testprogs/blackbox/test_primary_group.sh

   1 #!/bin/bash
   2
   3 if [ $# -lt 5 ]; then
   4         cat <<EOF
   5 Usage: test_primary_group.sh SERVER USERNAME PASSWORD DOMAIN PREFIX_ABS
   6 EOF
   7         exit 1
   8 fi
   9
  10 SERVER=$1
  11 USERNAME=$2
  12 PASSWORD=$3
  13 DOMAIN=$4
  14 PREFIX_ABS=$5
  15 shift 5
  16 failed=0
  17
  18 TMPDIR="$PREFIX_ABS/$(basename $0)"
  19 export TMPDIR
  20
  21 . $(dirname $0)/subunit.sh
  22 . $(dirname $0)/common_test_fns.inc
  23
  24 ldbmodify=$(system_or_builddir_binary ldbmodify "${BINDIR}")
  25 ldbsearch=$(system_or_builddir_binary ldbsearch "${BINDIR}")
  26
  27 TZ=UTC
  28 export TZ
  29
  30 N=$(date +%H%M%S)
  31
  32 testuser="testuser$N"
  33 testgroup="testgroup$N"
  34
  35 echo "testuser: $testuser"
  36 echo "testgroup: $testgroup"
  37
  38 testit "mkdir -p '${TMPDIR}'" mkdir -p ${TMPDIR} || failed=$(expr $failed + 1)
  39
  40 testit "create '$testuser'" $VALGRIND $PYTHON $BINDIR/samba-tool user create "$testuser" Password.1 || failed=$(expr $failed + 1)
  41 testit "add '$testgroup'" $VALGRIND $PYTHON $BINDIR/samba-tool group add "$testgroup" || failed=$(expr $failed + 1)
  42 testit "addmembers '$testgroup' '$testuser'" $VALGRIND $PYTHON $BINDIR/samba-tool group addmembers "$testgroup" "$testuser" || failed=$(expr $failed + 1)
  43
  44 testit "search1" ${ldbsearch} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 sAMAccountName="$testgroup" objectSid || failed=$(expr $failed + 1)
  45 ldif="${TMPDIR}/search1.ldif"
  46 ${ldbsearch} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 sAMAccountName=$testgroup objectSid >$ldif
  47 rid=$(cat $ldif | sed -n 's/^objectSid: S-1-5-21-.*-.*-.*-//p')
  48
  49 testit "search2" ${ldbsearch} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 sAMAccountName="$testuser" dn || failed=$(expr $failed + 1)
  50 ldif="${TMPDIR}/search2.ldif"
  51 ${ldbsearch} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 sAMAccountName=$testuser dn >$ldif
  52 user_dn=$(cat $ldif | sed -n 's/^dn: //p')
  53
  54 ldif="${TMPDIR}/modify1.ldif"
  55 cat >$ldif <<EOF
  56 dn: $user_dn
  57 changetype: modify
  58 replace: primaryGroupID
  59 primaryGroupID: $rid
  60 EOF
  61 testit "Change primaryGroupID to $rid" ${ldbmodify} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 --verbose <$ldif || failed=$(expr $failed + 1)
  62
  63 testit "dbcheck run1" $VALGRIND $PYTHON $BINDIR/samba-tool dbcheck --attrs=member || failed=$(expr $failed + 1)
  64
  65 ldif="${TMPDIR}/modify2.ldif"
  66 cat >$ldif <<EOF
  67 dn: $user_dn
  68 changetype: modify
  69 replace: primaryGroupID
  70 primaryGroupID: 513
  71 EOF
  72 testit "Change primaryGroupID to 513" ${ldbmodify} -H ldap://$SERVER_IP -U$USERNAME%$PASSWORD -d0 <$ldif || failed=$(expr $failed + 1)
  73
  74 testit "dbcheck run2" $VALGRIND $PYTHON $BINDIR/samba-tool dbcheck --attrs=member || failed=$(expr $failed + 1)
  75
  76 testit "delete '$testuser'" $VALGRIND $PYTHON $BINDIR/samba-tool user delete "$testuser" || failed=$(expr $failed + 1)
  77 testit "delete '$testgroup'" $VALGRIND $PYTHON $BINDIR/samba-tool group delete "$testgroup" || failed=$(expr $failed + 1)
  78
  79 #
  80 # As we don't support phantom objects and virtual backlinks
  81 # the deletion of the user prior to the group causes dangling links,
  82 # which are detected like this:
  83 #
  84 # WARNING: target DN is deleted for member in object
  85 #
  86 # Specifically, this happens because after the member link is
  87 # deactivated the memberOf is gone, and so there is no way to find the
  88 # now redundant forward link to clean it up.
  89 #
  90 testit_expect_failure "dbcheck run3" $VALGRIND $PYTHON $BINDIR/samba-tool dbcheck --attrs=member --fix --yes || failed=$(expr $failed + 1)
  91 testit "dbcheck run4" $VALGRIND $PYTHON $BINDIR/samba-tool dbcheck --attrs=member || failed=$(expr $failed + 1)
  92
  93 exit $failed