The branch, master has been updated via 91b68ac0b6f nsswitch:tests: Add test to check correct group lookup with samlogon cache via 6a10ab3f10d selftest: Make 'Samba Users' the primary group of joe via 227a8a11310 selftest: Add a group 'Samba Users' via b4a4adebd94 selftest: Add user joe via 96f319e0de2 nsswitch: Fix username in wbinfo -K output from 4fca8d7aa77 tdb: Align integer types
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 91b68ac0b6fb7940d219d7c501412b573afe1e08 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 15 16:29:24 2020 +0100 nsswitch:tests: Add test to check correct group lookup with samlogon cache TEST FOR: https://bugzilla.samba.org/show_bug.cgi?id=14124 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> Autobuild-User(master): Andreas Schneider <a...@cryptomilk.org> Autobuild-Date(master): Fri Jan 24 17:18:38 UTC 2020 on sn-devel-184 commit 6a10ab3f10d96f8acc28296125ba52c1b255f260 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 15 14:41:37 2020 +0100 selftest: Make 'Samba Users' the primary group of joe Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> commit 227a8a11310961ca028251a8d82a8be5a58b7b51 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 15 14:41:13 2020 +0100 selftest: Add a group 'Samba Users' Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> commit b4a4adebd94558feb04220a04eadfc8e58624e53 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 15 14:39:56 2020 +0100 selftest: Add user joe Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> commit 96f319e0de21b0479a4f9be23e8a2c1d2709d6f6 Author: Andreas Schneider <a...@samba.org> Date: Wed Jan 15 15:30:24 2020 +0100 nsswitch: Fix username in wbinfo -K output We should not print the password if specified via the command line. Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Günther Deschner <g...@samba.org> ----------------------------------------------------------------------- Summary of changes: nsswitch/tests/test_wbinfo_user_info_cached.sh | 50 ++++++++++++++++++++++++++ nsswitch/wbinfo.c | 2 +- selftest/target/Samba4.pm | 45 ++++++++++++++++++++++- source3/selftest/tests.py | 10 ++++++ 4 files changed, 105 insertions(+), 2 deletions(-) create mode 100755 nsswitch/tests/test_wbinfo_user_info_cached.sh Changeset truncated at 500 lines: diff --git a/nsswitch/tests/test_wbinfo_user_info_cached.sh b/nsswitch/tests/test_wbinfo_user_info_cached.sh new file mode 100755 index 00000000000..5b451fde202 --- /dev/null +++ b/nsswitch/tests/test_wbinfo_user_info_cached.sh @@ -0,0 +1,50 @@ +#!/bin/sh +# Blackbox test for wbinfo primary groups and samlogon caching +# Copyright (c) 2020 Andreas Schneider <a...@samba.org> + +if [ $# -lt 5 ]; then +cat <<EOF +Usage: $(basename $0) DOMAIN REALM USERNAME PASSWORD PRIMARY_GROUP +EOF +exit 1; +fi + +DOMAIN=$1 +REALM=$2 +USERNAME=$3 +PASSWORD=$4 +PRIMARY_GROUP=$5 +shift 5 + +DEFAULT_GROUP="Domain Users" + +failed=0 + +samba_bindir="$BINDIR" +wbinfo_tool="$VALGRIND $samba_bindir/wbinfo" +net_tool="$VALGRIND $samba_bindir/net -s $SERVERCONFFILE" + +. $(dirname $0)/../../testprogs/blackbox/subunit.sh + +KRB5CCNAME_PATH="$PREFIX/test_wbinfo_user_info_cached_krb5ccache" +rm -f $KRB5CCNAME_PATH + +KRB5CCNAME="FILE:$KRB5CCNAME_PATH" +export KRB5CCNAME + +USER="$DOMAIN/$USERNAME" +USER_SID=$($wbinfo_tool --name-to-sid="$USER" | sed -e 's/ .*//') + +testit_grep "user_info.no_cache" "$DEFAULT_GROUP" $wbinfo_tool --user-info=$USER || failed=$(expr $failed + 1) + +# Fill the samlogon cache +testit "kerberos_login" $wbinfo_tool --krb5ccname=$KRB5CCNAME --krb5auth=$USER%$PASSWORD || failed=$(expr $failed + 1) + +testit_grep "user_info.samlogon_cache" "$PRIMARY_GROUP" $wbinfo_tool --user-info=$USER || failed=$(expr $failed + 1) + +# Cleanup +$net_tool cache samlogon delete $USER_SID + +rm -f $KRB5CCNAME_PATH + +exit $failed diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index ae89f876a9d..cd89bb0bddc 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -1680,7 +1680,7 @@ static bool wbinfo_auth_krb5(char *username, const char *cctype, uint32_t flags) d_printf("plaintext kerberos password authentication for [%s] %s " "(requesting cctype: %s)\n", - username, WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed", + name, WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed", cctype); if (error) { diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm index 3e6692ce529..da9f0a00e91 100755 --- a/selftest/target/Samba4.pm +++ b/selftest/target/Samba4.pm @@ -981,7 +981,7 @@ servicePrincipalName: http/testupnspn.$ctx->{dnsname} } # Create to users alice and bob! - my $user_account_array = ["alice", "bob", "jane"]; + my $user_account_array = ["alice", "bob", "jane", "joe"]; foreach my $user_account (@{$user_account_array}) { my $samba_tool_cmd = ""; @@ -996,6 +996,49 @@ servicePrincipalName: http/testupnspn.$ctx->{dnsname} } } + my $group_array = ["Samba Users"]; + + foreach my $group (@{$group_array}) { + my $samba_tool_cmd = ""; + + $samba_tool_cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; + $samba_tool_cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; + $samba_tool_cmd .= Samba::bindir_path($self, "samba-tool") + . " group add --configfile=$ctx->{smb_conf} \"$group\""; + unless (system($samba_tool_cmd) == 0) { + warn("Unable to create group: $group\n$samba_tool_cmd\n"); + return undef; + } + } + + # Add user joe to group "Samba Users" + my $samba_tool_cmd = ""; + my $group = "Samba Users"; + my $user_account = "joe"; + + $samba_tool_cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; + $samba_tool_cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; + $samba_tool_cmd .= Samba::bindir_path($self, "samba-tool") + . " group addmembers --configfile=$ctx->{smb_conf} \"$group\" $user_account"; + unless (system($samba_tool_cmd) == 0) { + warn("Unable to add " . $user_account . "to group group : $group\n$samba_tool_cmd\n"); + return undef; + } + + my $samba_tool_cmd = ""; + my $group = "Samba Users"; + my $user_account = "joe"; + + $samba_tool_cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; + $samba_tool_cmd .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; + $samba_tool_cmd .= Samba::bindir_path($self, "samba-tool") + . " user setprimarygroup --configfile=$ctx->{smb_conf} $user_account \"$group\""; + unless (system($samba_tool_cmd) == 0) { + warn("Unable to set primary group of user: $user_account\n$samba_tool_cmd\n"); + return undef; + } + + # Change the userPrincipalName for jane my $ldbmodify = ""; $ldbmodify .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; $ldbmodify .= "KRB5CCNAME=\"$ret->{KRB5_CCACHE}\" "; diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index ca427cc0c7c..1dc7ceef23b 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -278,6 +278,16 @@ plantestsuite("samba3.wbinfo_name_lookup", env, "nsswitch/tests/test_wbinfo_name_lookup.sh"), '$DOMAIN', '$REALM', '$DC_USERNAME']) +env = "ad_member" +plantestsuite("samba3.wbinfo_user_info_cached", env, + [os.path.join(srcdir(), + "nsswitch/tests/test_wbinfo_user_info_cached.sh"), + '$DOMAIN', '$REALM', 'joe', 'Secret007', '"Samba Users"', env]) +plantestsuite("samba3.wbinfo_user_info_cached.trustdom", env, + [os.path.join(srcdir(), + "nsswitch/tests/test_wbinfo_user_info_cached.sh"), + '$TRUST_F_BOTH_DOMAIN', '$TRUST_F_BOTH_REALM', 'joe', 'Secret007', '"Samba Users"', env]) + env = "ad_member:local" plantestsuite("samba3.wbinfo_user_info", env, [os.path.join(srcdir(), -- Samba Shared Repository