summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source4/scripting/python/samba/tests/posixacl.py140
1 files changed, 59 insertions, 81 deletions
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py
index 9df904b62c..f949ab47b3 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -38,143 +38,129 @@ from samba.samba3 import param as s3param
class PosixAclMappingTests(TestCaseInTempDir):
def test_setntacl(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
def test_setntacl_smbd_getntacl(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
- facl = getntacl(lp,self.tempf, direct_db_access=True)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
def test_setntacl_smbd_setposixacl_getntacl(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
# This will invalidate the ACL, as we have a hook!
smbd.set_simple_acl(self.tempf, 0640)
# However, this only asks the xattr
try:
- facl = getntacl(lp, self.tempf, direct_db_access=True)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=True)
self.assertTrue(False)
except TypeError:
pass
def test_setntacl_invalidate_getntacl(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
# This should invalidate the ACL, as we include the posix ACL in the hash
- (backend_obj, dbname) = checkset_backend(lp, None, None)
+ (backend_obj, dbname) = checkset_backend(self.lp, None, None)
backend_obj.wrap_setxattr(dbname,
self.tempf, "system.fake_access_acl", "")
#however, as this is direct DB access, we do not notice it
- facl = getntacl(lp, self.tempf, direct_db_access=True)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=True)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
def test_setntacl_invalidate_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
# This should invalidate the ACL, as we include the posix ACL in the hash
- (backend_obj, dbname) = checkset_backend(lp, None, None)
+ (backend_obj, dbname) = checkset_backend(self.lp, None, None)
backend_obj.wrap_setxattr(dbname,
self.tempf, "system.fake_access_acl", "")
#the hash would break, and we return an ACL based only on the mode, except we set the ACL using the 'ntvfs' mode that doesn't include a hash
- facl = getntacl(lp, self.tempf)
+ facl = getntacl(self.lp, self.tempf)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
def test_setntacl_smbd_invalidate_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x001200a9;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)"
os.chmod(self.tempf, 0750)
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
# This should invalidate the ACL, as we include the posix ACL in the hash
- (backend_obj, dbname) = checkset_backend(lp, None, None)
+ (backend_obj, dbname) = checkset_backend(self.lp, None, None)
backend_obj.wrap_setxattr(dbname,
self.tempf, "system.fake_access_acl", "")
#the hash will break, and we return an ACL based only on the mode
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
def test_setntacl_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
def test_setntacl_smbd_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
def test_setntacl_smbd_setposixacl_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f019f;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x00120089;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
# This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code
smbd.set_simple_acl(self.tempf, 0640)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
def test_setntacl_smbd_setposixacl_group_getntacl_smbd(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS)
simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f019f;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x00120089;;;BA)(A;;0x00120089;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)"
- setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
# This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code
- s3conf = s3param.get_context()
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
(BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid)
smbd.set_simple_acl(self.tempf, 0640, BA_gid)
# This should re-calculate an ACL based on the posix details
- facl = getntacl(lp,self.tempf, direct_db_access=False)
+ facl = getntacl(self.lp,self.tempf, direct_db_access=False)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid))
def test_setntacl_smbd_getntacl_smbd_gpo(self):
- lp = LoadParm()
acl = "O:DAG:DUD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
domsid = security.dom_sid("S-1-5-21-2212615479-2695158682-2101375467")
self.assertEquals(facl.as_sddl(domsid),acl)
def test_setntacl_getposixacl(self):
- lp = LoadParm()
acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)"
- setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
- facl = getntacl(lp, self.tempf)
+ setntacl(self.lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempf)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(facl.as_sddl(anysid),acl)
posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
def test_setposixacl_getposixacl(self):
- lp = LoadParm()
smbd.set_simple_acl(self.tempf, 0640)
posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
self.assertEquals(posix_acl.count, 4)
@@ -192,58 +178,58 @@ class PosixAclMappingTests(TestCaseInTempDir):
self.assertEquals(posix_acl.acl[3].a_perm, 6)
def test_setposixacl_getntacl(self):
- lp = LoadParm()
acl = ""
smbd.set_simple_acl(self.tempf, 0750)
try:
- facl = getntacl(lp, self.tempf)
+ facl = getntacl(self.lp, self.tempf)
self.assertTrue(False)
except TypeError:
# We don't expect the xattr to be filled in in this case
pass
def test_setposixacl_getntacl_smbd(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
group_SID = s4_passdb.gid_to_sid(os.stat(self.tempf).st_gid)
user_SID = s4_passdb.uid_to_sid(os.stat(self.tempf).st_uid)
smbd.set_simple_acl(self.tempf, 0640)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
def test_setposixacl_dir_getntacl_smbd(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
user_SID = s4_passdb.uid_to_sid(os.stat(self.tempdir).st_uid)
+ BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS)
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
+ (BA_id,BA_type) = s4_passdb.sid_to_id(BA_sid)
+ self.assertEquals(BA_type, idmap.ID_TYPE_BOTH)
+ SO_sid = security.dom_sid(security.SID_BUILTIN_SERVER_OPERATORS)
+ (SO_id,SO_type) = s4_passdb.sid_to_id(SO_sid)
+ self.assertEquals(SO_type, idmap.ID_TYPE_BOTH)
+ smbd.chown(self.tempdir, BA_id, SO_id)
smbd.set_simple_acl(self.tempdir, 0750)
- facl = getntacl(lp, self.tempdir, direct_db_access=False)
- acl = "O:%sG:BAD:(A;;0x001f01ff;;;%s)(A;;0x001200a9;;;BA)(A;;WO;;;WD)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;0x001f01ff;;;CG)(A;OICIIO;0x001f01ff;;;WD)" % (user_SID, user_SID)
+ facl = getntacl(self.lp, self.tempdir, direct_db_access=False)
+ acl = "O:BAG:SOD:(A;;0x001f01ff;;;BA)(A;;0x001200a9;;;SO)(A;;WO;;;WD)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;0x001f01ff;;;CG)(A;OICIIO;0x001f01ff;;;WD)"
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
def test_setposixacl_group_getntacl_smbd(self):
- lp = LoadParm()
BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS)
- s3conf = s3param.get_context()
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
(BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid)
group_SID = s4_passdb.gid_to_sid(os.stat(self.tempf).st_gid)
user_SID = s4_passdb.uid_to_sid(os.stat(self.tempf).st_uid)
self.assertEquals(BA_type, idmap.ID_TYPE_BOTH)
smbd.set_simple_acl(self.tempf, 0640, BA_gid)
- facl = getntacl(lp, self.tempf, direct_db_access=False)
+ facl = getntacl(self.lp, self.tempf, direct_db_access=False)
domsid = passdb.get_global_sam_sid()
acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;BA)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID)
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
def test_setposixacl_getposixacl(self):
- lp = LoadParm()
smbd.set_simple_acl(self.tempf, 0640)
posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
self.assertEquals(posix_acl.count, 4)
@@ -261,7 +247,6 @@ class PosixAclMappingTests(TestCaseInTempDir):
self.assertEquals(posix_acl.acl[3].a_perm, 7)
def test_setposixacl_dir_getposixacl(self):
- lp = LoadParm()
smbd.set_simple_acl(self.tempdir, 0750)
posix_acl = smbd.get_sys_acl(self.tempdir, smb_acl.SMB_ACL_TYPE_ACCESS)
self.assertEquals(posix_acl.count, 4)
@@ -279,10 +264,8 @@ class PosixAclMappingTests(TestCaseInTempDir):
self.assertEquals(posix_acl.acl[3].a_perm, 7)
def test_setposixacl_group_getposixacl(self):
- lp = LoadParm()
BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS)
- s3conf = s3param.get_context()
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
(BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid)
self.assertEquals(BA_type, idmap.ID_TYPE_BOTH)
smbd.set_simple_acl(self.tempf, 0670, BA_gid)
@@ -307,12 +290,10 @@ class PosixAclMappingTests(TestCaseInTempDir):
self.assertEquals(posix_acl.acl[4].a_perm, 7)
def test_setntacl_sysvol_check_getposixacl(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
acl = provision.SYSVOL_ACL
domsid = passdb.get_global_sam_sid()
- setntacl(lp, self.tempf,acl,str(domsid), use_ntvfs=False)
- facl = getntacl(lp, self.tempf)
+ setntacl(self.lp, self.tempf,acl,str(domsid), use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempf)
self.assertEquals(facl.as_sddl(domsid),acl)
posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
@@ -322,7 +303,7 @@ class PosixAclMappingTests(TestCaseInTempDir):
SY_sid = security.dom_sid(security.SID_NT_SYSTEM)
AU_sid = security.dom_sid(security.SID_NT_AUTHENTICATED_USERS)
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
# These assertions correct for current plugin_s4_dc selftest
# configuration. When other environments have a broad range of
@@ -427,12 +408,10 @@ class PosixAclMappingTests(TestCaseInTempDir):
def test_setntacl_sysvol_dir_check_getposixacl(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
acl = provision.SYSVOL_ACL
domsid = passdb.get_global_sam_sid()
- setntacl(lp, self.tempdir,acl,str(domsid), use_ntvfs=False)
- facl = getntacl(lp, self.tempdir)
+ setntacl(self.lp, self.tempdir,acl,str(domsid), use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempdir)
self.assertEquals(facl.as_sddl(domsid),acl)
posix_acl = smbd.get_sys_acl(self.tempdir, smb_acl.SMB_ACL_TYPE_ACCESS)
@@ -442,7 +421,7 @@ class PosixAclMappingTests(TestCaseInTempDir):
SY_sid = security.dom_sid(security.SID_NT_SYSTEM)
AU_sid = security.dom_sid(security.SID_NT_AUTHENTICATED_USERS)
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
# These assertions correct for current plugin_s4_dc selftest
# configuration. When other environments have a broad range of
@@ -506,12 +485,10 @@ class PosixAclMappingTests(TestCaseInTempDir):
def test_setntacl_policies_dir_check_getposixacl(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
acl = provision.POLICIES_ACL
domsid = passdb.get_global_sam_sid()
- setntacl(lp, self.tempdir,acl,str(domsid), use_ntvfs=False)
- facl = getntacl(lp, self.tempdir)
+ setntacl(self.lp, self.tempdir,acl,str(domsid), use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempdir)
self.assertEquals(facl.as_sddl(domsid),acl)
posix_acl = smbd.get_sys_acl(self.tempdir, smb_acl.SMB_ACL_TYPE_ACCESS)
@@ -522,7 +499,7 @@ class PosixAclMappingTests(TestCaseInTempDir):
AU_sid = security.dom_sid(security.SID_NT_AUTHENTICATED_USERS)
PA_sid = security.dom_sid(str(domsid)+"-"+str(security.DOMAIN_RID_POLICY_ADMINS))
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
# These assertions correct for current plugin_s4_dc selftest
# configuration. When other environments have a broad range of
@@ -594,13 +571,11 @@ class PosixAclMappingTests(TestCaseInTempDir):
def test_setntacl_policies_check_getposixacl(self):
- lp = LoadParm()
- s3conf = s3param.get_context()
acl = provision.POLICIES_ACL
domsid = passdb.get_global_sam_sid()
- setntacl(lp, self.tempf,acl,str(domsid), use_ntvfs=False)
- facl = getntacl(lp, self.tempf)
+ setntacl(self.lp, self.tempf, acl, str(domsid), use_ntvfs=False)
+ facl = getntacl(self.lp, self.tempf)
self.assertEquals(facl.as_sddl(domsid),acl)
posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS)
@@ -611,7 +586,7 @@ class PosixAclMappingTests(TestCaseInTempDir):
AU_sid = security.dom_sid(security.SID_NT_AUTHENTICATED_USERS)
PA_sid = security.dom_sid(str(domsid)+"-"+str(security.DOMAIN_RID_POLICY_ADMINS))
- s4_passdb = passdb.PDB(s3conf.get("passdb backend"))
+ s4_passdb = passdb.PDB(self.lp.get("passdb backend"))
# These assertions correct for current plugin_s4_dc selftest
# configuration. When other environments have a broad range of
@@ -729,9 +704,12 @@ class PosixAclMappingTests(TestCaseInTempDir):
super(PosixAclMappingTests, self).setUp()
s3conf = s3param.get_context()
s3conf.load(self.get_loadparm().configfile)
+ s3conf.set("xattr_tdb:file", os.path.join(self.tempdir,"xattr.tdb"))
+ self.lp = s3conf
self.tempf = os.path.join(self.tempdir, "test")
open(self.tempf, 'w').write("empty")
def tearDown(self):
smbd.unlink(self.tempf)
+ os.unlink(os.path.join(self.tempdir,"xattr.tdb"))
super(PosixAclMappingTests, self).tearDown()