search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r22187: Test kerberos logins in the smbclient blackbox tests, including with a
[Samba.git] / source / script / tests / mktestdc.sh
blob4b92fe3a3cbfe69ada712c783a2f6c35798ca424
1 #!/bin/sh
2 # Build a test environment for running Samba
3
4 if [ $# -lt 1 ]
5 then
6 echo "$0 PREFIX"
7 exit 1
8 fi
9
10 PREFIX=$1
11
12 if test -z "$SHARE_BACKEND"; then
13 SHARE_BACKEND=classic
14 fi
15
16 if test -z "$SMBD_LOGLEVEL"; then
17 SMBD_LOGLEVEL=1
18 fi
19
20 SERVER_ROLE="domain controller"
21 DOMAIN=SAMBADOMAIN
22 USERNAME=administrator
23 REALM=SAMBA.EXAMPLE.COM
24 DNSNAME="samba.example.com"
25 BASEDN="dc=samba,dc=example,dc=com"
26 PASSWORD=penguin
27 SRCDIR=`pwd`
28 ROOT=$USER
29 SERVER=localhost
30 NETBIOSNAME=localtest
31 if test -z "$ROOT"; then
32 ROOT=$LOGNAME
33 fi
34 if test -z "$ROOT"; then
35 ROOT=`whoami`
36 fi
37
38 oldpwd=`pwd`
39 srcdir=`dirname $0`/../..
40 mkdir -p $PREFIX || exit $?
41 cd $PREFIX
42 PREFIX_ABS=`pwd`
43 cd $oldpwd
44
45 TMPDIR=$PREFIX_ABS/tmp
46 ETCDIR=$PREFIX_ABS/etc
47 PIDDIR=$PREFIX_ABS/pid
48 CONFFILE=$ETCDIR/smb.conf
49 KRB5_CONFIG=$ETCDIR/krb5.conf
50 PRIVATEDIR=$PREFIX_ABS/private
51 NCALRPCDIR=$PREFIX_ABS/ncalrpc
52 LOCKDIR=$PREFIX_ABS/lockdir
53
54 WINBINDD_SOCKET_DIR=$PREFIX_ABS/winbind_socket
55 CONFIGURATION="--configfile=$CONFFILE"
56 LDAPDIR=$PREFIX_ABS/ldap
57
58 rm -rf $PREFIX/*
59 mkdir -p $PRIVATEDIR $ETCDIR $PIDDIR $NCALRPCDIR $LOCKDIR $TMPDIR $LDAPDIR/db $LDAPDIR/db/bdb-logs $LDAPDIR/db/tmp
60
61 cat >$CONFFILE<<EOF
62 [global]
63 netbios name = $NETBIOSNAME
64 netbios aliases = $SERVER
65 workgroup = $DOMAIN
66 realm = $REALM
67 private dir = $PRIVATEDIR
68 pid directory = $PIDDIR
69 ncalrpc dir = $NCALRPCDIR
70 lock dir = $LOCKDIR
71 share backend = $SHARE_BACKEND
72 setup directory = $SRCDIR/setup
73 js include = $SRCDIR/scripting/libjs
74 winbindd socket directory = $WINBINDD_SOCKET_DIR
75 name resolve order = bcast
76 interfaces = 127.0.0.1/8
77 tls dh params file = $DHFILE
78 panic action = $SRCDIR/script/gdb_backtrace %PID% %PROG%
79 wins support = yes
80 server role = $SERVER_ROLE
81 max xmit = 32K
82 server max protocol = SMB2
83 notify:inotify = false
84 ldb:nosync = true
85 system:anonymous = true
86 #We don't want to pass our self-tests if the PAC code is wrong
87 gensec:require_pac = true
88 log level = $SMBD_LOGLEVEL
89
90 [tmp]
91 path = $TMPDIR
92 read only = no
93 ntvfs handler = posix
94 posix:sharedelay = 100000
95 posix:eadb = $LOCKDIR/eadb.tdb
96
97 [cifs]
98 read only = no
99 ntvfs handler = cifs
100 cifs:server = $SERVER
101 cifs:user = $USERNAME
102 cifs:password = $PASSWORD
103 cifs:domain = $DOMAIN
104 cifs:share = tmp
105
106 [simple]
107 path = $TMPDIR
108 read only = no
109 ntvfs handler = simple
110
111 [cifsposixtestshare]
112 copy = simple
113 ntvfs handler = cifsposix
114 EOF
115
116 ## Override default share.ldb file
117 rm -f $PRIVATEDIR/share.ldb
118 cat >$PRIVATEDIR/share.ldif<<EOF
119 ### Shares basedn
120 dn: @INDEXLIST
121 @IDXATTR: name
122
123 dn: @ATTRIBUTES
124 cn: CASE_INSENSITIVE
125 dc: CASE_INSENSITIVE
126 name: CASE_INSENSITIVE
127 dn: CASE_INSENSITIVE
128 objectClass: CASE_INSENSITIVE
129
130 dn: CN=Shares
131 objectClass: top
132 objectClass: organizationalUnit
133 cn: Shares
134
135 ### Default IPC$ Share
136 dn: CN=IPC$,CN=Shares
137 objectClass: top
138 objectClass: share
139 cn: IPC$
140 name: IPC$
141 type: IPC
142 path: /tmp
143 comment: Remote IPC
144 max-connections: -1
145 available: True
146 readonly: True
147 browseable: False
148 ntvfs-handler: default
149
150 ### Default ADMIN$ Share
151 dn: CN=ADMIN$,CN=Shares
152 objectClass: top
153 objectClass: share
154 cn: ADMIN$
155 name: ADMIN$
156 type: DISK
157 path: /tmp
158 comment: Remote Admin
159 max-connections: -1
160 available: True
161 readonly: True
162 browseable: False
163 ntvfs-handler: default
164
165 dn: CN=tmp,CN=Shares
166 objectClass: top
167 objectClass: share
168 cn: tmp
169 name: tmp
170 type: DISK
171 path: $TMPDIR
172 comment: Temp Dir for Tests
173 readonly: False
174 ntvfs-handler: posix
175 posix-sharedelay: 100000
176 posix-eadb: $LOCKDIR/eadb.tdb
177
178 dn: CN=cifs,CN=Shares
179 objectClass: top
180 objectClass: share
181 cn: cifs
182 name: cifs
183 type: DISK
184 readonly: False
185 ntvfs-handler: cifs
186 cifs-server: $SERVER
187 cifs-user: $USERNAME
188 cifs-password: $PASSWORD
189 cifs-domain: $DOMAIN
190 cifs-share: tmp
191 EOF
192
193 $srcdir/bin/ldbadd -H $PRIVATEDIR/share.ldb < $PRIVATEDIR/share.ldif >/dev/null || exit 1
194
195 . `dirname $0`/mk-keyblobs.sh
196
197 cat >$KRB5_CONFIG<<EOF
198 #Generated krb5.conf for $REALM
199
200 [libdefaults]
201 default_realm = $REALM
202 dns_lookup_realm = false
203 dns_lookup_kdc = false
204 ticket_lifetime = 24h
205 forwardable = yes
206
207 [realms]
208 $REALM = {
209 kdc = 127.0.0.1:88
210 admin_server = 127.0.0.1:88
211 default_domain = $DNSNAME
212 }
213 $DNSNAME = {
214 kdc = 127.0.0.1:88
215 admin_server = 127.0.0.1:88
216 default_domain = $DNSNAME
217 }
218 $DOMAIN = {
219 kdc = 127.0.0.1:88
220 admin_server = 127.0.0.1:88
221 default_domain = $DNSNAME
222 }
223
224 [appdefaults]
225 pkinit_anchors = FILE:$CAFILE
226
227 [kdc]
228 enable-pkinit = true
229 pkinit_identity = FILE:$KDCCERTFILE,$KEYFILE
230 pkinit_anchors = FILE:$CAFILE
231
232 [domain_realm]
233 .$DNSNAME = $REALM
234 EOF
235
236 #Ensure the config file is valid before we start
237 $srcdir/bin/testparm $CONFIGURATION -v --suppress-prompt >/dev/null 2>&1 || {
238 echo "">&2
239 echo "Failed to create configuration!" >&2
240 $srcdir/bin/testparm $CONFIGURATION >&2
241 exit 1
242 }
243
244 ( $srcdir/bin/testparm $CONFIGURATION -v --suppress-prompt --parameter-name="netbios name" --section-name=global 2> /dev/null | grep -i ^$NETBIOSNAME ) >/dev/null 2>&1 || {
245 echo "$?" >&2
246 $srcdir/bin/testparm $CONFIGURATION -v --suppress-prompt --parameter-name="netbios name" --section-name=global --suppress-prompt 2> /dev/null | grep -i ^$NETBIOSNAME >&2
247 echo "Failed to create configuration!" >&2
248 exit 1
249 }
250
251 PROVISION_OPTIONS="$CONFIGURATION --host-name=$NETBIOSNAME --host-ip=127.0.0.1"
252 PROVISION_OPTIONS="$PROVISION_OPTIONS --quiet --domain $DOMAIN --realm $REALM"
253 PROVISION_OPTIONS="$PROVISION_OPTIONS --adminpass $PASSWORD --root=$ROOT"
254 PROVISION_OPTIONS="$PROVISION_OPTIONS --simple-bind-dn=cn=Manager,$BASEDN --password=$PASSWORD --root=$ROOT"
255 $srcdir/bin/smbscript $srcdir/setup/provision $PROVISION_OPTIONS >&2
256
257 LDAP_URI="ldapi://"`echo $LDAPDIR/ldapi | sed 's|/|%2F|g'`
258
259 . `dirname $0`/mk-openldap.sh
260
261 test -z "$FEDORA_DS_PREFIX" || {
262 . `dirname $0`/mk-fedora-ds.sh
263 }
264
265 cat >$PRIVATEDIR/wins_config.ldif<<EOF
266 dn: name=TORTURE_6,CN=PARTNERS
267 objectClass: wreplPartner
268 name: TORTURE_6
269 address: 127.0.0.6
270 pullInterval: 0
271 pushChangeCount: 0
272 type: 0x3
273 EOF
274
275 $srcdir/bin/ldbadd -H $PRIVATEDIR/wins_config.ldb < $PRIVATEDIR/wins_config.ldif >/dev/null || exit 1
276
277 echo "KRB5_CONFIG=$KRB5_CONFIG"
278 echo "PREFIX_ABS=$PREFIX_ABS"
279 echo "SLAPD_CONF=$SLAPD_CONF"
280 echo "PIDDIR=$PIDDIR"
281 echo "SERVER=$SERVER"
282 echo "NETBIOSNAME=$NETBIOSNAME"
283 echo "LDAP_URI=$LDAP_URI"
284 echo "DOMAIN=$DOMAIN"
285 echo "USERNAME=$USERNAME"
286 echo "REALM=$REALM"
287 echo "DNSNAME=$DNSNAME"
288 echo "BASEDN=$BASEDN"
289 echo "PASSWORD=$PASSWORD"
290 echo "SRCDIR=$SRCDIR"
291 echo "PREFIX=$PREFIX"
292 echo "LDAPDIR=$LDAPDIR"
293 echo "CONFFILE=$CONFFILE"
294 echo "PROVISION_OPTIONS=$PROVISION_OPTIONS"
295 echo "PROVISION_ACI=$PROVISION_ACI"
296 echo "WINBINDD_SOCKET_DIR=$WINBINDD_SOCKET_DIR"
297 echo "NCALRPCDIR=$NCALRPCDIR"
298 echo "CONFIGURATION=$CONFIGURATION"
Samba GIT mirror