summaryrefslogtreecommitdiff
path: root/source4
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-10-25 19:58:15 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-10-25 20:24:36 +1100
commit53244c915113cef87692756e9ad545ff75074df0 (patch)
treebf823e08aa1da7abd0e9ce064ef2b76ef7ef8e89 /source4
parente9b6b23fbdafff700ceb788dbff2ba69584ff833 (diff)
downloadsamba-53244c915113cef87692756e9ad545ff75074df0.tar.gz
samba-53244c915113cef87692756e9ad545ff75074df0.tar.bz2
samba-53244c915113cef87692756e9ad545ff75074df0.zip
selftest: Cover one more NT ACL invalidation case and improve comments
This tries to show the difference between the cases where we trap the POSIX ACL change and where we actually detect an OS-level change. Andrew Bartlett
Diffstat (limited to 'source4')
-rw-r--r--source4/scripting/python/samba/tests/posixacl.py15
1 files changed, 7 insertions, 8 deletions
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py
index 449a87c128..a575138570 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -82,7 +82,7 @@ class PosixAclMappingTests(TestCase):
pass
os.unlink(tempf)
- def test_setntacl_smbd_chmod_getntacl(self):
+ def test_setntacl_invalidate_getntacl(self):
random.seed()
lp = LoadParm()
path = None
@@ -103,26 +103,25 @@ class PosixAclMappingTests(TestCase):
self.assertEquals(acl, facl.as_sddl(anysid))
os.unlink(tempf)
- def test_setntacl_smbd_chmod_getntacl_smbd(self):
+ def test_setntacl_invalidate_getntacl_smbd(self):
random.seed()
lp = LoadParm()
path = None
path = os.environ['SELFTEST_PREFIX']
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
open(tempf, 'w').write("empty")
- setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+ setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
# This should invalidate the ACL, as we include the posix ACL in the hash
(backend_obj, dbname) = checkset_backend(lp, None, None)
backend_obj.wrap_setxattr(dbname,
tempf, "system.fake_access_acl", "")
- #the hash breaks, and we return an ACL based only on the mode
+ #the hash would break, and we return an ACL based only on the mode, except we set the ACL using the 'ntvfs' mode that doesn't include a hash
facl = getntacl(lp,tempf)
anysid = security.dom_sid(security.SID_NT_SELF)
- self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
+ self.assertEquals(acl, facl.as_sddl(anysid))
os.unlink(tempf)
def test_setntacl_getntacl_smbd(self):
@@ -163,7 +162,7 @@ class PosixAclMappingTests(TestCase):
tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
open(tempf, 'w').write("empty")
setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- # This invalidates the hash of the NT acl just set
+ # This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code
smbd.set_simple_acl(tempf, 0640)
facl = getntacl(lp,tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
@@ -181,7 +180,7 @@ class PosixAclMappingTests(TestCase):
tempf = os.path.join(path,"pytests"+str(int(100000*random.random())))
open(tempf, 'w').write("empty")
setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- # This invalidates the hash of the NT acl just set
+ # This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code
s3conf = s3param.get_context()
s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
(BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid)