diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2011-04-29 15:54:20 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2011-04-29 16:38:16 +1000 |
| commit | 3542bd324ecea130292909fd052f71ab0790b7d3 (patch) | |
| tree | 00d9034bfe240b7a5268d6f1f66fc0dbd034bad4 /selftest | |
| parent | bc31e9c7d2a030dc0f63322f5c42d2fe22bbf7ff (diff) | |
| download | samba-3542bd324ecea130292909fd052f71ab0790b7d3.tar.gz samba-3542bd324ecea130292909fd052f71ab0790b7d3.tar.bz2 samba-3542bd324ecea130292909fd052f71ab0790b7d3.zip | |
selftest: Restore the s3member environment by avoiding smbcacls
This removes the need for acls on the filesystem for simple domain
member tests. ACL tests should be written at some point...
Andrew Bartlett
Pair-Programmed-With: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'selftest')
| -rwxr-xr-x | selftest/selftest.pl | 10 | ||||
| -rw-r--r-- | selftest/target/Samba3.pm | 18 |
2 files changed, 13 insertions, 15 deletions
diff --git a/selftest/selftest.pl b/selftest/selftest.pl index 5077a17901..6f8cbe1fe8 100755 --- a/selftest/selftest.pl +++ b/selftest/selftest.pl @@ -399,8 +399,14 @@ $prefix =~ s+/$++; die("using an empty prefix isn't allowed") unless $prefix ne ""; -#Ensure we have the test prefix around -mkdir($prefix, 0777) unless -d $prefix; +# Ensure we have the test prefix around. +# +# We need restrictive +# permissions on this as some subdirectories in this tree will have +# wider permissions (ie 0777) and this would allow other users on the +# host to subvert the test process. +mkdir($prefix, 0700) unless -d $prefix; +chmod 0700, $prefix; my $prefix_abs = abs_path($prefix); my $tmpdir_abs = abs_path("$prefix/tmp"); diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 6312d650a0..01158347b3 100644 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -247,24 +247,16 @@ sub setup_admember($$$$) return undef; } + # We need world access to this share, as otherwise the domain + # administrator from the AD domain provided by Samba4 can't + # access the share for tests. + chmod 0777, "$prefix/share"; + $self->check_or_start($ret, "yes", "yes", "yes"); $self->wait_for_start($ret); - my $smbcacls = Samba::bindir_path($self, "smbcacls"); - #Allow domain users to manipulate the share - $cmd = ""; - $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" "; - $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" "; - $cmd .= "$smbcacls $ret->{CONFIGURATION} //127.0.0.29/tmp / -U$ret->{USERNAME}%$ret->{PASSWORD} "; - $cmd .= "-S ACL:$dcvars->{DOMAIN}\\\\Domain\\ Users:ALLOWED/0x0/FULL"; - - if (system($cmd) != 0) { - warn("smbcacls failed, your filesystem may not support ACLs. Try mount $prefix_abs -oremount,acl\nThis support is required for S3 member in S4 tests\n$cmd"); - return undef; - } - $ret->{DC_SERVER} = $dcvars->{SERVER}; $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP}; $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME}; |