From 926cdeb10f5d6af61f1836a90471a17b37d1fd13 Mon Sep 17 00:00:00 2001 From: David Mulder Date: Tue, 26 Jan 2021 10:07:18 -0700 Subject: [PATCH] samba-tool: Test gpo manage files list command Signed-off-by: David Mulder Reviewed-by: Jeremy Allison --- python/samba/netcmd/gpo.py | 33 ++++++++++++++ python/samba/tests/samba_tool/gpo.py | 64 +++++++++++++++++++++++++++- selftest/knownfail.d/gpo | 1 + 3 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 selftest/knownfail.d/gpo diff --git a/python/samba/netcmd/gpo.py b/python/samba/netcmd/gpo.py index 2a3ffdfe557..c0accafd1fe 100644 --- a/python/samba/netcmd/gpo.py +++ b/python/samba/netcmd/gpo.py @@ -2488,6 +2488,38 @@ class cmd_symlink(SuperCommand): subcommands["add"] = cmd_add_symlink() subcommands["remove"] = cmd_remove_symlink() +class cmd_list_files(Command): + """List VGP Files Group Policy from the sysvol + +This command lists files which will be copied from the sysvol and applied to winbind clients. + +Example: +samba-tool gpo manage files list {31B2F340-016D-11D2-945F-00C04FB984F9} + """ + + synopsis = "%prog [options]" + + takes_optiongroups = { + "sambaopts": options.SambaOptions, + "versionopts": options.VersionOptions, + "credopts": options.CredentialsOptions, + } + + takes_options = [ + Option("-H", "--URL", help="LDB URL for database or target server", type=str, + metavar="URL", dest="H"), + ] + + takes_args = ["gpo"] + + def run(self, gpo, H=None, sambaopts=None, credopts=None, versionopts=None): + pass + +class cmd_files(SuperCommand): + """Manage Files Group Policy Objects""" + subcommands = {} + subcommands["list"] = cmd_list_files() + class cmd_manage(SuperCommand): """Manage Group Policy Objects""" subcommands = {} @@ -2495,6 +2527,7 @@ class cmd_manage(SuperCommand): subcommands["security"] = cmd_security() subcommands["smb_conf"] = cmd_smb_conf() subcommands["symlink"] = cmd_symlink() + subcommands["files"] = cmd_files() class cmd_gpo(SuperCommand): """Group Policy Object (GPO) management.""" diff --git a/python/samba/tests/samba_tool/gpo.py b/python/samba/tests/samba_tool/gpo.py index 910c56cec4f..af2e45782bd 100644 --- a/python/samba/tests/samba_tool/gpo.py +++ b/python/samba/tests/samba_tool/gpo.py @@ -18,7 +18,7 @@ # along with this program. If not, see . # -import os +import os, pwd, grp import ldb import samba from samba.tests.samba_tool.base import SambaToolCmdTest @@ -861,6 +861,68 @@ class GpoCmdTestCase(SambaToolCmdTest): os.environ["PASSWORD"])) self.assertNotIn(symlink, out, 'The test entry was not removed!') + def test_files_list(self): + lp = LoadParm() + lp.load(os.environ['SERVERCONFFILE']) + local_path = lp.get('path', 'sysvol') + vgp_xml = os.path.join(local_path, lp.get('realm').lower(), 'Policies', + self.gpo_guid, 'Machine/VGP/VTLA/Unix', + 'Files/manifest.xml') + source_file = os.path.join(local_path, lp.get('realm').lower(), + 'Policies', self.gpo_guid, 'Machine/VGP', + 'VTLA/Unix/Files/test.source') + stage = etree.Element('vgppolicy') + policysetting = etree.SubElement(stage, 'policysetting') + pv = etree.SubElement(policysetting, 'version') + pv.text = '1' + name = etree.SubElement(policysetting, 'name') + name.text = 'Files' + description = etree.SubElement(policysetting, 'description') + description.text = 'Represents file data to set/copy on clients' + data = etree.SubElement(policysetting, 'data') + file_properties = etree.SubElement(data, 'file_properties') + source = etree.SubElement(file_properties, 'source') + source.text = source_file + target = etree.SubElement(file_properties, 'target') + target.text = os.path.join(self.tempdir, 'test.target') + user = etree.SubElement(file_properties, 'user') + user.text = pwd.getpwuid(os.getuid()).pw_name + group = etree.SubElement(file_properties, 'group') + group.text = grp.getgrgid(os.getgid()).gr_name + + # Request permissions of 755 + permissions = etree.SubElement(file_properties, 'permissions') + permissions.set('type', 'user') + etree.SubElement(permissions, 'read') + etree.SubElement(permissions, 'write') + etree.SubElement(permissions, 'execute') + permissions = etree.SubElement(file_properties, 'permissions') + permissions.set('type', 'group') + etree.SubElement(permissions, 'read') + etree.SubElement(permissions, 'execute') + permissions = etree.SubElement(file_properties, 'permissions') + permissions.set('type', 'other') + etree.SubElement(permissions, 'read') + etree.SubElement(permissions, 'execute') + + ret = stage_file(vgp_xml, etree.tostring(stage, 'utf-8')) + self.assertTrue(ret, 'Could not create the target %s' % vgp_xml) + + (result, out, err) = self.runsublevelcmd("gpo", ("manage", + "files", "list"), + self.gpo_guid, "-H", + "ldap://%s" % + os.environ["SERVER"], + "-U%s%%%s" % + (os.environ["USERNAME"], + os.environ["PASSWORD"])) + self.assertIn(target.text, out, 'The test entry was not found!') + self.assertIn('-rwxr-xr-x', out, + 'The test entry permissions were not found') + + # Unstage the manifest.xml file + unstage_file(vgp_xml) + def setUp(self): """set up a temporary GPO to work with""" super(GpoCmdTestCase, self).setUp() diff --git a/selftest/knownfail.d/gpo b/selftest/knownfail.d/gpo new file mode 100644 index 00000000000..6f6444f1afd --- /dev/null +++ b/selftest/knownfail.d/gpo @@ -0,0 +1 @@ +^samba.tests.samba_tool.gpo.samba.tests.samba_tool.gpo.GpoCmdTestCase.test_files_list -- 2.47.3