s3-passdb: Remove always the user from getpwsid cache.
[Samba/bjacke.git] / wintest / test-s3.py
blob811e086dc18a465026bab5f8c431bd5e3e18813c
1 #!/usr/bin/env python
3 '''automated testing of Samba3 against windows'''
5 import sys, os
6 import optparse
7 import wintest
9 def set_libpath(t):
10 t.putenv("LD_LIBRARY_PATH", "${PREFIX}/lib")
12 def set_krb5_conf(t):
13 t.run_cmd("mkdir -p ${PREFIX}/etc")
14 t.write_file("${PREFIX}/etc/krb5.conf",
15 '''[libdefaults]
16 dns_lookup_realm = false
17 dns_lookup_kdc = true''')
19 t.putenv("KRB5_CONFIG", '${PREFIX}/etc/krb5.conf')
21 def build_s3(t):
22 '''build samba3'''
23 t.info('Building s3')
24 t.chdir('${SOURCETREE}/source3')
25 t.putenv('CC', 'ccache gcc')
26 t.run_cmd("./autogen.sh")
27 t.run_cmd("./configure -C --prefix=${PREFIX} --enable-developer")
28 t.run_cmd('make basics')
29 t.run_cmd('make -j4')
30 t.run_cmd('rm -rf ${PREFIX}')
31 t.run_cmd('make install')
33 def start_s3(t):
34 t.info('Starting Samba3')
35 t.chdir("${PREFIX}")
36 t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
37 t.run_cmd("rm -f var/locks/*.pid")
38 t.run_cmd(['sbin/nmbd', "-D"])
39 t.run_cmd(['sbin/winbindd', "-D"])
40 t.run_cmd(['sbin/smbd', "-D"])
41 t.port_wait("${INTERFACE_IP}", 139)
43 def test_wbinfo(t):
44 t.info('Testing wbinfo')
45 t.chdir('${PREFIX}')
46 t.cmd_contains("bin/wbinfo --version", ["Version 3."])
47 t.cmd_contains("bin/wbinfo -p", ["Ping to winbindd succeeded"])
48 t.retry_cmd("bin/wbinfo --online-status",
49 ["BUILTIN : online",
50 "${HOSTNAME} : online",
51 "${WIN_DOMAIN} : online"],
52 casefold=True)
53 t.cmd_contains("bin/wbinfo -u",
54 ["${WIN_DOMAIN}/administrator",
55 "${WIN_DOMAIN}/krbtgt" ],
56 casefold=True)
57 t.cmd_contains("bin/wbinfo -g",
58 ["${WIN_DOMAIN}/domain users",
59 "${WIN_DOMAIN}/domain guests",
60 "${WIN_DOMAIN}/domain admins"],
61 casefold=True)
62 t.cmd_contains("bin/wbinfo --name-to-sid administrator",
63 "S-1-5-.*-500 SID_USER .1",
64 regex=True)
65 t.cmd_contains("bin/wbinfo --name-to-sid 'domain users'",
66 "S-1-5-.*-513 SID_DOM_GROUP .2",
67 regex=True)
69 t.retry_cmd("bin/wbinfo --authenticate=${WIN_DOMAIN}/administrator%${WIN_PASS}",
70 ["plaintext password authentication succeeded",
71 "challenge/response password authentication succeeded"])
74 def test_smbclient(t):
75 t.info('Testing smbclient')
76 t.chdir('${PREFIX}')
77 t.cmd_contains("bin/smbclient --version", ["Version 3."])
78 t.cmd_contains('bin/smbclient -L ${INTERFACE_IP} -U%', ["Domain=[${WIN_DOMAIN}]", "test", "IPC$", "Samba 3."],
79 casefold=True)
80 child = t.pexpect_spawn('bin/smbclient //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%${PASSWORD2}')
81 child.expect("smb:")
82 child.sendline("dir")
83 child.expect("blocks available")
84 child.sendline("mkdir testdir")
85 child.expect("smb:")
86 child.sendline("cd testdir")
87 child.expect('testdir')
88 child.sendline("cd ..")
89 child.sendline("rmdir testdir")
91 child = t.pexpect_spawn('bin/smbclient //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%${PASSWORD2} -k')
92 child.expect("smb:")
93 child.sendline("dir")
94 child.expect("blocks available")
95 child.sendline("mkdir testdir")
96 child.expect("smb:")
97 child.sendline("cd testdir")
98 child.expect('testdir')
99 child.sendline("cd ..")
100 child.sendline("rmdir testdir")
102 def create_shares(t):
103 t.info("Adding test shares")
104 t.chdir('${PREFIX}')
105 t.write_file("lib/smb.conf", '''
106 [test]
107 path = ${PREFIX}/test
108 read only = no
109 ''',
110 mode='a')
111 t.run_cmd("mkdir -p test")
114 def prep_join_as_member(t, vm):
115 '''prepare to join a windows domain as a member server'''
116 t.setwinvars(vm)
117 t.info("Starting VMs for joining ${WIN_VM} as a member using net ads join")
118 t.chdir('${PREFIX}')
119 t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False)
120 t.vm_poweroff("${WIN_VM}", checkfail=False)
121 t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}")
122 child = t.open_telnet("${WIN_HOSTNAME}", "administrator", "${WIN_PASS}", set_time=True)
123 t.get_ipconfig(child)
124 t.del_files(["var", "private"])
125 t.write_file("lib/smb.conf", '''
126 [global]
127 netbios name = ${HOSTNAME}
128 log level = ${DEBUGLEVEL}
129 realm = ${WIN_REALM}
130 workgroup = ${WIN_DOMAIN}
131 security = ADS
132 bind interfaces only = yes
133 interfaces = ${INTERFACE}
134 winbind separator = /
135 idmap uid = 1000000-2000000
136 idmap gid = 1000000-2000000
137 winbind enum users = yes
138 winbind enum groups = yes
139 max protocol = SMB2
140 map hidden = no
141 map system = no
142 ea support = yes
143 panic action = xterm -e gdb --pid %d
144 ''')
146 def join_as_member(t, vm):
147 '''join a windows domain as a member server'''
148 t.setwinvars(vm)
149 t.info("Joining ${WIN_VM} as a member using net ads join")
150 t.port_wait("${WIN_IP}", 389)
151 t.retry_cmd("host -t SRV _ldap._tcp.${WIN_REALM} ${WIN_IP}", ['has SRV record'] )
152 t.cmd_contains("bin/net ads join -Uadministrator%${WIN_PASS}", ["Joined"])
153 t.cmd_contains("bin/net ads testjoin", ["Join is OK"])
154 t.cmd_contains("bin/net ads dns register ${HOSTNAME}.${WIN_REALM} -P", ["Successfully registered hostname with DNS"])
155 t.cmd_contains("host -t A ${HOSTNAME}.${WIN_REALM}",
156 ['${HOSTNAME}.${WIN_REALM} has address'])
158 def create_root_account(t, vm):
159 t.setwinvars(vm)
160 t.info("Creating 'root' account for testing Samba3 member server")
161 t.chdir('${PREFIX}')
162 t.run_cmd('bin/net ads user add root -Uadministrator%${WIN_PASS}')
163 child = t.pexpect_spawn('bin/net ads password root -Uadministrator%${WIN_PASS}')
164 child.expect("Enter new password for root")
165 child.sendline("${PASSWORD2}")
166 child.expect("Password change for ");
167 child.expect(" completed")
168 child = t.pexpect_spawn('bin/net rpc shell -S ${WIN_HOSTNAME}.${WIN_REALM} -Uadministrator%${WIN_PASS}')
169 child.expect("net rpc>")
170 child.sendline("user edit disabled root no")
171 child.expect("Set root's disabled flag")
173 def test_join_as_member(t, vm):
174 '''test the domain join'''
175 t.setwinvars(vm)
176 t.info('Testing join as member')
177 t.chdir('${PREFIX}')
178 test_wbinfo(t)
179 test_smbclient(t)
182 def test_s3(t):
183 '''basic s3 testing'''
185 t.setvar("SAMBA_VERSION", "Version 3")
186 t.check_prerequesites()
187 set_libpath(t)
189 if not t.skip("configure_bind"):
190 t.configure_bind()
191 if not t.skip("stop_bind"):
192 t.stop_bind()
193 if not t.skip("stop_vms"):
194 t.stop_vms()
196 if not t.skip("build"):
197 build_s3(t)
199 set_krb5_conf(t)
200 if not t.skip("configure_bind2"):
201 t.configure_bind()
202 if not t.skip("start_bind"):
203 t.start_bind()
205 dc_started = False
206 if t.have_var('W2K8R2A_VM') and not t.skip("join_w2k8r2"):
207 t.start_winvm('W2K8R2A')
208 dc_started = True
209 prep_join_as_member(t, "W2K8R2A")
210 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
211 join_as_member(t, "W2K8R2A")
212 create_shares(t)
213 start_s3(t)
214 create_root_account(t, "W2K8R2A")
215 test_join_as_member(t, "W2K8R2A")
217 if t.have_var('WINDOWS7_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_windows7_2008r2"):
218 if not dc_started:
219 t.start_winvm('W2K8R2A')
220 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
221 dc_started = True
222 else:
223 t.setwinvars('W2K8R2A')
224 realm = t.getvar("WIN_REALM")
225 dom_username = t.getvar("WIN_USER")
226 dom_password = t.getvar("WIN_PASS")
227 dom_realm = t.getvar("WIN_REALM")
228 t.start_winvm('WINDOWS7')
229 t.test_remote_smbclient("WINDOWS7")
230 t.run_winjoin('WINDOWS7', realm, username=dom_username, password=dom_password)
231 t.test_remote_smbclient("WINDOWS7", dom_username, dom_password)
232 t.test_remote_smbclient('WINDOWS7', dom_username, dom_password, args='--option=clientntlmv2auth=no')
233 t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k")
234 t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --option=clientusespnegoprincipal=yes")
235 t.test_net_use('WINDOWS7', t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}')
237 if t.have_var('WINXP_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_winxp_2008r2"):
238 if not dc_started:
239 t.start_winvm('W2K8R2A')
240 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2')
241 dc_started = True
242 else:
243 t.setwinvars('W2K8R2A')
244 realm = t.getvar("WIN_REALM")
245 dom_username = t.getvar("WIN_USER")
246 dom_password = t.getvar("WIN_PASS")
247 dom_realm = t.getvar("WIN_REALM")
248 t.start_winvm('WINXP')
249 t.run_winjoin('WINXP', realm, username=dom_username, password=dom_password)
250 t.test_remote_smbclient('WINXP', dom_username, dom_password)
251 t.test_remote_smbclient('WINXP', dom_username, dom_password, args='--option=clientntlmv2auth=no')
252 t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k")
253 t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --clientusespnegoprincipal=yes")
254 t.test_net_use('WINXP', t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}')
256 t.info("S3 test: All OK")
259 def test_cleanup(t):
260 '''cleanup after tests'''
261 t.info("Cleaning up ...")
262 t.restore_resolv_conf()
263 if getattr(t, 'bind_child', False):
264 t.bind_child.kill()
267 if __name__ == '__main__':
268 t = wintest.wintest()
270 t.setup("test-s3.py", "source3")
272 try:
273 test_s3(t)
274 except:
275 if not t.opts.nocleanup:
276 test_cleanup(t)
277 raise
279 if not t.opts.nocleanup:
280 test_cleanup(t)
281 t.info("S3 test: All OK")