def test_gp_user_centrify_crontab_ext(self):
local_path = self.lp.cache_path('gpo_cache')
- guid = '{31B2F340-016D-11D2-945F-00C04FB984F9}'
- reg_pol = os.path.join(local_path, policies, guid,
+ guids = ['{31B2F340-016D-11D2-945F-00C04FB984F9}',
+ '{6AC1786C-016F-11D2-945F-00C04FB984F9}']
+ reg_pol = os.path.join(local_path, policies, guids[0],
'USER/REGISTRY.POL')
+ reg_pol2 = os.path.join(local_path, policies, guids[1],
+ 'USER/REGISTRY.POL')
cache_dir = self.lp.get('cache directory')
store = GPOStorage(os.path.join(cache_dir, 'gpo.tdb'))
ret = stage_file(reg_pol, ndr_pack(stage))
self.assertTrue(ret, 'Could not create the target %s' % reg_pol)
+ # Stage the other Registry.pol
+ stage = preg.file()
+ e2 = preg.entry()
+ e2.keyname = \
+ b'Software\\Policies\\Centrify\\UnixSettings\\CrontabEntries'
+ e2.valuename = b'Command1'
+ e2.type = 1
+ e2.data = b'17 * * * * echo this is a second policy'
+ stage.num_entries = 1
+ stage.entries = [e2]
+ ret = stage_file(reg_pol2, ndr_pack(stage))
+ self.assertTrue(ret, 'Could not create the target %s' % reg_pol2)
+
# Process all gpos, intentionally skipping the privilege drop
ext.process_group_policy([], gpos)
# Dump the fake crontab setup for testing
crontab, _ = p.communicate()
self.assertIn(get_bytes(e.data), crontab,
'The crontab entry was not installed')
+ self.assertIn(get_bytes(e2.data), crontab,
+ 'The crontab entry was not installed')
+
+ # Force apply with removal of second GPO
+ gp_db = store.get_gplog(os.environ.get('DC_USERNAME'))
+ del_gpos = gp_db.get_applied_settings([guids[1]])
+ gpos = [gpo for gpo in gpos if gpo.name != guids[1]]
+ ext.process_group_policy(del_gpos, gpos)
+
+ # Dump the fake crontab setup for testing
+ p = Popen(['crontab', '-l'], stdout=PIPE)
+ crontab, _ = p.communicate()
+
+ # Ensure the first entry remains, and the second entry is removed
+ self.assertIn(get_bytes(e.data), crontab,
+ 'The first crontab entry was not found')
+ self.assertNotIn(get_bytes(e2.data), crontab,
+ 'The second crontab entry was still present')
# Check that a call to gpupdate --rsop also succeeds
ret = rsop(self.lp)
self.assertEquals(ret, 0, 'gpupdate --rsop failed!')
# Remove policy
- gp_db = store.get_gplog(os.environ.get('DC_USERNAME'))
del_gpos = get_deleted_gpos_list(gp_db, [])
ext.process_group_policy(del_gpos, [])
# Dump the fake crontab setup for testing
self.assertNotIn(get_bytes(e.data), crontab,
'Unapply failed to cleanup crontab entry')
- # Unstage the Registry.pol file
+ # Unstage the Registry.pol files
unstage_file(reg_pol)
+ unstage_file(reg_pol2)
projects / thirdparty / samba.git / commitdiff
