summaryrefslogtreecommitdiff
path: root/source4/selftest/target
diff options
context:
space:
mode:
authorJelmer Vernooij <jelmer@samba.org>2008-01-16 17:40:25 +0100
committerJelmer Vernooij <jelmer@samba.org>2008-01-16 17:58:50 +0100
commita760146e73ea0f6bb30f01276f3756d97644722c (patch)
tree0043c502bc4abc6aea95dd580c7a2cd4daf5fb44 /source4/selftest/target
parentfa6ce1e4a9d285c82faed49a09bb2bd297bbea39 (diff)
downloadsamba-a760146e73ea0f6bb30f01276f3756d97644722c.tar.gz
samba-a760146e73ea0f6bb30f01276f3756d97644722c.tar.bz2
samba-a760146e73ea0f6bb30f01276f3756d97644722c.zip
selftest: Add some more documentation. Rename env => target to avoid confusion.
(This used to be commit 50b8a16d0cb5e1c4352e73900d1e98a812340cca)
Diffstat (limited to 'source4/selftest/target')
-rw-r--r--source4/selftest/target/Samba3.pm434
-rw-r--r--source4/selftest/target/Samba4.pm915
-rw-r--r--source4/selftest/target/Windows.pm40
3 files changed, 1389 insertions, 0 deletions
diff --git a/source4/selftest/target/Samba3.pm b/source4/selftest/target/Samba3.pm
new file mode 100644
index 0000000000..b0c4eb22bd
--- /dev/null
+++ b/source4/selftest/target/Samba3.pm
@@ -0,0 +1,434 @@
+#!/usr/bin/perl
+# Bootstrap Samba and run a number of tests against it.
+# Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
+# Published under the GNU GPL, v3 or later.
+
+package Samba3;
+
+use strict;
+use Cwd qw(abs_path);
+use FindBin qw($RealBin);
+use POSIX;
+
+sub binpath($$)
+{
+ my ($self, $binary) = @_;
+
+ if (defined($self->{bindir})) {
+ my $path = "$self->{bindir}/$binary";
+ -f $path or die("File $path doesn't exist");
+ return $path;
+ }
+
+ return $binary;
+}
+
+sub new($$) {
+ my ($classname, $bindir) = @_;
+ my $self = { bindir => $bindir };
+ bless $self;
+ return $self;
+}
+
+sub teardown_env($$)
+{
+ my ($self, $envvars) = @_;
+
+ my $smbdpid = read_pid($envvars, "smbd");
+ my $nmbdpid = read_pid($envvars, "nmbd");
+# my $winbinddpid = read_pid($envvars, "winbindd");
+
+ $self->stop_sig_term($smbdpid);
+ $self->stop_sig_term($nmbdpid);
+# $self->stop_sig_term($winbinddpid);
+ $self->stop_sig_kill($smbdpid);
+ $self->stop_sig_kill($nmbdpid);
+# $self->stop_sig_kill($winbinddpid);
+
+ return 0;
+}
+
+sub getlog_env_app($$$)
+{
+ my ($self, $envvars, $name) = @_;
+
+ my $title = "$name LOG of: $envvars->{NETBIOSNAME}\n";
+ my $out = $title;
+
+ open(LOG, "<".$envvars->{$name."_TEST_LOG"});
+
+ seek(LOG, $envvars->{$name."_TEST_LOG_POS"}, SEEK_SET);
+ while (<LOG>) {
+ $out .= $_;
+ }
+ $envvars->{$name."_TEST_LOG_POS"} = tell(LOG);
+ close(LOG);
+
+ return "" if $out eq $title;
+
+ return $out;
+}
+
+sub getlog_env($$)
+{
+ my ($self, $envvars) = @_;
+ my $ret = "";
+
+ $ret .= $self->getlog_env_app($envvars, "SMBD");
+ $ret .= $self->getlog_env_app($envvars, "NMBD");
+# $ret .= $self->getlog_env_app($envvars, "WINBINDD");
+
+ return $ret;
+}
+
+sub check_env($$)
+{
+ my ($self, $envvars) = @_;
+
+ # TODO ...
+ return 1;
+}
+
+sub setup_env($$$)
+{
+ my ($self, $envname, $path) = @_;
+
+ if ($envname eq "dc") {
+ return $self->setup_dc("$path/dc");
+ } else {
+ return undef;
+ }
+}
+
+sub setup_dc($$)
+{
+ my ($self, $path) = @_;
+
+ my $vars = $self->provision($path, "dc");
+
+ $self->check_or_start($vars,
+ ($ENV{NMBD_MAXTIME} or 2700),
+ ($ENV{WINBINDD_MAXTIME} or 2700),
+ ($ENV{SMBD_MAXTIME} or 2700));
+
+ $self->wait_for_start($vars);
+
+ return $vars;
+}
+
+sub stop($)
+{
+ my ($self) = @_;
+}
+
+sub stop_sig_term($$) {
+ my ($self, $pid) = @_;
+ kill("USR1", $pid) or kill("ALRM", $pid) or warn("Unable to kill $pid: $!");
+}
+
+sub stop_sig_kill($$) {
+ my ($self, $pid) = @_;
+ kill("ALRM", $pid) or warn("Unable to kill $pid: $!");
+}
+
+sub write_pid($$$)
+{
+ my ($env_vars, $app, $pid) = @_;
+
+ open(PID, ">$env_vars->{PIDDIR}/timelimit.$app.pid");
+ print PID $pid;
+ close(PID);
+}
+
+sub read_pid($$)
+{
+ my ($env_vars, $app) = @_;
+
+ open(PID, "<$env_vars->{PIDDIR}/timelimit.$app.pid");
+ my $pid = <PID>;
+ close(PID);
+ return $pid;
+}
+
+sub check_or_start($$$$) {
+ my ($self, $env_vars, $nmbd_maxtime, $winbindd_maxtime, $smbd_maxtime) = @_;
+
+ unlink($env_vars->{NMBD_TEST_LOG});
+ print "STARTING NMBD...";
+ my $pid = fork();
+ if ($pid == 0) {
+ open STDOUT, ">$env_vars->{NMBD_TEST_LOG}";
+ open STDERR, '>&STDOUT';
+
+ $ENV{WINBINDD_SOCKET_DIR} = $env_vars->{WINBINDD_SOCKET_DIR};
+
+ my @optargs = ("-d0");
+ if (defined($ENV{NMBD_OPTIONS})) {
+ @optargs = split(/ /, $ENV{NMBD_OPTIONS});
+ }
+
+ $ENV{MAKE_TEST_BINARY} = $self->binpath("nmbd");
+
+ my @preargs = ($self->binpath("timelimit"), $nmbd_maxtime);
+ if(defined($ENV{NMBD_VALGRIND})) {
+ @preargs = split(/ /, $ENV{NMBD_VALGRIND});
+ }
+
+ exec(@preargs, $self->binpath("nmbd"), "-F", "-S", "--no-process-group", "-s", $env_vars->{SERVERCONFFILE}, @optargs) or die("Unable to start nmbd: $!");
+ }
+ write_pid($env_vars, "nmbd", $pid);
+ print "DONE\n";
+
+# disable winbindd until the build-farm faked_users work with it
+# unlink($env_vars->{WINBINDD_TEST_LOG});
+# print "STARTING WINBINDD...";
+# $pid = fork();
+# if ($pid == 0) {
+# open STDOUT, ">$env_vars->{WINBINDD_TEST_LOG}";
+# open STDERR, '>&STDOUT';
+#
+# $ENV{WINBINDD_SOCKET_DIR} = $env_vars->{WINBINDD_SOCKET_DIR};
+#
+# my @optargs = ("-d0");
+# if (defined($ENV{WINBINDD_OPTIONS})) {
+# @optargs = split(/ /, $ENV{WINBINDD_OPTIONS});
+# }
+#
+# $ENV{MAKE_TEST_BINARY} = $self->binpath("winbindd");
+# exec($self->binpath("timelimit"), $winbindd_maxtime, $ENV{WINBINDD_VALGRIND}, $self->binpath("winbindd"), "-F", "-S", "--no-process-group", "-s", $env_vars->{SERVERCONFFILE}, @optargs) or die("Unable to start winbindd: $!");
+# }
+# write_pid($env_vars, "winbindd", $pid);
+# print "DONE\n";
+
+ unlink($env_vars->{SMBD_TEST_LOG});
+ print "STARTING SMBD...";
+ $pid = fork();
+ if ($pid == 0) {
+ open STDOUT, ">$env_vars->{SMBD_TEST_LOG}";
+ open STDERR, '>&STDOUT';
+
+ $ENV{WINBINDD_SOCKET_DIR} = $env_vars->{WINBINDD_SOCKET_DIR};
+
+ $ENV{MAKE_TEST_BINARY} = $self->binpath("smbd");
+ my @optargs = ("-d0");
+ if (defined($ENV{SMBD_OPTIONS})) {
+ @optargs = split(/ /, $ENV{SMBD_OPTIONS});
+ }
+ my @preargs = ($self->binpath("timelimit"), $smbd_maxtime);
+ if(defined($ENV{SMBD_VALGRIND})) {
+ @preargs = split(/ /,$ENV{SMBD_VALGRIND});
+ }
+ exec(@preargs, $self->binpath("smbd"), "-F", "-S", "--no-process-group", "-s", $env_vars->{SERVERCONFFILE}, @optargs) or die("Unable to start smbd: $!");
+ }
+ write_pid($env_vars, "smbd", $pid);
+ print "DONE\n";
+
+ return 0;
+}
+
+sub create_clientconf($$$)
+{
+ my ($self, $prefix, $domain) = @_;
+
+ my $lockdir = "$prefix/locks";
+ my $logdir = "$prefix/logs";
+ my $piddir = "$prefix/pid";
+ my $privatedir = "$prefix/private";
+ my $scriptdir = "$RealBin/..";
+ my $conffile = "$prefix/smb.conf";
+
+ my $torture_interfaces='127.0.0.6/8,127.0.0.7/8,127.0.0.8/8,127.0.0.9/8,127.0.0.10/8,127.0.0.11/8';
+ open(CONF, ">$conffile");
+ print CONF "
+[global]
+ workgroup = $domain
+
+ private dir = $privatedir
+ pid directory = $piddir
+ lock directory = $lockdir
+ log file = $logdir/log.\%m
+ log level = 0
+
+ name resolve order = bcast
+
+ netbios name = TORTURE_6
+ interfaces = $torture_interfaces
+ panic action = $scriptdir/gdb_backtrace \%d %\$(MAKE_TEST_BINARY)
+
+ passdb backend = tdbsam
+ ";
+ close(CONF);
+}
+
+sub provision($$$)
+{
+ my ($self, $prefix, $role) = @_;
+
+ ##
+ ## setup the various environment variables we need
+ ##
+
+ my %ret = ();
+ my $server = "LOCALHOST2";
+ my $server_ip = "127.0.0.2";
+ my $domain = "SAMBA-TEST";
+
+ my $username = `PATH=/usr/ucb:$ENV{PATH} whoami`;
+ chomp $username;
+ my $password = "test";
+
+ my $srcdir="$RealBin/..";
+ my $scriptdir="$srcdir/selftest";
+ my $prefix_abs = abs_path($prefix);
+
+ my @dirs = ();
+
+ my $shrdir="$prefix_abs/share";
+ push(@dirs,$shrdir);
+
+ my $libdir="$prefix_abs/lib";
+ push(@dirs,$libdir);
+
+ my $piddir="$prefix_abs/pid";
+ push(@dirs,$piddir);
+
+ my $privatedir="$prefix_abs/private";
+ push(@dirs,$privatedir);
+
+ my $lockdir="$prefix_abs/lockdir";
+ push(@dirs,$lockdir);
+
+ my $logdir="$prefix_abs/logs";
+ push(@dirs,$logdir);
+
+ # this gets autocreated by winbindd
+ my $wbsockdir="$prefix_abs/winbindd";
+ my $wbsockprivdir="$lockdir/winbindd_privileged";
+
+ ##
+ ## create the test directory layout
+ ##
+ mkdir($prefix_abs, 0777);
+ print "CREATE TEST ENVIRONMENT IN '$prefix'...";
+ system("rm -rf $prefix_abs/*");
+ mkdir($_, 0777) foreach(@dirs);
+
+ my $conffile="$libdir/server.conf";
+
+ open(CONF, ">$conffile") or die("Unable to open $conffile");
+ print CONF "
+[global]
+ workgroup = $domain
+
+ private dir = $privatedir
+ pid directory = $piddir
+ lock directory = $lockdir
+ log file = $logdir/log.\%m
+ log level = 0
+
+ name resolve order = bcast
+
+ netbios name = $server
+ interfaces = $server_ip/8
+ bind interfaces only = yes
+ panic action = $scriptdir/gdb_backtrace %d %\$(MAKE_TEST_BINARY)
+
+ passdb backend = tdbsam
+
+ ; Necessary to add the build farm hacks
+ add user script = /bin/false
+ add machine script = /bin/false
+
+ kernel oplocks = no
+ kernel change notify = no
+
+ syslog = no
+ printing = bsd
+ printcap name = /dev/null
+
+";
+
+ if ($role eq "dc") {
+ print CONF "\tdomain logons = yes\n";
+ print CONF "\tdomain master = yes\n";
+ }
+
+print CONF "
+
+ winbindd:socket dir = $wbsockdir
+
+[tmp]
+ path = $shrdir
+ read only = no
+ smbd:sharedelay = 100000
+ map hidden = yes
+ map system = yes
+ create mask = 755
+[hideunread]
+ copy = tmp
+ hide unreadable = yes
+[hideunwrite]
+ copy = tmp
+ hide unwriteable files = yes
+[print1]
+ copy = tmp
+ printable = yes
+ printing = test
+[print2]
+ copy = print1
+[print3]
+ copy = print1
+[print4]
+ copy = print1
+ ";
+ close(CONF);
+
+ ##
+ ## create a test account
+ ##
+
+ open(PWD, "|".$self->binpath("smbpasswd")." -c $conffile -L -s -a $username");
+ print PWD "$password\n$password\n";
+ close(PWD) or die("Unable to set password for test account");
+
+ print "DONE\n";
+
+ $ret{SERVER_IP} = $server_ip;
+ $ret{NMBD_TEST_LOG} = "$prefix/nmbd_test.log";
+ $ret{WINBINDD_TEST_LOG} = "$prefix/winbindd_test.log";
+ $ret{SMBD_TEST_LOG} = "$prefix/smbd_test.log";
+ $ret{SERVERCONFFILE} = $conffile;
+ $ret{CONFIGURATION} ="-s $conffile";
+ $ret{SERVER} = $server;
+ $ret{USERNAME} = $username;
+ $ret{DOMAIN} = $domain;
+ $ret{NETBIOSNAME} = $server;
+ $ret{PASSWORD} = $password;
+ $ret{PIDDIR} = $piddir;
+ $ret{WINBINDD_SOCKET_DIR} = $wbsockdir;
+ $ret{WINBINDD_PRIV_PIPE_DIR} = $wbsockprivdir;
+ return \%ret;
+}
+
+sub wait_for_start($$)
+{
+ my ($self, $envvars) = @_;
+
+ # give time for nbt server to register its names
+ print "delaying for nbt name registration\n";
+ sleep(10);
+ # This will return quickly when things are up, but be slow if we need to wait for (eg) SSL init
+ system($self->binpath("nmblookup") ." $envvars->{CONFIGURATION} -U $envvars->{SERVER_IP} __SAMBA__");
+ system($self->binpath("nmblookup") ." $envvars->{CONFIGURATION} __SAMBA__");
+ system($self->binpath("nmblookup") ." $envvars->{CONFIGURATION} -U 127.255.255.255 __SAMBA__");
+ system($self->binpath("nmblookup") ." $envvars->{CONFIGURATION} -U $envvars->{SERVER_IP} $envvars->{SERVER}");
+ system($self->binpath("nmblookup") ." $envvars->{CONFIGURATION} $envvars->{SERVER}");
+ # make sure smbd is also up set
+ print "wait for smbd\n";
+ system($self->binpath("smbclient") ." $envvars->{CONFIGURATION} -L $envvars->{SERVER_IP} -U% -p 139 | head -2");
+ system($self->binpath("smbclient") ." $envvars->{CONFIGURATION} -L $envvars->{SERVER_IP} -U% -p 139 | head -2");
+
+ print $self->getlog_env($envvars);
+}
+
+1;
diff --git a/source4/selftest/target/Samba4.pm b/source4/selftest/target/Samba4.pm
new file mode 100644
index 0000000000..87a86ef06f
--- /dev/null
+++ b/source4/selftest/target/Samba4.pm
@@ -0,0 +1,915 @@
+#!/usr/bin/perl
+# Bootstrap Samba and run a number of tests against it.
+# Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
+# Published under the GNU GPL, v3 or later.
+
+package Samba4;
+
+use strict;
+use Cwd qw(abs_path);
+use FindBin qw($RealBin);
+use POSIX;
+
+sub new($$$$) {
+ my ($classname, $bindir, $ldap, $setupdir) = @_;
+ my $self = {
+ vars => {},
+ ldap => $ldap,
+ bindir => $bindir,
+ setupdir => $setupdir
+ };
+ bless $self;
+ return $self;
+}
+
+sub openldap_start($$$) {
+ my ($slapd_conf, $uri, $logs) = @_;
+ my $oldpath = $ENV{PATH};
+ my $olroot = "";
+ my $olpath = "";
+ if (defined $ENV{OPENLDAP_ROOT}) {
+ $olroot = "$ENV{OPENLDAP_ROOT}";
+ $olpath = "$olroot/libexec:$olroot/sbin:";
+ }
+ $ENV{PATH} = "$olpath/usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}";
+ system("slapd -d63 -f $slapd_conf -h $uri > $logs 2>&1 &");
+ $ENV{PATH} = $oldpath;
+}
+
+sub slapd_start($$)
+{
+ my $count = 0;
+ my ($self, $env_vars) = @_;
+
+ my $uri = $env_vars->{LDAP_URI};
+
+ # running slapd in the background means it stays in the same process group, so it can be
+ # killed by timelimit
+ if ($self->{ldap} eq "fedora-ds") {
+ system("$ENV{FEDORA_DS_ROOT}/sbin/ns-slapd -D $env_vars->{FEDORA_DS_DIR} -d0 -i $env_vars->{FEDORA_DS_PIDFILE}> $env_vars->{LDAPDIR}/logs 2>&1 &");
+ } elsif ($self->{ldap} eq "openldap") {
+ openldap_start($env_vars->{SLAPD_CONF}, $uri, "$env_vars->{LDAPDIR}/logs");
+ }
+ while (system("$self->{bindir}/ldbsearch -H $uri -s base -b \"\" supportedLDAPVersion > /dev/null") != 0) {
+ $count++;
+ if ($count > 40) {
+ $self->slapd_stop($env_vars);
+ return 0;
+ }
+ sleep(1);
+ }
+ return 1;
+}
+
+sub slapd_stop($$)
+{
+ my ($self, $envvars) = @_;
+ if ($self->{ldap} eq "fedora-ds") {
+ system("$envvars->{LDAPDIR}/slapd-samba4/stop-slapd");
+ } elsif ($self->{ldap} eq "openldap") {
+ open(IN, "<$envvars->{OPENLDAP_PIDFILE}") or
+ die("unable to open slapd pid file: $envvars->{OPENLDAP_PIDFILE}");
+ kill 9, <IN>;
+ close(IN);
+ }
+ return 1;
+}
+
+sub check_or_start($$$)
+{
+ my ($self, $env_vars, $max_time) = @_;
+ return 0 if ( -p $env_vars->{SMBD_TEST_FIFO});
+
+ unlink($env_vars->{SMBD_TEST_FIFO});
+ POSIX::mkfifo($env_vars->{SMBD_TEST_FIFO}, 0700);
+ unlink($env_vars->{SMBD_TEST_LOG});
+
+ print "STARTING SMBD... ";
+ my $pid = fork();
+ if ($pid == 0) {
+ open STDIN, $env_vars->{SMBD_TEST_FIFO};
+ open STDOUT, ">$env_vars->{SMBD_TEST_LOG}";
+ open STDERR, '>&STDOUT';
+
+ SocketWrapper::set_default_iface($env_vars->{SOCKET_WRAPPER_DEFAULT_IFACE});
+
+ my $valgrind = "";
+ if (defined($ENV{SMBD_VALGRIND})) {
+ $valgrind = $ENV{SMBD_VALGRIND};
+ }
+
+ $ENV{KRB5_CONFIG} = $env_vars->{KRB5_CONFIG};
+
+ $ENV{NSS_WRAPPER_PASSWD} = $env_vars->{NSS_WRAPPER_PASSWD};
+ $ENV{NSS_WRAPPER_GROUP} = $env_vars->{NSS_WRAPPER_GROUP};
+
+ # Start slapd before smbd, but with the fifo on stdin
+ if (defined($self->{ldap})) {
+ $self->slapd_start($env_vars) or
+ die("couldn't start slapd (2nd time)");
+ }
+
+ my $optarg = "";
+ if (defined($max_time)) {
+ $optarg = "--maximum-runtime=$max_time ";
+ }
+ if (defined($ENV{SMBD_OPTIONS})) {
+ $optarg.= " $ENV{SMBD_OPTIONS}";
+ }
+ my $ret = system("$valgrind $self->{bindir}/smbd $optarg $env_vars->{CONFIGURATION} -M single -i --leak-report-full");
+ if ($? == -1) {
+ print "Unable to start smbd: $ret: $!\n";
+ exit 1;
+ }
+ unlink($env_vars->{SMBD_TEST_FIFO});
+ my $exit = $? >> 8;
+ if ( $ret == 0 ) {
+ print "smbd exits with status $exit\n";
+ } elsif ( $ret & 127 ) {
+ print "smbd got signal ".($ret & 127)." and exits with $exit!\n";
+ } else {
+ $ret = $? >> 8;
+ print "smbd failed with status $exit!\n";
+ }
+ exit $exit;
+ }
+ print "DONE\n";
+
+ open(DATA, ">$env_vars->{SMBD_TEST_FIFO}");
+
+ return $pid;
+}
+
+sub wait_for_start($$)
+{
+ my ($self, $testenv_vars) = @_;
+ # give time for nbt server to register its names
+ print "delaying for nbt name registration\n";
+ sleep 2;
+
+ # This will return quickly when things are up, but be slow if we
+ # need to wait for (eg) SSL init
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{SERVER}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{SERVER}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{NETBIOSNAME}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{NETBIOSNAME}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{NETBIOSALIAS}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{NETBIOSALIAS}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{SERVER}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{SERVER}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{NETBIOSNAME}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{NETBIOSNAME}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} $testenv_vars->{NETBIOSALIAS}");
+ system("bin/nmblookup $testenv_vars->{CONFIGURATION} -U $testenv_vars->{SERVER_IP} $testenv_vars->{NETBIOSALIAS}");
+
+ print $self->getlog_env($testenv_vars);
+}
+
+sub write_ldb_file($$$)
+{
+ my ($self, $file, $ldif) = @_;
+
+ open(LDIF, "|$self->{bindir}/ldbadd -H $file >/dev/null");
+ print LDIF $ldif;
+ return close(LDIF);
+}
+
+sub add_wins_config($$)
+{
+ my ($self, $privatedir) = @_;
+
+ return $self->write_ldb_file("$privatedir/wins_config.ldb", "
+dn: name=TORTURE_6,CN=PARTNERS
+objectClass: wreplPartner
+name: TORTURE_6
+address: 127.0.0.6
+pullInterval: 0
+pushChangeCount: 0
+type: 0x3
+");
+}
+
+sub mk_fedora_ds($$$)
+{
+ my ($self, $ldapdir, $configuration) = @_;
+
+ my $fedora_ds_inf = "$ldapdir/fedorads.inf";
+ my $fedora_ds_extra_ldif = "$ldapdir/fedorads-partitions.ldif";
+
+ #Make the subdirectory be as fedora DS would expect
+ my $fedora_ds_dir = "$ldapdir/slapd-samba4";
+
+ my $pidfile = "$fedora_ds_dir/logs/slapd-samba4.pid";
+
+ system("$self->{bindir}/ad2oLschema $configuration -H $ldapdir/schema-tmp.ldb --option=convert:target=fedora-ds -I $self->{setupdir}/schema-map-fedora-ds-1.0 -O $ldapdir/99_ad.ldif >&2") == 0 or die("schema conversion for Fedora DS failed");
+
+my $dir = getcwd();
+chdir "$ENV{FEDORA_DS_ROOT}/bin" || die;
+ if (system("perl $ENV{FEDORA_DS_ROOT}/sbin/setup-ds.pl --silent --file=$fedora_ds_inf >&2") != 0) {
+ chdir $dir;
+ die("perl $ENV{FEDORA_DS_ROOT}/sbin/setup-ds.pl --silent --file=$fedora_ds_inf FAILED: $?");
+ }
+ chdir $dir || die;
+
+ return ($fedora_ds_dir, $pidfile);
+}
+
+sub mk_openldap($$$)
+{
+ my ($self, $ldapdir, $configuration) = @_;
+
+ my $slapd_conf = "$ldapdir/slapd.conf";
+ my $pidfile = "$ldapdir/slapd.pid";
+ my $modconf = "$ldapdir/modules.conf";
+
+ #This uses the backend provision we just did, to read out the schema
+ system("$self->{bindir}/ad2oLschema $configuration --option=convert:target=openldap -H $ldapdir/schema-tmp.ldb -I $self->{setupdir}/schema-map-openldap-2.3 -O $ldapdir/backend-schema.schema >&2") == 0 or die("schema conversion for OpenLDAP failed");
+
+ my $oldpath = $ENV{PATH};
+ my $olpath = "";
+ my $olroot = "";
+ if (defined $ENV{OPENLDAP_ROOT}) {
+ $olroot = "$ENV{OPENLDAP_ROOT}";
+ $olpath = "$olroot/libexec:$olroot/sbin:";
+ }
+ $ENV{PATH} = "$olpath/usr/local/sbin:/usr/sbin:/sbin:$ENV{PATH}";
+
+ unlink($modconf);
+ open(CONF, ">$modconf"); close(CONF);
+
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules
+ print CONF "
+modulepath $olroot/libexec/openldap
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules
+ print CONF "
+modulepath $olroot/libexec/openldap
+moduleload back_hdb
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules
+ print CONF "
+moduleload back_hdb
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules
+ print CONF "
+modulepath /usr/lib/ldap
+moduleload back_hdb
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules (Fedora layout)
+ print CONF "
+modulepath /usr/lib/openldap
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+
+ if (system("slaptest -u -f $slapd_conf >&2") != 0) {
+ open(CONF, ">$modconf");
+ # enable slapd modules (Fedora x86_64 layout)
+ print CONF "
+modulepath /usr/lib64/openldap
+moduleload syncprov
+moduleload memberof
+moduleload refint
+";
+ close(CONF);
+ }
+
+ system("slaptest -u -f $slapd_conf") == 0 or die("slaptest still fails after adding modules");
+
+
+ $ENV{PATH} = $oldpath;
+
+ return ($slapd_conf, $pidfile);
+}
+
+sub mk_keyblobs($$)
+{
+ my ($self, $tlsdir) = @_;
+
+ #TLS and PKINIT crypto blobs
+ my $dhfile = "$tlsdir/dhparms.pem";
+ my $cafile = "$tlsdir/ca.pem";
+ my $certfile = "$tlsdir/cert.pem";
+ my $reqkdc = "$tlsdir/req-kdc.der";
+ my $kdccertfile = "$tlsdir/kdc.pem";
+ my $keyfile = "$tlsdir/key.pem";
+ my $adminkeyfile = "$tlsdir/adminkey.pem";
+ my $reqadmin = "$tlsdir/req-admin.der";
+ my $admincertfile = "$tlsdir/admincert.pem";
+
+ mkdir($tlsdir, 0777);
+
+ #This is specified here to avoid draining entropy on every run
+ open(DHFILE, ">$dhfile");
+ print DHFILE <<EOF;
+-----BEGIN DH PARAMETERS-----
+MGYCYQC/eWD2xkb7uELmqLi+ygPMKyVcpHUo2yCluwnbPutEueuxrG/Cys8j8wLO
+svCN/jYNyR2NszOmg7ZWcOC/4z/4pWDVPUZr8qrkhj5MRKJc52MncfaDglvEdJrv
+YX70obsCAQI=
+-----END DH PARAMETERS-----
+EOF
+ close(DHFILE);
+
+ #Likewise, we pregenerate the key material. This allows the
+ #other certificates to be pre-generated
+ open(KEYFILE, ">$keyfile");
+ print KEYFILE <<EOF;
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpc
+ol3+S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H
+6H+pPqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQAB
+AoGAAqDLzFRR/BF1kpsiUfL4WFvTarCe9duhwj7ORc6fs785qAXuwUYAJ0Uvzmy6
+HqoGv3t3RfmeHDmjcpPHsbOKnsOQn2MgmthidQlPBMWtQMff5zdoYNUFiPS0XQBq
+szNW4PRjaA9KkLQVTwnzdXGkBSkn/nGxkaVu7OR3vJOBoo0CQQDO4upypesnbe6p
+9/xqfZ2uim8IwV1fLlFClV7WlCaER8tsQF4lEi0XSzRdXGUD/dilpY88Nb+xok/X
+8Z8OvgAXAkEA+pcLsx1gN7kxnARxv54jdzQjC31uesJgMKQXjJ0h75aUZwTNHmZQ
+vPxi6u62YiObrN5oivkixwFNncT9MxTxVQJBAMaWUm2SjlLe10UX4Zdm1MEB6OsC
+kVoX37CGKO7YbtBzCfTzJGt5Mwc1DSLA2cYnGJqIfSFShptALlwedot0HikCQAJu
+jNKEKnbf+TdGY8Q0SKvTebOW2Aeg80YFkaTvsXCdyXrmdQcifw4WdO9KucJiDhSz
+Y9hVapz7ykEJtFtWjLECQQDIlfc63I5ZpXfg4/nN4IJXUW6AmPVOYIA5215itgki
+cSlMYli1H9MEXH0pQMGv5Qyd0OYIx2DDg96mZ+aFvqSG
+-----END RSA PRIVATE KEY-----
+EOF
+ close(KEYFILE);
+
+ open(ADMINKEYFILE, ">$adminkeyfile");
+
+ print ADMINKEYFILE <<EOF;
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQD0+OL7TQBj0RejbIH1+g5GeRaWaM9xF43uE5y7jUHEsi5owhZF
+5iIoHZeeL6cpDF5y1BZRs0JlA1VqMry1jjKlzFYVEMMFxB6esnXhl0Jpip1JkUMM
+XLOP1m/0dqayuHBWozj9f/cdyCJr0wJIX1Z8Pr+EjYRGPn/MF0xdl3JRlwIDAQAB
+AoGAP8mjCP628Ebc2eACQzOWjgEvwYCPK4qPmYOf1zJkArzG2t5XAGJ5WGrENRuB
+cm3XFh1lpmaADl982UdW3gul4gXUy6w4XjKK4vVfhyHj0kZ/LgaXUK9BAGhroJ2L
+osIOUsaC6jdx9EwSRctwdlF3wWJ8NK0g28AkvIk+FlolW4ECQQD7w5ouCDnf58CN
+u4nARx4xv5XJXekBvOomkCQAmuOsdOb6b9wn3mm2E3au9fueITjb3soMR31AF6O4
+eAY126rXAkEA+RgHzybzZEP8jCuznMqoN2fq/Vrs6+W3M8/G9mzGEMgLLpaf2Jiz
+I9tLZ0+OFk9tkRaoCHPfUOCrVWJZ7Y53QQJBAMhoA6rw0WDyUcyApD5yXg6rusf4
+ASpo/tqDkqUIpoL464Qe1tjFqtBM3gSXuhs9xsz+o0bzATirmJ+WqxrkKTECQHt2
+OLCpKqwAspU7N+w32kaUADoRLisCEdrhWklbwpQgwsIVsCaoEOpt0CLloJRYTANE
+yoZeAErTALjyZYZEPcECQQDlUi0N8DFxQ/lOwWyR3Hailft+mPqoPCa8QHlQZnlG
++cfgNl57YHMTZFwgUVFRdJNpjH/WdZ5QxDcIVli0q+Ko
+-----END RSA PRIVATE KEY-----
+EOF
+
+ #generated with
+ #hxtool issue-certificate --self-signed --issue-ca --ca-private-key=FILE:$KEYFILE \
+ # --subject="CN=CA,$BASEDN" --certificate="FILE:$CAFILE"
+
+ open(CAFILE, ">$cafile");
+ print CAFILE <<EOF;
+-----BEGIN CERTIFICATE-----
+MIIChTCCAe6gAwIBAgIUFZoF6jt0R+hQBdF7cWPy0tT3fGwwCwYJKoZIhvcNAQEFMFIxEzAR
+BgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxlMRUwEwYKCZImiZPy
+LGQBGQwFc2FtYmExCzAJBgNVBAMMAkNBMCIYDzIwMDcwMTIzMDU1MzA5WhgPMjAwODAxMjQw
+NTUzMDlaMFIxEzARBgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxl
+MRUwEwYKCZImiZPyLGQBGQwFc2FtYmExCzAJBgNVBAMMAkNBMIGfMA0GCSqGSIb3DQEBAQUA
+A4GNADCBiQKBgQDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpcol3+S9/6
+I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H6H+pPqVIRLOmrWIm
+ai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQABo1YwVDAOBgNVHQ8BAf8EBAMC
+AqQwEgYDVR0lBAswCQYHKwYBBQIDBTAdBgNVHQ4EFgQUwtm596AMotmzRU7IVdgrUvozyjIw
+DwYDVR0TBAgwBgEB/wIBADANBgkqhkiG9w0BAQUFAAOBgQBgzh5uLDmESGYv60iUdEfuk/T9
+VCpzb1z3VJVWt3uJoQYbcpR00SKeyMdlfTTLzO6tSPMmlk4hwqfvLkPzGCSObR4DRRYa0BtY
+2laBVlg9X59bGpMUvpFQfpvxjvFWNJDL+377ELCVpLNdoR23I9TKXlalj0bY5Ks46CVIrm6W
+EA==
+-----END CERTIFICATE-----
+EOF
+
+ #generated with GNUTLS internally in Samba.
+
+ open(CERTFILE, ">$certfile");
+ print CERTFILE <<EOF;
+-----BEGIN CERTIFICATE-----
+MIICYTCCAcygAwIBAgIE5M7SRDALBgkqhkiG9w0BAQUwZTEdMBsGA1UEChMUU2Ft
+YmEgQWRtaW5pc3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1
+dG9nZW5lcmF0ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMB4XDTA2MDgw
+NDA0MzY1MloXDTA4MDcwNDA0MzY1MlowZTEdMBsGA1UEChMUU2FtYmEgQWRtaW5p
+c3RyYXRpb24xNDAyBgNVBAsTK1NhbWJhIC0gdGVtcG9yYXJ5IGF1dG9nZW5lcmF0
+ZWQgY2VydGlmaWNhdGUxDjAMBgNVBAMTBVNhbWJhMIGcMAsGCSqGSIb3DQEBAQOB
+jAAwgYgCgYDKg6pAwCHUMA1DfHDmWhZfd+F0C+9Jxcqvpw9ii9En3E1uflpcol3+
+S9/6I/uaTmJHZre+DF3dTzb/UOZo0Zem8N+IzzkgoGkFafjXuT3BL5UPY2/H6H+p
+PqVIRLOmrWImai359YyoKhFyo37Y6HPeU8QcZ+u2rS9geapIWfeuowIDAQABoyUw
+IzAMBgNVHRMBAf8EAjAAMBMGA1UdJQQMMAoGCCsGAQUFBwMBMAsGCSqGSIb3DQEB
+BQOBgQAmkN6XxvDnoMkGcWLCTwzxGfNNSVcYr7TtL2aJh285Xw9zaxcm/SAZBFyG
+LYOChvh6hPU7joMdDwGfbiLrBnMag+BtGlmPLWwp/Kt1wNmrRhduyTQFhN3PP6fz
+nBr9vVny2FewB2gHmelaPS//tXdxivSXKz3NFqqXLDJjq7P8wA==
+-----END CERTIFICATE-----
+EOF
+ close(CERTFILE);
+
+ #KDC certificate
+ # hxtool request-create --subject="CN=krbtgt,cn=users,$basedn" --key=FILE:$KEYFILE $KDCREQ
+
+ # hxtool issue-certificate --ca-certificate=FILE:$CAFILE,$KEYFILE --type="pkinit-kdc" --pk-init-principal="krbtgt/$RELAM@$REALM" --req="$KDCREQ" --certificate="FILE:$KDCCERTFILE"
+
+ open(KDCCERTFILE, ">$kdccertfile");
+ print KDCCERTFILE <<EOF;
+-----BEGIN CERTIFICATE-----
+MIIDDDCCAnWgAwIBAgIUDEhjaOT1ZjHjHHEn+l5eYO05oK8wCwYJKoZIhvcNAQEFMFIxEzAR
+BgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxlMRUwEwYKCZImiZPy
+LGQBGQwFc2FtYmExCzAJBgNVBAMMAkNBMCIYDzIwMDcwMTIzMDcwNzA4WhgPMjAwODAxMjQw
+NzA3MDhaMGYxEzARBgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxl
+MRUwEwYKCZImiZPyLGQBGQwFc2FtYmExDjAMBgNVBAMMBXVzZXJzMQ8wDQYDVQQDDAZrcmJ0
+Z3QwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMqDqkDAIdQwDUN8cOZaFl934XQL70nF
+yq+nD2KL0SfcTW5+WlyiXf5L3/oj+5pOYkdmt74MXd1PNv9Q5mjRl6bw34jPOSCgaQVp+Ne5
+PcEvlQ9jb8fof6k+pUhEs6atYiZqLfn1jKgqEXKjftjoc95TxBxn67atL2B5qkhZ966jAgMB
+AAGjgcgwgcUwDgYDVR0PAQH/BAQDAgWgMBIGA1UdJQQLMAkGBysGAQUCAwUwVAYDVR0RBE0w
+S6BJBgYrBgEFAgKgPzA9oBMbEVNBTUJBLkVYQU1QTEUuQ09NoSYwJKADAgEBoR0wGxsGa3Ji
+dGd0GxFTQU1CQS5FWEFNUExFLkNPTTAfBgNVHSMEGDAWgBTC2bn3oAyi2bNFTshV2CtS+jPK
+MjAdBgNVHQ4EFgQUwtm596AMotmzRU7IVdgrUvozyjIwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOBgQCMSgLkIv9RobE0a95H2ECA+5YABBwKXIt4AyN/HpV7iJdRx7B9PE6vM+nboVKY
+E7i7ECUc3bu6NgrLu7CKHelNclHWWMiZzSUwhkXyvG/LE9qtr/onNu9NfLt1OV+dwQwyLdEP
+n63FxSmsKg3dfi3ryQI/DIKeisvipwDtLqOn9g==
+-----END CERTIFICATE-----
+EOF
+
+ #hxtool request-create --subject="CN=Administrator,cn=users,$basedn" --key=FILE:$ADMINKEYFILE $ADMINREQFILE
+ #hxtool issue-certificate --ca-certificate=FILE:$CAFILE,$KEYFILE --type="pkinit-client" --pk-init-principal="administrator@$REALM" --req="$ADMINREQFILE" --certificate="FILE:$ADMINCERTFILE"
+
+ open(ADMINCERTFILE, ">$admincertfile");
+ print ADMINCERTFILE <<EOF;
+-----BEGIN CERTIFICATE-----
+MIICwjCCAiugAwIBAgIUXyECoq4im33ByZDWZMGhtpvHYWEwCwYJKoZIhvcNAQEFMFIxEzAR
+BgoJkiaJk/IsZAEZDANjb20xFzAVBgoJkiaJk/IsZAEZDAdleGFtcGxlMRUwEwYKCZImiZPy
+LGQBGQwFc2FtYmExCzAJBgNVBAMMAkNBMCIYDzIwMDcwMTIzMDcyMzE2WhgPMjAwODAxMjQw
+NzIzMTZaMCgxDjAMBgNVBAMMBXVzZXJzMRYwFAYDVQQDDA1BZG1pbmlzdHJhdG9yMIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0+OL7TQBj0RejbIH1+g5GeRaWaM9xF43uE5y7jUHE
+si5owhZF5iIoHZeeL6cpDF5y1BZRs0JlA1VqMry1jjKlzFYVEMMFxB6esnXhl0Jpip1JkUMM
+XLOP1m/0dqayuHBWozj9f/cdyCJr0wJIX1Z8Pr+EjYRGPn/MF0xdl3JRlwIDAQABo4G8MIG5
+MA4GA1UdDwEB/wQEAwIFoDASBgNVHSUECzAJBgcrBgEFAgMEMEgGA1UdEQRBMD+gPQYGKwYB
+BQICoDMwMaATGxFTQU1CQS5FWEFNUExFLkNPTaEaMBigAwIBAaERMA8bDWFkbWluaXN0cmF0
+b3IwHwYDVR0jBBgwFoAUwtm596AMotmzRU7IVdgrUvozyjIwHQYDVR0OBBYEFCDzVsvJ8IDz
+wLYH8EONeUa5oVrGMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADgYEAbTCnaPTieVZPV3bH
+UmAMbnF9+YN1mCbe2xZJ0xzve+Yw1XO82iv/9kZaZkcRkaQt2qcwsBK/aSPOgfqGx+mJ7hXQ
+AGWvAJhnWi25PawNaRysCN8WC6+nWKR4d2O2m5rpj3T9kH5WE7QbG0bCu92dGaS29FvWDCP3
+q9pRtDOoAZc=
+-----END CERTIFICATE-----
+EOF
+ close(ADMINCERTFILE);
+}
+
+sub provision($$$$$$)
+{
+ my ($self, $prefix, $server_role, $netbiosname, $netbiosalias, $swiface, $password) = @_;
+
+ my $smbd_loglevel = 1;
+ my $username = "administrator";
+ my $domain = "SAMBADOMAIN";
+ my $realm = "SAMBA.EXAMPLE.COM";
+ my $dnsname = "samba.example.com";
+ my $basedn = "dc=samba,dc=example,dc=com";
+ my $unix_name = ($ENV{USER} or $ENV{LOGNAME} or `whoami`);
+ chomp $unix_name;
+ my $unix_uid = $>;
+ my $unix_gids_str = $);
+ my @unix_gids = split(" ", $unix_gids_str);
+ my $srcdir="$RealBin/..";
+ -d $prefix or mkdir($prefix, 0777) or die("Unable to create $prefix");
+ my $prefix_abs = abs_path($prefix);
+ my $tmpdir = "$prefix_abs/tmp";
+ my $etcdir = "$prefix_abs/etc";
+ my $piddir = "$prefix_abs/pid";
+ my $conffile = "$etcdir/smb.conf";
+ my $krb5_config = "$etcdir/krb5.conf";
+ my $privatedir = "$prefix_abs/private";
+ my $ncalrpcdir = "$prefix_abs/ncalrpc";
+ my $lockdir = "$prefix_abs/lockdir";
+ my $winbindd_socket_dir = "$prefix_abs/winbind_socket";
+ my $winbindd_priv_pipe_dir = "$piddir/smbd.tmp/winbind_pipe";
+ my $nsswrap_passwd = "$etcdir/passwd";
+ my $nsswrap_group = "$etcdir/group";
+
+ my $configuration = "--configfile=$conffile";
+ my $ldapdir = "$privatedir/ldap";
+
+ my $tlsdir = "$privatedir/tls";
+
+ my $ifaceipv4 = "127.0.0.$swiface";
+ my $interfaces = "$ifaceipv4/8";
+
+ (system("rm -rf $prefix/*") == 0) or die("Unable to clean up");
+ mkdir($_, 0777) foreach ($privatedir, $etcdir, $piddir, $ncalrpcdir, $lockdir,
+ $tmpdir);
+
+
+ my $localbasedn = $basedn;
+ $localbasedn = "DC=$netbiosname" if $server_role eq "member server";
+
+ open(CONFFILE, ">$conffile");
+ print CONFFILE "
+[global]
+ netbios name = $netbiosname
+ netbios aliases = $netbiosalias
+ workgroup = $domain
+ realm = $realm
+ private dir = $privatedir
+ pid directory = $piddir
+ ncalrpc dir = $ncalrpcdir
+ lock dir = $lockdir
+ setup directory = $self->{setupdir}
+ modules dir = $self->{bindir}/modules
+ js include = $srcdir/scripting/libjs
+ winbindd socket directory = $winbindd_socket_dir
+ winbind separator = /
+ name resolve order = bcast
+ interfaces = $interfaces
+ tls dh params file = $tlsdir/dhparms.pem
+ panic action = $srcdir/script/gdb_backtrace \%PID% \%PROG%
+ wins support = yes
+ server role = $server_role
+ max xmit = 32K
+ server max protocol = SMB2
+ notify:inotify = false
+ ldb:nosync = true
+ system:anonymous = true
+#We don't want to pass our self-tests if the PAC code is wrong
+ gensec:require_pac = true
+ log level = $smbd_loglevel
+
+[tmp]
+ path = $tmpdir
+ read only = no
+ ntvfs handler = posix
+ posix:sharedelay = 100000
+ posix:eadb = $lockdir/eadb.tdb
+
+[cifs]
+ read only = no
+ ntvfs handler = cifs
+ cifs:server = $netbiosname
+ cifs:share = tmp
+#There is no username specified here, instead the client is expected
+#to log in with kerberos, and smbd will used delegated credentials.
+
+[simple]
+ path = $tmpdir
+ read only = no
+ ntvfs handler = simple
+
+[cifsposix]
+ copy = simple
+ ntvfs handler = cifsposix
+";
+ close(CONFFILE);
+
+ $self->mk_keyblobs($tlsdir);
+
+ open(KRB5CONF, ">$krb5_config");
+ print KRB5CONF "
+#Generated krb5.conf for $realm
+
+[libdefaults]
+ default_realm = $realm
+ dns_lookup_realm = false
+ dns_lookup_kdc = false
+ ticket_lifetime = 24h
+ forwardable = yes
+
+[realms]
+ $realm = {
+ kdc = 127.0.0.1:88
+ admin_server = 127.0.0.1:88
+ default_domain = $dnsname
+ }
+ $dnsname = {
+ kdc = 127.0.0.1:88
+ admin_server = 127.0.0.1:88
+ default_domain = $dnsname
+ }
+ $domain = {
+ kdc = 127.0.0.1:88
+ admin_server = 127.0.0.1:88
+ default_domain = $dnsname
+ }
+
+[appdefaults]
+ pkinit_anchors = FILE:$tlsdir/ca.pem
+
+[kdc]
+ enable-pkinit = true
+ pkinit_identity = FILE:$tlsdir/kdc.pem,$tlsdir/key.pem
+ pkinit_anchors = FILE:$tlsdir/ca.pem
+
+[domain_realm]
+ .$dnsname = $realm
+";
+ close(KRB5CONF);
+
+ open(PWD, ">$nsswrap_passwd");
+ print PWD "
+root:x:0:0:root gecos:$prefix_abs:/bin/false
+$unix_name:x:$unix_uid:$unix_gids[0]:$unix_name gecos:$prefix_abs:/bin/false
+nobody:x:65534:65533:nobody gecos:$prefix_abs:/bin/false
+";
+ close(PWD);
+
+ open(GRP, ">$nsswrap_group");
+ print GRP "
+root:x:0:
+wheel:x:10:
+users:x:100:
+nobody:x:65533:
+nogroup:x:65534:nobody
+";
+ close(GRP);
+
+#Ensure the config file is valid before we start
+ if (system("$self->{bindir}/testparm $configuration -v --suppress-prompt >/dev/null 2>&1") != 0) {
+ system("$self->{bindir}/testparm -v --suppress-prompt $configuration >&2");
+ die("Failed to create a valid smb.conf configuration!");
+ }
+
+ (system("($self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global 2> /dev/null | grep -i \"^$netbiosname\" ) >/dev/null 2>&1") == 0) or die("Failed to create a valid smb.conf configuration! $self->{bindir}/testparm $configuration -v --suppress-prompt --parameter-name=\"netbios name\" --section-name=global");
+
+ my @provision_options = ();
+ push (@provision_options, "NSS_WRAPPER_PASSWD=\"$nsswrap_passwd\"");
+ push (@provision_options, "NSS_WRAPPER_GROUP=\"$nsswrap_group\"");
+ if (defined($ENV{PROVISION_PYTHON})) {
+ push (@provision_options, "$self->{bindir}/smbpython");
+ push (@provision_options, "$self->{setupdir}/provision.py");
+ } else {
+ push (@provision_options, "$self->{bindir}/smbscript");
+ push (@provision_options, "$self->{setupdir}/provision");
+ }
+ push (@provision_options, split(' ', $configuration));
+ push (@provision_options, "--host-name=$netbiosname");
+ push (@provision_options, "--host-ip=$ifaceipv4");
+ push (@provision_options, "--quiet");
+ push (@provision_options, "--domain=$domain");
+ push (@provision_options, "--realm=$realm");
+ push (@provision_options, "--adminpass=$password");
+ push (@provision_options, "--krbtgtpass=krbtgt$password");
+ push (@provision_options, "--machinepass=machine$password");
+ push (@provision_options, "--root=$unix_name");
+ push (@provision_options, "--simple-bind-dn=cn=Manager,$localbasedn");
+ push (@provision_options, "--password=$password");
+ push (@provision_options, "--server-role=\"$server_role\"");
+
+ my $ldap_uri= "$ldapdir/ldapi";
+ $ldap_uri =~ s|/|%2F|g;
+ $ldap_uri = "ldapi://$ldap_uri";
+
+ my $ret = {
+ KRB5_CONFIG => $krb5_config,
+ PIDDIR => $piddir,
+ SERVER => $netbiosname,
+ SERVER_IP => $ifaceipv4,
+ NETBIOSNAME => $netbiosname,
+ NETBIOSALIAS => $netbiosalias,
+ LDAP_URI => $ldap_uri,
+ DOMAIN => $domain,
+ USERNAME => $username,
+ REALM => $realm,
+ PASSWORD => $password,
+ LDAPDIR => $ldapdir,
+ WINBINDD_SOCKET_DIR => $winbindd_socket_dir,
+ WINBINDD_PRIV_PIPE_DIR => $winbindd_priv_pipe_dir,
+ NCALRPCDIR => $ncalrpcdir,
+ LOCKDIR => $lockdir,
+ CONFIGURATION => $configuration,
+ SOCKET_WRAPPER_DEFAULT_IFACE => $swiface,
+ NSS_WRAPPER_PASSWD => $nsswrap_passwd,
+ NSS_WRAPPER_GROUP => $nsswrap_group,
+ };
+
+ if (defined($self->{ldap})) {
+
+ push (@provision_options, "--ldap-backend=$ldap_uri");
+ system("$self->{bindir}/smbscript $self->{setupdir}/provision-backend $configuration --ldap-manager-pass=$password --root=$unix_name --realm=$realm --host-name=$netbiosname --ldap-backend-type=$self->{ldap}>&2") == 0 or die("backend provision failed");
+
+ if ($self->{ldap} eq "openldap") {
+ ($ret->{SLAPD_CONF}, $ret->{OPENLDAP_PIDFILE}) = $self->mk_openldap($ldapdir, $configuration) or die("Unable to create openldap directories");
+ } elsif ($self->{ldap} eq "fedora-ds") {
+ ($ret->{FEDORA_DS_DIR}, $ret->{FEDORA_DS_PIDFILE}) = $self->mk_fedora_ds($ldapdir, $configuration) or die("Unable to create fedora ds directories");
+ push (@provision_options, "--ldap-module=nsuniqueid");
+ push (@provision_options, "'--aci=aci:: KHRhcmdldGF0dHIgPSAiKiIpICh2ZXJzaW9uIDMuMDthY2wgImZ1bGwgYWNjZXNzIHRvIGFsbCBieSBhbGwiO2FsbG93IChhbGwpKHVzZXJkbiA9ICJsZGFwOi8vL2FueW9uZSIpOykK'");
+ }
+
+ $self->slapd_start($ret) or
+ die("couldn't start slapd");
+ }
+
+ my $provision_cmd = join(" ", @provision_options);
+ (system($provision_cmd) == 0) or die("Unable to provision: \n$provision_cmd\n");
+
+ if (defined($self->{ldap})) {
+ $self->slapd_stop($ret) or
+ die("couldn't stop slapd");
+ }
+
+ return $ret;
+}
+
+sub provision_member($$$)
+{
+ my ($self, $prefix, $dcvars) = @_;
+ print "PROVISIONING MEMBER...";
+
+ my $ret = $self->provision($prefix,
+ "member server",
+ "localmember3",
+ "localmember",
+ 3,
+ "localmemberpass");
+
+ $ret or die("Unable to provision");
+
+ my $cmd = "";
+ $cmd .= "SOCKET_WRAPPER_DEFAULT_IFACE=\"$ret->{SOCKET_WRAPPER_DEFAULT_IFACE}\" ";
+ $cmd .= "KRB5_CONFIG=\"$ret->{KRB5_CONFIG}\" ";
+ $cmd .= "$self->{bindir}/net join $ret->{CONFIGURATION} $dcvars->{DOMAIN} member";
+ $cmd .= " -U$dcvars->{USERNAME}\%$dcvars->{PASSWORD}";
+
+ system($cmd) == 0 or die("Join failed\n$cmd");
+
+ $ret->{SMBD_TEST_FIFO} = "$prefix/smbd_test.fifo";
+ $ret->{SMBD_TEST_LOG} = "$prefix/smbd_test.log";
+ $ret->{SMBD_TEST_LOG_POS} = 0;
+
+ $ret->{DC_SERVER} = $dcvars->{SERVER};
+ $ret->{DC_SERVER_IP} = $dcvars->{SERVER_IP};
+ $ret->{DC_NETBIOSNAME} = $dcvars->{NETBIOSNAME};
+ $ret->{DC_NETBIOSALIAS} = $dcvars->{NETBIOSALIAS};
+ $ret->{DC_USERNAME} = $dcvars->{USERNAME};
+ $ret->{DC_PASSWORD} = $dcvars->{PASSWORD};
+
+ return $ret;
+}
+
+sub provision_dc($$)
+{
+ my ($self, $prefix) = @_;
+
+ print "PROVISIONING DC...";
+ my $ret = $self->provision($prefix,
+ "domain controller",
+ "localdc1",
+ "localdc",
+ 1,
+ "localdcpass");
+
+ $self->add_wins_config("$prefix/private") or
+ die("Unable to add wins configuration");
+
+ $ret->{SMBD_TEST_FIFO} = "$prefix/smbd_test.fifo";
+ $ret->{SMBD_TEST_LOG} = "$prefix/smbd_test.log";
+ $ret->{SMBD_TEST_LOG_POS} = 0;
+ return $ret;
+}
+
+sub teardown_env($$)
+{
+ my ($self, $envvars) = @_;
+ my $pid;
+
+ close(DATA);
+
+ if (-f "$envvars->{PIDDIR}/smbd.pid" ) {
+ open(IN, "<$envvars->{PIDDIR}/smbd.pid") or die("unable to open smbd pid file");
+ $pid = <IN>;
+ close(IN);
+
+ # Give the process 20 seconds to exit. gcov needs
+ # this time to write out the covarge data
+ my $count = 0;
+ until (kill(0, $pid) == 0) {
+ # if no process sucessfully signalled, then we are done
+ sleep(1);
+ $count++;
+ last if $count > 20;
+ }
+
+ # If it is still around, kill it
+ if ($count > 20) {
+ print "smbd process $pid took more than $count seconds to exit, killing\n";
+ kill 9, $pid;
+ }
+ }
+
+ my $failed = $? >> 8;
+
+ $self->slapd_stop($envvars) if ($self->{ldap});
+
+ print $self->getlog_env($envvars);
+
+ return $failed;
+}
+
+sub getlog_env($$)
+{
+ my ($self, $envvars) = @_;
+ my $title = "SMBD LOG of: $envvars->{NETBIOSNAME}\n";
+ my $out = $title;
+
+ open(LOG, "<$envvars->{SMBD_TEST_LOG}");
+
+ seek(LOG, $envvars->{SMBD_TEST_LOG_POS}, SEEK_SET);
+ while (<LOG>) {
+ $out .= $_;
+ }
+ $envvars->{SMBD_TEST_LOG_POS} = tell(LOG);
+ close(LOG);
+
+ return "" if $out eq $title;
+
+ return $out;
+}
+
+sub check_env($$)
+{
+ my ($self, $envvars) = @_;
+
+ return 1 if (-p $envvars->{SMBD_TEST_FIFO});
+
+ print $self->getlog_env($envvars);
+
+ return 0;
+}
+
+sub setup_env($$$)
+{
+ my ($self, $envname, $path) = @_;
+
+ if ($envname eq "dc") {
+ return $self->setup_dc("$path/dc");
+ } elsif ($envname eq "member") {
+ if (not defined($self->{vars}->{dc})) {
+ $self->setup_dc("$path/dc");
+ }
+ return $self->setup_member("$path/member", $self->{vars}->{dc});
+ } else {
+ die("Samba4 can't provide environment '$envname'");
+ }
+}
+
+sub setup_member($$$$)
+{
+ my ($self, $path, $dc_vars) = @_;
+
+ my $env = $self->provision_member($path, $dc_vars);
+
+ $self->check_or_start($env, ($ENV{SMBD_MAXTIME} or 7500));
+
+ $self->wait_for_start($env);
+
+ return $env;
+}
+
+sub setup_dc($$)
+{
+ my ($self, $path) = @_;
+
+ my $env = $self->provision_dc($path);
+
+ $self->check_or_start($env,
+ ($ENV{SMBD_MAXTIME} or 7500));
+
+ $self->wait_for_start($env);
+
+ $self->{vars}->{dc} = $env;
+
+ return $env;
+}
+
+sub stop($)
+{
+ my ($self) = @_;
+}
+
+1;
diff --git a/source4/selftest/target/Windows.pm b/source4/selftest/target/Windows.pm
new file mode 100644
index 0000000000..d0c90d7f7b
--- /dev/null
+++ b/source4/selftest/target/Windows.pm
@@ -0,0 +1,40 @@
+#!/usr/bin/perl
+# Bootstrap Samba and run a number of tests against it.
+# Copyright (C) 2005-2007 Jelmer Vernooij <jelmer@samba.org>
+# Published under the GNU GPL, v3 or later.
+
+package Windows;
+
+use strict;
+use FindBin qw($RealBin);
+use POSIX;
+
+sub new($)
+{
+ my ($classname) = @_;
+ my $self = { };
+ bless $self;
+ return $self;
+}
+
+sub provision($$$)
+{
+ my ($self, $environment, $prefix) = @_;
+
+ die ("Windows tests will not run without root privileges.")
+ if (`whoami` ne "root");
+
+ die("Environment variable WINTESTCONF has not been defined.\n".
+ "Windows tests will not run unconfigured.") if (not defined($ENV{WINTESTCONF}));
+
+ die ("$ENV{WINTESTCONF} could not be read.") if (! -r $ENV{WINTESTCONF});
+
+ $ENV{WINTEST_DIR}="$ENV{SRCDIR}/selftest/win";
+}
+
+sub setup_env($$)
+{
+ my ($self, $name) = @_;
+}
+
+1;