The branch, v4-2-test has been updated via 09e0734 tstream: Make socketpair nonblocking via 3f01e75 nsswitch: Extend idmap_rfc2307 testcase for reverse lookup via 7a36a93 idmap_rfc2307: Fix wbinfo --gid-to-sid query via ceb7c09 s4.2/fsmo.py: fixed fsmo transfer exception from 4233065 s4:lib/tls: fix build with gnutls 3.4
https://git.samba.org/?p=samba.git;a=shortlog;h=v4-2-test - Log ----------------------------------------------------------------- commit 09e073429c04c32939856e11481a56b4326f8ffc Author: Volker Lendecke <v...@samba.org> Date: Wed Jun 3 13:41:24 2015 +0000 tstream: Make socketpair nonblocking When we have a large RPC reply, we can't block in the RPC server. Test: Do rpcclient netshareenumall with a thousand shares defined Signed-off-by: Volker Lendecke <v...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Bug: https://bugzilla.samba.org/show_bug.cgi?id=11312 Autobuild-User(v4-2-test): Karolin Seeger <ksee...@samba.org> Autobuild-Date(v4-2-test): Sun Jun 7 02:29:10 CEST 2015 on sn-devel-104 commit 3f01e7513e190b0b7eee2d1f5d23d459dbafdb9b Author: Christof Schmitt <c...@samba.org> Date: Fri Jun 5 08:59:50 2015 -0700 nsswitch: Extend idmap_rfc2307 testcase for reverse lookup Also test the codepaths to map UID and GID back to SID and names. Use different user and group to avoid returning results cached from the previous lookups. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11313 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Fri Jun 5 01:24:32 CEST 2015 on sn-devel-104 (cherry picked from commit c1c07b462058f863e706127203e6f30dba89a2a9) commit 7a36a93c6b4cbbb54ee91fa70baeb8f0ce82e6a8 Author: Christof Schmitt <c...@samba.org> Date: Thu Jun 4 12:11:27 2015 -0700 idmap_rfc2307: Fix wbinfo --gid-to-sid query Fix syntax error in LDAP query for gidNumber. BUG: https://bugzilla.samba.org/show_bug.cgi?id=11313 Signed-off-by: Christof Schmitt <c...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> (cherry picked from commit 835c278e43b9dec98834de0fb12445720e9df2e5) commit ceb7c090d8f11dc320326ac02cf3dabb1ce121e7 Author: Steve Howells <steve.howe...@moscowfirst.com> Date: Sat Jan 31 16:09:17 2015 +0000 s4.2/fsmo.py: fixed fsmo transfer exception In transfer_role() there is an duplicate call to samdb.modify() inside the if statement where the type of role is being determined (specifically for the naming fsmo). This call is unnecessary as after the if statement their is a correct call, with a try/catch block, used by all fsmo transfers that will handle errors - such as the DC with the fsmo role being offline. The call to samdb.modify() inside the if statement for naming fsmo has been removed. Bug: https://bugzilla.samba.org/show_bug.cgi?id=10924 Signed-off-by: Steve Howells <steve.howe...@moscowfirst.com> Reviewed-by: Stefan Metzmacher <me...@samba.org> Reviewed-by: Marc Muehlfeld <mmuehlf...@samba.org> Reviewed-by: Andrew Bartlett <abart...@samba.org> (cherry picked from commit 9198246f91c02e33ed7a3580588557d0fb9f8811) ----------------------------------------------------------------------- Summary of changes: libcli/named_pipe_auth/npa_tstream.c | 25 ++++++++++--- nsswitch/tests/test_idmap_rfc2307.sh | 72 +++++++++++++++++++++++++++++++----- python/samba/netcmd/fsmo.py | 1 - source3/selftest/tests.py | 2 +- source3/winbindd/idmap_rfc2307.c | 2 +- 5 files changed, 85 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/libcli/named_pipe_auth/npa_tstream.c b/libcli/named_pipe_auth/npa_tstream.c index 3d3f55e..3539202 100644 --- a/libcli/named_pipe_auth/npa_tstream.c +++ b/libcli/named_pipe_auth/npa_tstream.c @@ -1468,17 +1468,23 @@ int _tstream_npa_socketpair(uint16_t file_type, fd1 = fds[0]; fd2 = fds[1]; + rc = set_blocking(fd1, false); + if (rc == -1) { + goto close_fail; + } + + rc = set_blocking(fd2, false); + if (rc == -1) { + goto close_fail; + } + rc = _tstream_npa_existing_socket(mem_ctx1, fd1, file_type, &stream1, location); if (rc == -1) { - int sys_errno = errno; - close(fd1); - close(fd2); - errno = sys_errno; - return -1; + goto close_fail; } rc = _tstream_npa_existing_socket(mem_ctx2, @@ -1498,4 +1504,13 @@ int _tstream_npa_socketpair(uint16_t file_type, *pstream2 = stream2; return 0; + +close_fail: + { + int sys_errno = errno; + close(fd1); + close(fd2); + errno = sys_errno; + return -1; + } } diff --git a/nsswitch/tests/test_idmap_rfc2307.sh b/nsswitch/tests/test_idmap_rfc2307.sh index cb60364..90e32a7 100755 --- a/nsswitch/tests/test_idmap_rfc2307.sh +++ b/nsswitch/tests/test_idmap_rfc2307.sh @@ -1,21 +1,24 @@ #!/bin/sh # Test id mapping through idmap_rfc2307 module if [ $# -lt 9 ]; then - echo Usage: $0 DOMAIN USERNAME UID GROUPNAME GID LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD + echo Usage: $0 DOMAIN USERNAME UID USERNAME2 UID2 GROUPNAME GID GROUPNAME2 GID2 LDAPPREFIX DC_SERVER DC_USERNAME DC_PASSWORD exit 1 fi DOMAIN="$1" USERNAME="$2" USERUID="$3" -GROUPNAME="$4" -GROUPGID="$5" -LDAPPREFIX="$6" -DC_SERVER="$7" -DC_USERNAME="$8" -DC_PASSWORD="$9" - -echo called with: $1 $2 $3 $4 $5 $6 $7 $8 $9 +USERNAME2="$4" +USERUID2="$5" +GROUPNAME="$6" +GROUPGID="$7" +GROUPNAME2="$8" +GROUPGID2="$9" +shift 9 +LDAPPREFIX="$1" +DC_SERVER="$2" +DC_USERNAME="$3" +DC_PASSWORD="$4" wbinfo="$VALGRIND $BINDIR/wbinfo" @@ -35,7 +38,9 @@ failed=0 # Delete LDAP records $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX" +$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX" $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX" +$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX" $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX" # Add id mapping information to LDAP @@ -62,6 +67,20 @@ EOF testit "add ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb cat > $PREFIX/tmpldb <<EOF +dn: cn=$USERNAME2,$LDAPPREFIX +objectClass: organizationalPerson +objectClass: posixAccount +ou: People +cn: $USERNAME2 +uid: $USERNAME2 +uidNumber: $USERUID2 +gidNumber: 2 +homeDirectory: /home/admin +EOF + +testit "add second ldap user mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb + +cat > $PREFIX/tmpldb <<EOF dn: cn=$GROUPNAME,$LDAPPREFIX objectClass: posixGroup objectClass: groupOfNames @@ -72,6 +91,17 @@ EOF testit "add ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb +cat > $PREFIX/tmpldb <<EOF +dn: cn=$GROUPNAME2,$LDAPPREFIX +objectClass: posixGroup +objectClass: groupOfNames +cn: $GROUPNAME2 +gidNumber: $GROUPGID2 +member: cn=$USERNAME,$LDAPPREFIX +EOF + +testit "add second ldap group mapping record" $VALGRIND $ldbadd -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD $PREFIX/tmpldb + rm -f $PREFIX/tmpldbmodify testit "wbinfo --name-to-sid" $wbinfo --name-to-sid "$DOMAIN/$USERNAME" || failed=$(expr $failed + 1) @@ -95,9 +125,33 @@ echo "$DOMAIN/$GROUPNAME resolved to $group_gid" testit "test $group_gid -eq $GROUPGID" test $group_gid -eq $GROUPGID || failed=$(expr $failed + 1) +# Use different user and group for reverse lookup to not read from cache + +testit "$wbinfo --uid-to-sid=$USERUID2" $wbinfo --uid-to-sid=$USERUID2 || failed=$(expr $failed + 1) +user_sid2=$($wbinfo --uid-to-sid=$USERUID2 | cut -d " " -f1) +echo "UID $USERUID2 resolved to SID $user_sid2" + +testit "$wbinfo --sid-to-name=$user_sid2" $wbinfo --sid-to-name=$user_sid2 || failed=$(expr $failed + 1) +user_name2=$($wbinfo --sid-to-name=$user_sid2 | cut -d " " -f1) +echo "SID $user_sid2 resolved to $user_name2" + +testit "test $user_name2 = $DOMAIN/$USERNAME2" test "$(echo $user_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$USERNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1) + +testit "$wbinfo --gid-to-sid=$GROUPGID2" $wbinfo --gid-to-sid=$GROUPGID2 || failed=$(expr $failed + 1) +group_sid2=$($wbinfo --gid-to-sid=$GROUPGID2 | cut -d " " -f1) +echo "GID $GROUPGID2 resolved to SID $group_sid2" + +testit "$wbinfo --sid-to-name=$group_sid2" $wbinfo --sid-to-name=$group_sid2 || failed=$(expr $failed + 1) +group_name2=$($wbinfo --sid-to-name=$group_sid2 | cut -d " " -f1) +echo "SID $group_sid2 resolved to $group_name2" + +testit "test $group_name2 = $DOMAIN/$GROUPNAME2" test "$(echo $group_name2 | tr A-Z a-z)" = "$(echo $DOMAIN/$GROUPNAME2 | tr A-Z a-z)" || failed=$(expr $failed + 1) + # Delete LDAP records $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME,$LDAPPREFIX" +$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$USERNAME2,$LDAPPREFIX" $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME,$LDAPPREFIX" +$VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "cn=$GROUPNAME2,$LDAPPREFIX" $VALGRIND $ldbdel -H ldap://$DC_SERVER -U$DOMAIN/$DC_USERNAME%$DC_PASSWORD "$LDAPPREFIX" exit $failed diff --git a/python/samba/netcmd/fsmo.py b/python/samba/netcmd/fsmo.py index 02721f9..1bc4a96 100644 --- a/python/samba/netcmd/fsmo.py +++ b/python/samba/netcmd/fsmo.py @@ -50,7 +50,6 @@ def transfer_role(outf, role, samdb): m["becomeDomainMaster"]= ldb.MessageElement( "1", ldb.FLAG_MOD_REPLACE, "becomeDomainMaster") - samdb.modify(m) elif role == "infrastructure": m["becomeInfrastructureMaster"]= ldb.MessageElement( "1", ldb.FLAG_MOD_REPLACE, diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 476652e..3902a2c 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -346,7 +346,7 @@ for t in tests: plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/write-list-tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "plugin_s4_dc", '//$SERVER/tmp -U$USERNAME%$PASSWORD') elif t == "idmap.rfc2307": - plantestsuite(t, "s3member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', '"Domain Users"', '2000001', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) + plantestsuite(t, "s3member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rfc2307.sh"), '$DOMAIN', 'Administrator', '2000000', 'Guest', '2000001', '"Domain Users"', '2000002', 'DnsAdmins', '2000003', 'ou=idmap,dc=samba,dc=example,dc=com', '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) elif t == "raw.acls": plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/tmp -U$USERNAME%$PASSWORD') plansmbtorture4testsuite(t, "s3dc", '//$SERVER_IP/nfs4acl_simple -U$USERNAME%$PASSWORD', description='nfs4acl_xattr-simple') diff --git a/source3/winbindd/idmap_rfc2307.c b/source3/winbindd/idmap_rfc2307.c index db8bab6..f2fcd98 100644 --- a/source3/winbindd/idmap_rfc2307.c +++ b/source3/winbindd/idmap_rfc2307.c @@ -374,7 +374,7 @@ again: break; case ID_TYPE_GID: fltr_grp = talloc_asprintf_append_buffer(fltr_grp, - "(gidNumber=%d))", ids[idx]->xid.id); + "(gidNumber=%d)", ids[idx]->xid.id); cnt_grp++; break; default: -- Samba Shared Repository