Hi Andrew, can you have a look at this
https://git.samba.org/autobuild.flakey/2012-11-06-0314/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0514/samba.stdout https://git.samba.org/autobuild.flakey/2012-11-06-0713/samba.stdout It seems that the samba.tests.samba_tool.gpo(dc:local) test is flakey. metze Am 06.11.2012 00:13, schrieb Andrew Bartlett: > The branch, master has been updated > via ab30a8b provision: Make dsacl2fsacl() take a security.dom_sid, > not str > via 0334515 provision: Also walk directories checking ACLs > via abbbbb5 wintest: Try harder to recover from apparent failure to > dcpromo > via 0b7bb77 selftest: check that samba-tool gpo works for basic > operations > via 26faa8f dsdb: Simplify DsCrackNameOneFilter a bit > via ec3cbb6 wafsamba.abi: Fix abi_match with both excludes and > includes. > via d02c8ba wafsamba.samba_abi: Add basic unit tests. > via 97102fa buildtools: Remove extra space from global: line > via ea5ef95 wafsamba.samba_abi: Refactor abi_write_vscript to take > file argument. > from 3d93616 s3:smbd: pass the current time to make_connection[_smb1]() > > http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master > > > - Log ----------------------------------------------------------------- > commit ab30a8bf0fb9bd4ee3c907183132f3b9abb67c7a > Author: Andrew Bartlett <abart...@samba.org> > Date: Mon Nov 5 20:44:14 2012 +1100 > > provision: Make dsacl2fsacl() take a security.dom_sid, not str > > Reviewed-by: Jelmer Vernooij <jel...@samba.org> > Signed-off-by: Andrew Bartlett <abart...@samba.org> > > Autobuild-User(master): Andrew Bartlett <abart...@samba.org> > Autobuild-Date(master): Tue Nov 6 00:12:43 CET 2012 on sn-devel-104 > > commit 033451587db21d6e4b829e89a64f894a32682131 > Author: Andrew Bartlett <abart...@samba.org> > Date: Mon Nov 5 15:22:02 2012 +1100 > > provision: Also walk directories checking ACLs > > The directory walk was missed due to a cut-and-paste error. > > Andrew Bartlett > > Reviewed-by: Jelmer Vernooij <jel...@samba.org> > Signed-off-by: Andrew Bartlett <abart...@samba.org> > > commit abbbbb5cdc39b71c0f243ff1e660d1f35a4923e3 > Author: Andrew Bartlett <abart...@samba.org> > Date: Mon Nov 5 19:35:51 2012 +1100 > > wintest: Try harder to recover from apparent failure to dcpromo > > Reviewed-by: Jelmer Vernooij <jel...@samba.org> > Signed-off-by: Andrew Bartlett <abart...@samba.org> > > commit 0b7bb774ce836722d219d6e466a76b12c1a03de3 > Author: Andrew Bartlett <abart...@samba.org> > Date: Mon Nov 5 12:57:17 2012 +1100 > > selftest: check that samba-tool gpo works for basic operations > > Reviewed-by: Jelmer Vernooij <jel...@samba.org> > Signed-off-by: Andrew Bartlett <abart...@samba.org> > > commit 26faa8fe3a42f9d1278d81773c8808b05fcd76f8 > Author: Volker Lendecke <v...@samba.org> > Date: Sat Nov 3 09:36:29 2012 +0100 > > dsdb: Simplify DsCrackNameOneFilter a bit > > For me "else" branches clutter my flow reading code. If we do a hard > return at the end of an "if" branch, "else" is not required. > > Signed-off-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Andrew Bartlett <abart...@samba.org> > > commit ec3cbb6c476698523c9b5ac047787df101746891 > Author: Jelmer Vernooij <jel...@samba.org> > Date: Mon Nov 5 19:36:30 2012 +0100 > > wafsamba.abi: Fix abi_match with both excludes and includes. > > This fixes a regression introduced by > 9c3e294400234ebdf9b98031bae583524fd0b0ac > which caused internal symbols in libldb to be exposed. > > Bug: https://bugzilla.samba.org/show_bug.cgi?id=9357 > > Signed-off-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Stephen Gallagher <sgall...@redhat.com> > > commit d02c8ba122cef7d8b254e5be3ae757eb3bb14235 > Author: Jelmer Vernooij <jel...@samba.org> > Date: Mon Nov 5 19:36:29 2012 +0100 > > wafsamba.samba_abi: Add basic unit tests. > > Signed-off-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Stephen Gallagher <sgall...@redhat.com> > > commit 97102fa9963ba88f4ab72165a02071990031a73b > Author: Andrew Bartlett <abart...@samba.org> > Date: Tue Nov 6 07:48:52 2012 +1100 > > buildtools: Remove extra space from global: line > > This makes it easier to put the expected values in a file > as we will not have trailing whitespace that is against git style. > > Andrew Bartlett > > Signed-off-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Jelmer Vernooij <jel...@samba.org> > > Reviewed-by: Andrew Bartlett <abart...@samba.org> > > commit ea5ef95fbebe28cca11f86a9015aab77522f5e18 > Author: Jelmer Vernooij <jel...@samba.org> > Date: Mon Nov 5 19:36:28 2012 +0100 > > wafsamba.samba_abi: Refactor abi_write_vscript to take file argument. > > Signed-off-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Andrew Bartlett <abart...@samba.org> > Reviewed-by: Stephen Gallagher <sgall...@redhat.com> > > ----------------------------------------------------------------------- > > Summary of changes: > buildtools/wafsamba/samba_abi.py | 32 +++++---- > buildtools/wafsamba/tests/test_abi.py | 67 > ++++++++++++++++++++ > selftest/target/Samba4.pm | 2 +- > source4/dsdb/samdb/cracknames.c | 5 +- > source4/scripting/python/samba/netcmd/gpo.py | 4 +- > source4/scripting/python/samba/ntacls.py | 3 +- > .../scripting/python/samba/provision/__init__.py | 6 +- > .../scripting/python/samba/tests/samba_tool/gpo.py | 57 +++++++++++++++++ > source4/selftest/tests.py | 7 ++ > wintest/wintest.py | 13 ++++- > 10 files changed, 172 insertions(+), 24 deletions(-) > create mode 100644 source4/scripting/python/samba/tests/samba_tool/gpo.py > > > Changeset truncated at 500 lines: > > diff --git a/buildtools/wafsamba/samba_abi.py > b/buildtools/wafsamba/samba_abi.py > index ed977ba..488dab8 100644 > --- a/buildtools/wafsamba/samba_abi.py > +++ b/buildtools/wafsamba/samba_abi.py > @@ -152,22 +152,23 @@ def abi_process_file(fname, version, symmap): > symmap[symname] = version > f.close() > > -def abi_write_vscript(vscript, libname, current_version, versions, symmap, > abi_match): > - '''write a vscript file for a library in --version-script format > > - :param vscript: Path to the vscript file > +def abi_write_vscript(f, libname, current_version, versions, symmap, > abi_match): > + """Write a vscript file for a library in --version-script format. > + > + :param f: File-like object to write to > :param libname: Name of the library, uppercased > :param current_version: Current version > :param versions: Versions to consider > :param symmap: Dictionary mapping symbols -> version > - :param abi_match: List of symbols considered to be public in the current > version > - ''' > + :param abi_match: List of symbols considered to be public in the current > + version > + """ > > invmap = {} > for s in symmap: > invmap.setdefault(symmap[s], []).append(s) > > - f = open(vscript, mode='w') > last_key = "" > versions = sorted(versions, key=version_key) > for k in versions: > @@ -175,8 +176,8 @@ def abi_write_vscript(vscript, libname, current_version, > versions, symmap, abi_m > if symver == current_version: > break > f.write("%s {\n" % symver) > - if k in invmap: > - f.write("\tglobal: \n") > + if k in sorted(invmap.keys()): > + f.write("\tglobal:\n") > for s in invmap.get(k, []): > f.write("\t\t%s;\n" % s); > f.write("}%s;\n\n" % last_key) > @@ -190,14 +191,13 @@ def abi_write_vscript(vscript, libname, > current_version, versions, symmap, abi_m > f.write("\t\t%s;\n" % x) > else: > f.write("\t\t*;\n") > - if len(local_abi) > 0: > + if abi_match != ["*"]: > f.write("\tlocal:\n") > for x in local_abi: > f.write("\t\t%s;\n" % x[1:]) > - elif abi_match != ["*"]: > - f.write("\tlocal: *;\n") > + if len(global_abi) > 0: > + f.write("\t\t*;\n") > f.write("};\n") > - f.close() > > > def abi_build_vscript(task): > @@ -213,8 +213,12 @@ def abi_build_vscript(task): > version = basename[len(task.env.LIBNAME)+1:-len(".sigs")] > versions.append(version) > abi_process_file(fname, version, symmap) > - abi_write_vscript(tgt, task.env.LIBNAME, task.env.VERSION, versions, > symmap, > - task.env.ABI_MATCH) > + f = open(tgt, mode='w') > + try: > + abi_write_vscript(f, task.env.LIBNAME, task.env.VERSION, versions, > + symmap, task.env.ABI_MATCH) > + finally: > + f.close() > > > def ABI_VSCRIPT(bld, libname, abi_directory, version, vscript, > abi_match=None): > diff --git a/buildtools/wafsamba/tests/test_abi.py > b/buildtools/wafsamba/tests/test_abi.py > index 0aa0d56..bba78c1 100644 > --- a/buildtools/wafsamba/tests/test_abi.py > +++ b/buildtools/wafsamba/tests/test_abi.py > @@ -17,9 +17,12 @@ > from wafsamba.tests import TestCase > > from wafsamba.samba_abi import ( > + abi_write_vscript, > normalise_signature, > ) > > +from cStringIO import StringIO > + > > class NormaliseSignatureTests(TestCase): > > @@ -51,3 +54,67 @@ class NormaliseSignatureTests(TestCase): > 'uuid = {time_low = 2324192516, time_mid = 7403, > time_hi_and_version = 4553, clock_seq = "\\237\\350", node = > "\\b\\000+\\020H`"}, if_version = 2', > normalise_signature('$244 = {uuid = {time_low = 2324192516, > time_mid = 7403, time_hi_and_version = 4553, clock_seq = "\\237\\350", node = > "\\b\\000+\\020H`"}, if_version = 2}')) > > + > +class WriteVscriptTests(TestCase): > + > + def test_one(self): > + f = StringIO() > + abi_write_vscript(f, "MYLIB", "1.0", [], { > + "old": "1.0", > + "new": "1.0"}, ["*"]) > + self.assertEquals(f.getvalue(), """\ > +1.0 { > +\tglobal: > +\t\t*; > +}; > +""") > + > + def test_simple(self): > + # No restrictions. > + f = StringIO() > + abi_write_vscript(f, "MYLIB", "1.0", ["0.1"], { > + "old": "0.1", > + "new": "1.0"}, ["*"]) > + self.assertEquals(f.getvalue(), """\ > +MYLIB_0.1 { > +\tglobal: > +\t\told; > +}; > + > +1.0 { > +\tglobal: > +\t\t*; > +}; > +""") > + > + def test_exclude(self): > + f = StringIO() > + abi_write_vscript(f, "MYLIB", "1.0", [], { > + "exc_old": "0.1", > + "old": "0.1", > + "new": "1.0"}, ["!exc_*"]) > + self.assertEquals(f.getvalue(), """\ > +1.0 { > +\tglobal: > +\t\t*; > +\tlocal: > +\t\texc_*; > +}; > +""") > + > + def test_excludes_and_includes(self): > + f = StringIO() > + abi_write_vscript(f, "MYLIB", "1.0", [], { > + "pub_foo": "1.0", > + "exc_bar": "1.0", > + "other": "1.0" > + }, ["pub_*", "!exc_*"]) > + self.assertEquals(f.getvalue(), """\ > +1.0 { > +\tglobal: > +\t\tpub_*; > +\tlocal: > +\t\texc_*; > +\t\t*; > +}; > +""") > diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm > index fbc8117..20114c9 100644 > --- a/selftest/target/Samba4.pm > +++ b/selftest/target/Samba4.pm > @@ -799,7 +799,7 @@ sub provision($$$$$$$$$) > > [sysvol] > path = $ctx->{statedir}/sysvol > - read only = yes > + read only = no > > [netlogon] > path = $ctx->{statedir}/sysvol/$ctx->{dnsname}/scripts > diff --git a/source4/dsdb/samdb/cracknames.c b/source4/dsdb/samdb/cracknames.c > index 8b52aa3..f136dec 100644 > --- a/source4/dsdb/samdb/cracknames.c > +++ b/source4/dsdb/samdb/cracknames.c > @@ -1070,7 +1070,10 @@ static WERROR DsCrackNameOneFilter(struct ldb_context > *sam_ctx, TALLOC_CTX *mem_ > if (sid == NULL) { > info1->status = DRSUAPI_DS_NAME_STATUS_NO_MAPPING; > return WERR_OK; > - } else if (samdb_find_attribute(sam_ctx, result, "objectClass", > "domain")) { > + } > + > + if (samdb_find_attribute(sam_ctx, result, "objectClass", > + "domain")) { > /* This can also find a DomainDNSZones entry, > * but it won't have the SID we just > * checked. */ > diff --git a/source4/scripting/python/samba/netcmd/gpo.py > b/source4/scripting/python/samba/netcmd/gpo.py > index 53bfcaa..347231b 100644 > --- a/source4/scripting/python/samba/netcmd/gpo.py > +++ b/source4/scripting/python/samba/netcmd/gpo.py > @@ -975,9 +975,9 @@ class cmd_create(Command): > ds_sd = ndr_unpack(security.descriptor, ds_sd_ndr).as_sddl() > > # Create a file system security descriptor > - domain_sid = self.samdb.get_domain_sid() > + domain_sid = security.dom_sid(self.samdb.get_domain_sid()) > sddl = dsacl2fsacl(ds_sd, domain_sid) > - fs_sd = security.descriptor.from_sddl(sddl, > security.dom_sid(domain_sid)) > + fs_sd = security.descriptor.from_sddl(sddl, domain_sid) > > # Set ACL > sio = ( security.SECINFO_OWNER | > diff --git a/source4/scripting/python/samba/ntacls.py > b/source4/scripting/python/samba/ntacls.py > index f304047..89d450a 100644 > --- a/source4/scripting/python/samba/ntacls.py > +++ b/source4/scripting/python/samba/ntacls.py > @@ -198,14 +198,13 @@ def ldapmask2filemask(ldm): > return filemask > > > -def dsacl2fsacl(dssddl, domsid): > +def dsacl2fsacl(dssddl, sid): > """ > > This function takes an the SDDL representation of a DS > ACL and return the SDDL representation of this ACL adapted > for files. It's used for Policy object provision > """ > - sid = security.dom_sid(domsid) > ref = security.descriptor.from_sddl(dssddl, sid) > fdescr = security.descriptor() > fdescr.owner_sid = ref.owner_sid > diff --git a/source4/scripting/python/samba/provision/__init__.py > b/source4/scripting/python/samba/provision/__init__.py > index b385556..47bc6f9 100644 > --- a/source4/scripting/python/samba/provision/__init__.py > +++ b/source4/scripting/python/samba/provision/__init__.py > @@ -1395,7 +1395,7 @@ def set_gpos_acl(sysvol, dnsdomain, domainsid, > domaindn, samdb, lp, use_ntvfs, p > acl = ndr_unpack(security.descriptor, > str(policy["nTSecurityDescriptor"])).as_sddl() > policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"])) > - set_dir_acl(policy_path, dsacl2fsacl(acl, str(domainsid)), lp, > + set_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp, > str(domainsid), use_ntvfs, > passdb=passdb) > > @@ -1484,7 +1484,7 @@ def check_dir_acl(path, acl, lp, domainsid, > direct_db_access): > if fsacl_sddl != acl: > raise ProvisioningError('%s ACL on GPO file %s %s does not > match expected value %s from GPO object' % (acl_type(direct_db_access), > os.path.join(root, name), fsacl_sddl, acl)) > > - for name in files: > + for name in dirs: > fsacl = getntacl(lp, os.path.join(root, name), > direct_db_access=direct_db_access) > if fsacl is None: > raise ProvisioningError('%s ACL on GPO directory %s %s not > found!' % (acl_type(direct_db_access), os.path.join(root, name))) > @@ -1522,7 +1522,7 @@ def check_gpos_acl(sysvol, dnsdomain, domainsid, > domaindn, samdb, lp, > acl = ndr_unpack(security.descriptor, > str(policy["nTSecurityDescriptor"])).as_sddl() > policy_path = getpolicypath(sysvol, dnsdomain, str(policy["cn"])) > - check_dir_acl(policy_path, dsacl2fsacl(acl, str(domainsid)), lp, > + check_dir_acl(policy_path, dsacl2fsacl(acl, domainsid), lp, > domainsid, direct_db_access) > > > diff --git a/source4/scripting/python/samba/tests/samba_tool/gpo.py > b/source4/scripting/python/samba/tests/samba_tool/gpo.py > new file mode 100644 > index 0000000..84154f5 > --- /dev/null > +++ b/source4/scripting/python/samba/tests/samba_tool/gpo.py > @@ -0,0 +1,57 @@ > +# Unix SMB/CIFS implementation. > +# Copyright (C) Andrew Bartlett 2012 > +# > +# based on time.py: > +# Copyright (C) Sean Dague <sda...@linux.vnet.ibm.com> 2011 > +# > +# This program is free software; you can redistribute it and/or modify > +# it under the terms of the GNU General Public License as published by > +# the Free Software Foundation; either version 3 of the License, or > +# (at your option) any later version. > +# > +# This program is distributed in the hope that it will be useful, > +# but WITHOUT ANY WARRANTY; without even the implied warranty of > +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > +# GNU General Public License for more details. > +# > +# You should have received a copy of the GNU General Public License > +# along with this program. If not, see <http://www.gnu.org/licenses/>. > +# > + > +import os > +from samba.tests.samba_tool.base import SambaToolCmdTest > + > +class GpoCmdTestCase(SambaToolCmdTest): > + """Tests for samba-tool time subcommands""" > + > + gpo_name = "testgpo" > + > + def test_gpo_list(self): > + """Run gpo list against the server and make sure it looks accurate""" > + (result, out, err) = self.runsubcmd("gpo", "listall", "-H", > "ldap://%s" % os.environ["SERVER"]) > + self.assertCmdSuccess(result, "Ensuring gpo listall ran > successfully") > + > + def test_fetchfail(self): > + """Run against a non-existent GPO, and make sure it fails (this > hard-coded UUID is very unlikely to exist""" > + (result, out, err) = self.runsubcmd("gpo", "fetch", > "c25cac17-a02a-4151-835d-fae17446ee43", "-H", "ldap://%s" % > +os.environ["SERVER"]) > + self.assertEquals(result, -1, "check for result code") > + > + def test_fetch(self): > + """Run against a real GPO, and make sure it passes""" > + (result, out, err) = self.runsubcmd("gpo", "fetch", self.gpo_guid, > "-H", "ldap://%s" % os.environ["SERVER"], "--tmpdir", > os.environ['SELFTEST_PREFIX']) > + self.assertCmdSuccess(result, "Ensuring gpo fetched successfully") > + > + def setUp(self): > + """set up a temporary GPO to work with""" > + super(GpoCmdTestCase, self).setUp() > + (result, out, err) = self.runsubcmd("gpo", "create", self.gpo_name, > "-H", "ldap://%s" % os.environ["SERVER"], "-U%s%%%s" % > (os.environ["USERNAME"], os.environ["PASSWORD"])) > + self.gpo_guid = "{%s}" % out.split("{")[1].split("}")[0] > + > + self.assertCmdSuccess(result, "Ensuring gpo created successfully") > + > + def tearDown(self): > + """remove the temporary GPO to work with""" > + (result, out, err) = self.runsubcmd("gpo", "del", self.gpo_guid, > "-H", "ldap://%s" % os.environ["SERVER"], "-U%s%%%s" % > (os.environ["USERNAME"], os.environ["PASSWORD"])) > + self.assertCmdSuccess(result, "Ensuring gpo deleted successfully") > + super(GpoCmdTestCase, self).tearDown() > diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py > index ca5bdd3..58936e8 100755 > --- a/source4/selftest/tests.py > +++ b/source4/selftest/tests.py > @@ -405,6 +405,13 @@ planpythontestsuite("dc:local", > "samba.tests.dcerpc.bare") > planpythontestsuite("dc:local", "samba.tests.dcerpc.unix") > planpythontestsuite("dc:local", "samba.tests.dcerpc.srvsvc") > planpythontestsuite("dc:local", "samba.tests.samba_tool.timecmd") > + > +# We run this test against both AD DC implemetnations because it is > +# the only test we have of GPO get/set behaviour, and this involves > +# the file server as well as the LDAP server. > +planpythontestsuite("dc:local", "samba.tests.samba_tool.gpo") > +planpythontestsuite("plugin_s4_dc:local", "samba.tests.samba_tool.gpo") > + > planpythontestsuite("dc:local", "samba.tests.samba_tool.processes") > planpythontestsuite("dc:local", "samba.tests.samba_tool.user") > planpythontestsuite("dc:local", "samba.tests.samba_tool.group") > diff --git a/wintest/wintest.py b/wintest/wintest.py > index c0f1eeb..61664ae 100644 > --- a/wintest/wintest.py > +++ b/wintest/wintest.py > @@ -852,12 +852,23 @@ RebootOnCompletion=No > child.expect("C:") > child.expect("C:") > child.sendline("dcpromo /answer:answers.txt") > - i = child.expect(["You must restart this computer", "failed", > "Active Directory Domain Services was not installed", "C:"], timeout=240) > + i = child.expect(["You must restart this computer", "failed", > "Active Directory Domain Services was not installed", "C:", pexpect.TIMEOUT], > timeout=240) > if i == 1 or i == 2: > raise Exception("dcpromo failed") > + if i == 4: # timeout > + child = self.open_telnet("${WIN_HOSTNAME}", "administrator", > "${WIN_PASS}") > + > child.sendline("shutdown -r -t 0") > self.port_wait("${WIN_IP}", 139, wait_for_fail=True) > self.port_wait("${WIN_IP}", 139) > + > + child = self.open_telnet("${WIN_HOSTNAME}", "administrator", > "${WIN_PASS}") > + # Check if we became a DC by now > + if not self.get_is_dc(child): > + raise Exception("dcpromo failed (and wasn't a DC even after > rebooting)") > + # Give DNS registration a kick > + child.sendline("ipconfig /registerdns") > + > self.retry_cmd("host -t SRV _ldap._tcp.${WIN_REALM} ${WIN_IP}", > ['has SRV record'], retries=60, delay=5 ) > > > >
signature.asc
Description: OpenPGP digital signature