tests: Add samba_upgradedns to the list of possible cmdsGarming Sam2019-08-071-0/+1
| | | | | | | | | | This will be used to test the replication scenario with no DNS partitions BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 7d2875bd70cf727730be8dc705bfd01eacaaaa6f)
* netcmd: Allow drs replicate --local to create partitionsGarming Sam2019-08-071-1/+3
| | | | | | | | | | | | Currently, neither the offline (--local) or online (normal replica sync) methods allow partition creation post-join. This overrides the Python default to not create the DB, which allows TDB + MDB to work. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14051 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit d90ccce59754bc833027c06683afac25f7a8d474)
* join: Use a specific attribute order for the DsAddEntry nTDSDSA objectTim Beale2019-08-071-7/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Joining a Windows domain can throw an error if the HasMasterNCs attribute occurs before msDS-HasMasterNCs. This patch changes the attribute order so that msDS-HasMasterNCs is always first. Previously on python2, the dictionary hash order was arbitrary but constant. By luck, msDS-HasMasterNCs was always before HasMasterNCs, so we never noticed any problem. With python3, the dictionary hash order now changes everytime you run the command, so the order is unpredictable. To enforce a order, we can change to use an OrderedDict, which will return the keys in the order they're added. I've asked Microsoft to clarify the protocol requirement here WRT attribute order. However, in the meantime we may as well fix the problem for users. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14046 RN: When trying to join a Windows domain (with functional level 2008R2) as an AD domain controller, the 'samba-tool domain join' command could throw a python exception: 'RuntimeError ("DsAddEntry failed")'. When this problem occurred, you would also see the message "DsAddEntry failed with status WERR_ACCESS_DENIED info (8363, 'WERR_DS_NO_CROSSREF_FOR_NC')" in the command output. This issue has now been resolved. Note that this problem would only occur on Samba v4.10 when using the Python3 packages. Signed-off-by: Tim Beale <timbeale@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Andrew Bartlett <abartlet@samba.org> Autobuild-Date(master): Wed Jul 24 04:18:21 UTC 2019 on sn-devel-184 (cherry picked from commit 256684c7a86301d26d6cf7298fb70e647bf45cf5)
* gp_inf: Read/write files with a UTF-16LE BOM in GptTmpl.infGarming Sam2019-08-071-3/+6
| | | | | | | | | | | | | | | | | | | Regression caused by 16596842a62bec0a9d974c48d64000e3c079254e [MS-GPSB] 2.2 Message Syntax says that you have to write a BOM which I didn't do up until this patch. UTF-16 as input encoding was marked much higher up in the inheritance tree, which got overriden with the Python 3 fixes. I've now marked the encoding much more obviously for this file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14004 Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Gary Lockyer <gary@catalyst.net.nz> Autobuild-User(master): Gary Lockyer <gary@samba.org> Autobuild-Date(master): Fri Jul 19 02:20:47 UTC 2019 on sn-devel-184 (cherry picked from commit 0bcfc550b1a902e3a6a766b06603ac9285d0ff63)
* tests/usage: test for --help consistencyDouglas Bagnall2019-07-051-1/+8
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests/samba-tool: test --help consistencyDouglas Bagnall2019-07-051-0/+8
| | | | | Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* python/tests: helper function for checking --help consistencyDouglas Bagnall2019-07-051-0/+118
| | | | | | | | | | Check that --help output doesn't contradict itself by assigning the same option string to different meanings (which *does* happen in the ldb tools). This will be used in the samba-tool help tests and the usage tests. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests/usage: generalise to cover non-python scriptsDouglas Bagnall2019-07-051-35/+118
| | | | | | | | It is not as simple as running everything executable, because for example .so library files are marked as executable. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests/usage: python scripts --help should be helpfulDouglas Bagnall2019-07-051-0/+67
| | | | | | | We want to be sure it says *something* and returns success. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* tests: ensure that most python scripts have usage textDouglas Bagnall2019-07-051-0/+205
| | | | | | | | | | | | | | | | | | | | | When a script is run with the wrong arguments, it should at least say something like this: Usage: samba-foo [OPTIONS] For many samba scripts, especially without a server environment, having no arguments is the wrong arguments. Here we look for every executable file with '#![...]python[3]' on the first line, and exclude certain files and directories that have excuses to fail the test. For example, many selftest scripts are stream-oriented and will hang forever waiting for stdin, which is not an error. Some test modules are designed so they can be optionally run from the command line, but this option is typically only used by the developer who is writing them. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* domain join: set ldb "transaction_index_cache_size" optionGary Lockyer2019-07-041-7/+11
| | | | | | | | | Set the "transaction_index_cache_size" on a join to improve performance. These setting reduced a join to a 100k user domain from 105 minutes to 44 minutes. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* domain join: enable ldb batch modeGary Lockyer2019-07-042-6/+9
| | | | | | | | Enable ldb "batch_mode" transactions duting a join to improve performance. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: add tests for contact managementBjörn Baumbach2019-07-042-0/+483
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: implement contact management commandsBjörn Baumbach2019-07-043-0/+785
| | | | | | | | | | | | | | | | | Usage: samba-tool contact <subcommand> Contact management. Available subcommands: create - Create a new contact. delete - Delete a contact. edit - Modify a contact. list - List all contacts. move - Move a contact object to an organizational unit or container. show - Display a contact. Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: add test for 'samba-tool group edit' commandBjörn Baumbach2019-07-041-0/+208
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool group: add 'edit' command to edit an AD group objectBjörn Baumbach2019-07-041-0/+114
| | | | | | | Same like the samba-tool user edit command. Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: add test for 'samba-tool computer edit' commandBjörn Baumbach2019-07-041-0/+180
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool computer: add 'edit' command to edit an AD computer objectBjörn Baumbach2019-07-041-1/+122
| | | | | | | Similar to the samba-tool user edit command. Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool user edit: avoid base64 encoded strings in editable ldif if possibleBjörn Baumbach2019-07-042-2/+46
| | | | | | | | | | | Use clear text arguments strings if possible. Makes it more comfortable for users to edit the user objects attributes. Remove test from knownfail: samba.tests.samba_tool.user_edit.change_attribute_force_no_base64 Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: add test for 'samba-tool user edit', using ↵Björn Baumbach2019-07-041-0/+26
| | | | | | | | | LDB_FLAG_FORCE_NO_BASE64_LDIF Test to edit a user: Change attributes with LDB_FLAG_FORCE_NO_BASE64_LDIF Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool user edit: simplify codeBjörn Baumbach2019-07-041-3/+1
| | | | | | | | Use "None"-changetype here, instead of "Add". This avoids the need to remove the changetype line afterwards. Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool user edit: use ldb methods to create ldif to modify userBjörn Baumbach2019-07-041-38/+13
| | | | | | | | | | | | Remove tests from knownfail: samba.tests.samba_tool.user_edit.add_attribute_base64 samba.tests.samba_tool.user_edit.add_attribute_base64_control samba.tests.samba_tool.user_edit.change_attribute_base64_control BUG: https://bugzilla.samba.org/show_bug.cgi?id=14003 Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: add additional tests for "samba-tool user edit" commandBjörn Baumbach2019-07-041-0/+97
| | | | | | | | | | | | | | Especially test handling of base64 encoded attribute values here. Add selftest/knownfail.d/samba_tool.user_edit. Tests fail, because: - can not work with ldif without a trailing new line - can not handle base64 strings BUG: https://bugzilla.samba.org/show_bug.cgi?id=14003 Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool user edit test: use testit instead of subunit_start_test, pass/failedBjörn Baumbach2019-07-041-38/+23
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: remove probably outdated commentBjörn Baumbach2019-07-041-1/+0
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool tests: rename "user edit" test from edit.sh to user_edit.shBjörn Baumbach2019-07-041-1/+1
| | | | | Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool: fix format of command description (help messages)Björn Baumbach2019-07-045-18/+18
| | | | | | | Need to quote the backslash '\'. Signed-off-by: Björn Baumbach <bb@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* pytests/subunitrun: not usefully executableDouglas Bagnall2019-07-021-2/+0
| | | | | | | it only defines classes and fiddles with signals. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool domain join: remove the subdomain optionGary Lockyer2019-07-021-18/+5
| | | | | | | Remove the sub domain option from join, as it currently does not work. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* join subdomain: changes for --backend-store-sizeGary Lockyer2019-07-021-4/+6
| | | | | | | Pass the 'backend_store_size' parameter through to DCJoinContext. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool domain dcpromo: add --backend-store-size optionGary Lockyer2019-07-021-1/+2
| | | | | | | | | Add a new "samba-tool domain dcpromo" option "backend-store-size". This allows the lmdb map size to be set during a promotion, instead of hard-wiring it to 8Gb. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool dcpromo tests: add --backend-store-size optionGary Lockyer2019-07-021-0/+170
| | | | | | | | | Add a new "samba-tool domain dcpromo" option "backend-store-size". This allows the lmdb map size to be set during a promotion, instead of hard-wiring it to 8Gb. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* samba-tool clone-dc-database: Add --backend-store-size optionGary Lockyer2019-07-022-7/+21
| | | | | | | | | Add a new "samba-tool drs clone-dc-database" option "backend-store-size". This allows the lmdb map size to be set during a clone, instead of hard-wiring it to 8Gb. Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>' Reviewed-by: Andrew Bartlett <abartlet@samba.org>
View Lorry Controller Status