From: Samuel Cabrero Date: Tue, 12 Dec 2023 20:17:50 +0000 (+0100) Subject: tests: Add a test for the idmap_nss : use_upn setting X-Git-Tag: talloc-2.4.2~339 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3a01ef710d4f0c11013214a4f8637ebdac8d9f5e;p=thirdparty%2Fsamba.git tests: Add a test for the idmap_nss : use_upn setting Signed-off-by: Samuel Cabrero Reviewed-by: Alexander Bokovoy Autobuild-User(master): Samuel Cabrero Autobuild-Date(master): Wed Dec 13 16:05:19 UTC 2023 on atb-devel-224 --- diff --git a/nsswitch/tests/test_idmap_nss_use_upn.sh b/nsswitch/tests/test_idmap_nss_use_upn.sh new file mode 100755 index 00000000000..df2c67203d8 --- /dev/null +++ b/nsswitch/tests/test_idmap_nss_use_upn.sh @@ -0,0 +1,79 @@ +#!/bin/sh + +wbinfo="$BINDIR/wbinfo" +smbcontrol="$BINDIR/smbcontrol" +net="$BINDIR/net" +global_inject_conf=$(dirname $SMB_CONF_PATH)/global_inject.conf + +failed=0 + +. $(dirname $0)/../../testprogs/blackbox/subunit.sh + +# Reset idmap_nss configuration and clear cache +echo "idmap config $DOMAIN : use_upn = no" >$global_inject_conf +$smbcontrol winbindd reload-config +if [ $? -ne 0 ]; then + echo "Could not reload config" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +$net cache flush +if [ $? -ne 0 ]; then + echo "Could not flush cache" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +# Get the user SID +USER="bob" +USER_SID=$($wbinfo --name-to-sid="$USER") +if [ $? -ne 0 ]; then + echo "Could not find SID for user '$USER'" | subunit_fail_test "test_idmap_nss_use_upn" + exit 1 +fi + +USER_SID=$(echo $USER_SID | cut -d " " -f 1) +if [ $? -ne 0 ]; then + echo "Could not find SID for user '$USER'" | subunit_fail_test "test_idmap_nss_use_upn" + exit 1 +fi + +testit "SID to UID (use_upn = no)" $wbinfo --sid-to-uid=${USER_SID} || failed=$(expr $failed + 1) + +echo "idmap config $DOMAIN : use_upn = yes" >$global_inject_conf +$smbcontrol winbindd reload-config +if [ $? -ne 0 ]; then + echo "Could not reload config" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +$net cache flush +if [ $? -ne 0 ]; then + echo "Could not flush cache" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +# The following test will fail because idmap_nss will search ADDOMAIN/bob, which does not +# exists in NSS_WRAPPER_PASSWD +testit_expect_failure "SID to UID (use_upn = yes)" $wbinfo --sid-to-uid=${USER_SID} || failed=$(expr $failed + 1) + +$net cache flush +if [ $? -ne 0 ]; then + echo "Could not flush cache" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +# Add the ADDOMAIN/bob temporarily +ENTRY="$(getent passwd bob)" +ENTRY="$DOMAIN/${ENTRY}" +sed -i "1i ${ENTRY}" $NSS_WRAPPER_PASSWD +testit "Get user UID (use_upn = yes)" $wbinfo --sid-to-uid=${USER_SID} || failed=$(expr $failed + 1) +sed -i "1d" $NSS_WRAPPER_PASSWD + +# Reset config +echo "idmap config $DOMAIN : use_upn = no" >$global_inject_conf +$smbcontrol winbindd reload-config +if [ $? -ne 0 ]; then + echo "Could not reload config" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +$net cache flush +if [ $? -ne 0 ]; then + echo "Could not flush cache" | subunit_fail_test "test_idmap_nss_use_upn" +fi + +exit $failed diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 30740d66dcf..679ff4e9916 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -1106,7 +1106,7 @@ rpc = ["rpc.authcontext", local = ["local.nss"] -idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid", "idmap.ad"] +idmap = ["idmap.rfc2307", "idmap.alloc", "idmap.rid", "idmap.ad", "idmap.nss"] rap = ["rap.basic", "rap.rpc", "rap.printing", "rap.sam"] @@ -1217,6 +1217,8 @@ for t in tests: '$DC_SERVER', '$DC_USERNAME', '$DC_PASSWORD']) elif t == "idmap.alloc": plantestsuite(t, "ad_member_rfc2307", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss.sh"), '$DOMAIN']) + elif t == "idmap.nss": + plantestsuite(t, "ad_member_idmap_nss:local", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_nss_use_upn.sh")]) elif t == "idmap.rid": plantestsuite(t, "ad_member_idmap_rid", [os.path.join(samba3srcdir, "../nsswitch/tests/test_idmap_rid.sh"), '$DOMAIN', '2000000']) plantestsuite(t,