1#!/usr/bin/env python3 2 3'''automated testing of Samba3 against windows''' 4 5import wintest 6 7 8def set_libpath(t): 9 t.putenv("LD_LIBRARY_PATH", "${PREFIX}/lib") 10 11 12def set_krb5_conf(t): 13 t.run_cmd("mkdir -p ${PREFIX}/etc") 14 t.write_file("${PREFIX}/etc/krb5.conf", 15 '''[libdefaults] 16 dns_lookup_realm = false 17 dns_lookup_kdc = true''') 18 19 t.putenv("KRB5_CONFIG", '${PREFIX}/etc/krb5.conf') 20 21 22def build_s3(t): 23 '''build samba3''' 24 t.info('Building s3') 25 t.chdir('${SOURCETREE}/source3') 26 t.putenv('CC', 'ccache gcc') 27 t.run_cmd("./autogen.sh") 28 t.run_cmd("./configure -C --prefix=${PREFIX} --enable-developer") 29 t.run_cmd('make basics') 30 t.run_cmd('make -j4') 31 t.run_cmd('rm -rf ${PREFIX}') 32 t.run_cmd('make install') 33 34 35def start_s3(t): 36 t.info('Starting Samba3') 37 t.chdir("${PREFIX}") 38 t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False) 39 t.run_cmd("rm -f var/locks/*.pid") 40 t.run_cmd(['sbin/nmbd', "-D"]) 41 t.run_cmd(['sbin/winbindd', "-D"]) 42 t.run_cmd(['sbin/smbd', "-D"]) 43 t.port_wait("${INTERFACE_IP}", 139) 44 45 46def test_wbinfo(t): 47 t.info('Testing wbinfo') 48 t.chdir('${PREFIX}') 49 t.cmd_contains("bin/wbinfo --version", ["Version 4."]) 50 t.cmd_contains("bin/wbinfo -p", ["Ping to winbindd succeeded"]) 51 t.retry_cmd("bin/wbinfo --online-status", 52 ["BUILTIN : online", 53 "${HOSTNAME} : online", 54 "${WIN_DOMAIN} : online"], 55 casefold=True) 56 t.cmd_contains("bin/wbinfo -u", 57 ["${WIN_DOMAIN}/administrator", 58 "${WIN_DOMAIN}/krbtgt"], 59 casefold=True) 60 t.cmd_contains("bin/wbinfo -g", 61 ["${WIN_DOMAIN}/domain users", 62 "${WIN_DOMAIN}/domain guests", 63 "${WIN_DOMAIN}/domain admins"], 64 casefold=True) 65 t.cmd_contains("bin/wbinfo --name-to-sid administrator", 66 "S-1-5-.*-500 SID_USER .1", 67 regex=True) 68 t.cmd_contains("bin/wbinfo --name-to-sid 'domain users'", 69 "S-1-5-.*-513 SID_DOM_GROUP .2", 70 regex=True) 71 72 t.retry_cmd("bin/wbinfo --authenticate=${WIN_DOMAIN}/administrator%${WIN_PASS}", 73 ["plaintext password authentication succeeded", 74 "challenge/response password authentication succeeded"]) 75 76 t.retry_cmd("bin/wbinfo --krb5auth=${WIN_DOMAIN}/administrator%${WIN_PASS}", 77 ["succeeded"]) 78 79 80def test_smbclient(t): 81 t.info('Testing smbclient') 82 smbclient = t.getvar("smbclient") 83 t.chdir('${PREFIX}') 84 t.cmd_contains("%s --version" % (smbclient), ["Version 4."]) 85 t.cmd_contains('%s -L ${INTERFACE_IP} -U%%' % (smbclient), ["Domain=[${WIN_DOMAIN}]", "test", "IPC$", "Samba 4."], 86 casefold=True) 87 child = t.pexpect_spawn('%s //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%%${PASSWORD2}' % (smbclient)) 88 child.expect("smb:") 89 child.sendline("dir") 90 child.expect("blocks available") 91 child.sendline("mkdir testdir") 92 child.expect("smb:") 93 child.sendline("cd testdir") 94 child.expect('testdir') 95 child.sendline("cd ..") 96 child.sendline("rmdir testdir") 97 98 child = t.pexpect_spawn('%s //${HOSTNAME}.${WIN_REALM}/test -Uroot@${WIN_REALM}%%${PASSWORD2} -k' % (smbclient)) 99 child.expect("smb:") 100 child.sendline("dir") 101 child.expect("blocks available") 102 child.sendline("mkdir testdir") 103 child.expect("smb:") 104 child.sendline("cd testdir") 105 child.expect('testdir') 106 child.sendline("cd ..") 107 child.sendline("rmdir testdir") 108 109 110def create_shares(t): 111 t.info("Adding test shares") 112 t.chdir('${PREFIX}') 113 t.write_file("etc/smb.conf", ''' 114[test] 115 path = ${PREFIX}/test 116 read only = no 117 ''', 118 mode='a') 119 t.run_cmd("mkdir -p test") 120 121 122def prep_join_as_member(t, vm): 123 '''prepare to join a windows domain as a member server''' 124 t.setwinvars(vm) 125 t.info("Starting VMs for joining ${WIN_VM} as a member using net ads join") 126 t.chdir('${PREFIX}') 127 t.run_cmd('killall -9 -q samba smbd nmbd winbindd', checkfail=False) 128 t.vm_poweroff("${WIN_VM}", checkfail=False) 129 t.vm_restore("${WIN_VM}", "${WIN_SNAPSHOT}") 130 child = t.open_telnet("${WIN_HOSTNAME}", "administrator", "${WIN_PASS}", set_time=True) 131 t.get_ipconfig(child) 132 t.del_files(["var", "private"]) 133 t.write_file("etc/smb.conf", ''' 134[global] 135 netbios name = ${HOSTNAME} 136 log level = ${DEBUGLEVEL} 137 realm = ${WIN_REALM} 138 workgroup = ${WIN_DOMAIN} 139 security = ADS 140 bind interfaces only = yes 141 interfaces = ${INTERFACE} 142 winbind separator = / 143 idmap uid = 1000000-2000000 144 idmap gid = 1000000-2000000 145 winbind enum users = yes 146 winbind enum groups = yes 147 max protocol = SMB2 148 map hidden = no 149 map system = no 150 ea support = yes 151 panic action = xterm -e gdb --pid %d 152 ''') 153 154 155def join_as_member(t, vm): 156 '''join a windows domain as a member server''' 157 t.setwinvars(vm) 158 t.info("Joining ${WIN_VM} as a member using net ads join") 159 t.port_wait("${WIN_IP}", 389) 160 t.retry_cmd("host -t SRV _ldap._tcp.${WIN_REALM} ${WIN_IP}", ['has SRV record']) 161 t.cmd_contains("bin/net ads join -Uadministrator%${WIN_PASS}", ["Joined"]) 162 t.cmd_contains("bin/net ads testjoin", ["Join is OK"]) 163 t.cmd_contains("bin/net ads dns register ${HOSTNAME}.${WIN_REALM} -P", ["Successfully registered hostname with DNS"]) 164 t.cmd_contains("host -t A ${HOSTNAME}.${WIN_REALM}", 165 ['${HOSTNAME}.${WIN_REALM} has address']) 166 167 168def create_root_account(t, vm): 169 t.setwinvars(vm) 170 t.info("Creating 'root' account for testing Samba3 member server") 171 t.chdir('${PREFIX}') 172 t.run_cmd('bin/net ads user add root -Uadministrator%${WIN_PASS}') 173 child = t.pexpect_spawn('bin/net ads password root -Uadministrator%${WIN_PASS}') 174 child.expect("Enter new password for root") 175 child.sendline("${PASSWORD2}") 176 child.expect("Password change for ") 177 child.expect(" completed") 178 child = t.pexpect_spawn('bin/net rpc shell -S ${WIN_HOSTNAME}.${WIN_REALM} -Uadministrator%${WIN_PASS}') 179 child.expect("net rpc>") 180 child.sendline("user edit disabled root no") 181 child.expect("Set root's disabled flag") 182 183 184def test_join_as_member(t, vm): 185 '''test the domain join''' 186 t.setwinvars(vm) 187 t.info('Testing join as member') 188 t.chdir('${PREFIX}') 189 test_wbinfo(t) 190 test_smbclient(t) 191 192 193def test_s3(t): 194 '''basic s3 testing''' 195 196 t.setvar("SAMBA_VERSION", "Version 4") 197 t.setvar("smbclient", "bin/smbclient") 198 t.check_prerequesites() 199 set_libpath(t) 200 201 if not t.skip("configure_bind"): 202 t.configure_bind() 203 if not t.skip("stop_bind"): 204 t.stop_bind() 205 if not t.skip("stop_vms"): 206 t.stop_vms() 207 208 if not t.skip("build"): 209 build_s3(t) 210 211 set_krb5_conf(t) 212 if not t.skip("configure_bind2"): 213 t.configure_bind() 214 if not t.skip("start_bind"): 215 t.start_bind() 216 217 dc_started = False 218 if t.have_var('W2K8R2A_VM') and not t.skip("join_w2k8r2"): 219 t.start_winvm('W2K8R2A') 220 dc_started = True 221 prep_join_as_member(t, "W2K8R2A") 222 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2') 223 join_as_member(t, "W2K8R2A") 224 create_shares(t) 225 start_s3(t) 226 create_root_account(t, "W2K8R2A") 227 test_join_as_member(t, "W2K8R2A") 228 229 if t.have_var('WINDOWS7_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_windows7_2008r2"): 230 if not dc_started: 231 t.start_winvm('W2K8R2A') 232 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2') 233 dc_started = True 234 else: 235 t.setwinvars('W2K8R2A') 236 realm = t.getvar("WIN_REALM") 237 dom_username = t.getvar("WIN_USER") 238 dom_password = t.getvar("WIN_PASS") 239 dom_realm = t.getvar("WIN_REALM") 240 t.start_winvm('WINDOWS7') 241 t.test_remote_smbclient("WINDOWS7") 242 t.run_winjoin('WINDOWS7', realm, username=dom_username, password=dom_password) 243 t.test_remote_smbclient("WINDOWS7", dom_username, dom_password) 244 t.test_remote_smbclient('WINDOWS7', dom_username, dom_password, args='--option=clientntlmv2auth=no') 245 t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k") 246 t.test_remote_smbclient('WINDOWS7', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --option=clientusespnegoprincipal=yes") 247 t.test_net_use('WINDOWS7', dom_realm, t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}') 248 249 if t.have_var('WINXP_VM') and t.have_var('W2K8R2A_VM') and not t.skip("join_winxp_2008r2"): 250 if not dc_started: 251 t.start_winvm('W2K8R2A') 252 t.run_dcpromo_as_first_dc("W2K8R2A", func_level='2008r2') 253 dc_started = True 254 else: 255 t.setwinvars('W2K8R2A') 256 realm = t.getvar("WIN_REALM") 257 dom_username = t.getvar("WIN_USER") 258 dom_password = t.getvar("WIN_PASS") 259 dom_realm = t.getvar("WIN_REALM") 260 t.start_winvm('WINXP') 261 t.run_winjoin('WINXP', realm, username=dom_username, password=dom_password) 262 t.test_remote_smbclient('WINXP', dom_username, dom_password) 263 t.test_remote_smbclient('WINXP', dom_username, dom_password, args='--option=clientntlmv2auth=no') 264 t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k") 265 t.test_remote_smbclient('WINXP', "%s@%s" % (dom_username, dom_realm), dom_password, args="-k --clientusespnegoprincipal=yes") 266 t.test_net_use('WINXP', dom_realm, t.getvar("W2K8R2A_DOMAIN"), 'root', '${PASSWORD2}') 267 268 t.info("S3 test: All OK") 269 270 271def test_cleanup(t): 272 '''cleanup after tests''' 273 t.info("Cleaning up ...") 274 t.restore_resolv_conf() 275 if getattr(t, 'bind_child', False): 276 t.bind_child.kill() 277 278 279if __name__ == '__main__': 280 t = wintest.wintest() 281 282 t.setup("test-s3.py", "source3") 283 284 try: 285 test_s3(t) 286 except: 287 if not t.opts.nocleanup: 288 test_cleanup(t) 289 raise 290 291 if not t.opts.nocleanup: 292 test_cleanup(t) 293 t.info("S3 test: All OK") 294