diff options
-rw-r--r-- | source4/scripting/python/samba/tests/posixacl.py | 232 |
1 files changed, 62 insertions, 170 deletions
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py index 245047061a..5e10f8ddf8 100644 --- a/source4/scripting/python/samba/tests/posixacl.py +++ b/source4/scripting/python/samba/tests/posixacl.py @@ -21,7 +21,7 @@ from samba.ntacls import setntacl, getntacl, checkset_backend from samba.dcerpc import xattr, security, smb_acl, idmap from samba.param import LoadParm -from samba.tests import TestCase +from samba.tests import TestCaseInTempDir from samba import provision import random import os @@ -35,224 +35,148 @@ from samba.samba3 import param as s3param # print "uid: %d" % entry.uid # print "gid: %d" % entry.gid -class PosixAclMappingTests(TestCase): +class PosixAclMappingTests(TestCaseInTempDir): def test_setntacl(self): - random.seed() lp = LoadParm() - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp, tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) - smbd.unlink(tempf) + setntacl(lp, self.tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) def test_setntacl_smbd_getntacl(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) - facl = getntacl(lp,tempf, direct_db_access=True) + setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) + facl = getntacl(lp,self.tempf, direct_db_access=True) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(facl.as_sddl(anysid),acl) - smbd.unlink(tempf) def test_setntacl_smbd_setposixacl_getntacl(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) + setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) # This will invalidate the ACL, as we have a hook! - smbd.set_simple_acl(tempf, 0640) + smbd.set_simple_acl(self.tempf, 0640) # However, this only asks the xattr try: - facl = getntacl(lp,tempf, direct_db_access=True) + facl = getntacl(lp, self.tempf, direct_db_access=True) self.assertTrue(False) except TypeError: pass - smbd.unlink(tempf) def test_setntacl_invalidate_getntacl(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) # This should invalidate the ACL, as we include the posix ACL in the hash (backend_obj, dbname) = checkset_backend(lp, None, None) backend_obj.wrap_setxattr(dbname, - tempf, "system.fake_access_acl", "") + self.tempf, "system.fake_access_acl", "") #however, as this is direct DB access, we do not notice it - facl = getntacl(lp,tempf, direct_db_access=True) + facl = getntacl(lp, self.tempf, direct_db_access=True) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(acl, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setntacl_invalidate_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) # This should invalidate the ACL, as we include the posix ACL in the hash (backend_obj, dbname) = checkset_backend(lp, None, None) backend_obj.wrap_setxattr(dbname, - tempf, "system.fake_access_acl", "") + self.tempf, "system.fake_access_acl", "") #the hash would break, and we return an ACL based only on the mode, except we set the ACL using the 'ntvfs' mode that doesn't include a hash - facl = getntacl(lp,tempf) + facl = getntacl(lp, self.tempf) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(acl, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setntacl_smbd_invalidate_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x001200a9;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - os.chmod(tempf, 0750) - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + os.chmod(self.tempf, 0750) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) # This should invalidate the ACL, as we include the posix ACL in the hash (backend_obj, dbname) = checkset_backend(lp, None, None) backend_obj.wrap_setxattr(dbname, - tempf, "system.fake_access_acl", "") + self.tempf, "system.fake_access_acl", "") #the hash will break, and we return an ACL based only on the mode - facl = getntacl(lp,tempf, direct_db_access=False) + facl = getntacl(lp, self.tempf, direct_db_access=False) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setntacl_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) - facl = getntacl(lp,tempf, direct_db_access=False) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=True) + facl = getntacl(lp, self.tempf, direct_db_access=False) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(facl.as_sddl(anysid),acl) - smbd.unlink(tempf) def test_setntacl_smbd_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) - facl = getntacl(lp,tempf, direct_db_access=False) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + facl = getntacl(lp, self.tempf, direct_db_access=False) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(facl.as_sddl(anysid),acl) - smbd.unlink(tempf) def test_setntacl_smbd_setposixacl_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f019f;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x00120089;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) # This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code - smbd.set_simple_acl(tempf, 0640) - facl = getntacl(lp,tempf, direct_db_access=False) + smbd.set_simple_acl(self.tempf, 0640) + facl = getntacl(lp, self.tempf, direct_db_access=False) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setntacl_smbd_setposixacl_group_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS) simple_acl_from_posix = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;;0x001f019f;;;S-1-5-21-2212615479-2695158682-2101375467-512)(A;;0x00120089;;;BA)(A;;0x00120089;;;S-1-5-21-2212615479-2695158682-2101375467-513)(A;;WO;;;WD)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + setntacl(lp,self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) # This invalidates the hash of the NT acl just set because there is a hook in the posix ACL set code s3conf = s3param.get_context() s4_passdb = passdb.PDB(s3conf.get("passdb backend")) (BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid) - smbd.set_simple_acl(tempf, 0640, BA_gid) + smbd.set_simple_acl(self.tempf, 0640, BA_gid) # This should re-calculate an ACL based on the posix details - facl = getntacl(lp,tempf, direct_db_access=False) + facl = getntacl(lp,self.tempf, direct_db_access=False) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(simple_acl_from_posix, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setntacl_smbd_getntacl_smbd_gpo(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:DAG:DUD:P(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;EA)(A;OICIIO;0x001f01ff;;;CO)(A;OICI;0x001f01ff;;;DA)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU)(A;OICI;0x001200a9;;;ED)S:AI(OU;CIIDSA;WP;f30e3bbe-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)(OU;CIIDSA;WP;f30e3bbf-9ff0-11d1-b603-0000f80367c1;bf967aa5-0de6-11d0-a285-00aa003049e2;WD)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) - facl = getntacl(lp,tempf, direct_db_access=False) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + facl = getntacl(lp, self.tempf, direct_db_access=False) domsid = security.dom_sid("S-1-5-21-2212615479-2695158682-2101375467") self.assertEquals(facl.as_sddl(domsid),acl) - smbd.unlink(tempf) def test_setntacl_getposixacl(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) - facl = getntacl(lp,tempf) + setntacl(lp, self.tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467", use_ntvfs=False) + facl = getntacl(lp, self.tempf) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(facl.as_sddl(anysid),acl) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) - smbd.unlink(tempf) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) def test_setposixacl_getposixacl(self): - random.seed() lp = LoadParm() - path = None - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - smbd.set_simple_acl(tempf, 0640) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) + smbd.set_simple_acl(self.tempf, 0640) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) self.assertEquals(posix_acl.count, 4) self.assertEquals(posix_acl.acl[0].a_type, smb_acl.SMB_ACL_USER_OBJ) @@ -266,70 +190,50 @@ class PosixAclMappingTests(TestCase): self.assertEquals(posix_acl.acl[3].a_type, smb_acl.SMB_ACL_MASK) self.assertEquals(posix_acl.acl[3].a_perm, 6) - smbd.unlink(tempf) def test_setposixacl_getntacl(self): - random.seed() lp = LoadParm() acl = "" - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - smbd.set_simple_acl(tempf, 0750) + smbd.set_simple_acl(self.tempf, 0750) try: - facl = getntacl(lp,tempf) + facl = getntacl(lp, self.tempf) self.assertTrue(False) except TypeError: # We don't expect the xattr to be filled in in this case pass - smbd.unlink(tempf) def test_setposixacl_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") s3conf = s3param.get_context() s4_passdb = passdb.PDB(s3conf.get("passdb backend")) - group_SID = s4_passdb.gid_to_sid(os.stat(tempf).st_gid) - user_SID = s4_passdb.uid_to_sid(os.stat(tempf).st_uid) - smbd.set_simple_acl(tempf, 0640) - facl = getntacl(lp, tempf, direct_db_access=False) + group_SID = s4_passdb.gid_to_sid(os.stat(self.tempf).st_gid) + user_SID = s4_passdb.uid_to_sid(os.stat(self.tempf).st_uid) + smbd.set_simple_acl(self.tempf, 0640) + facl = getntacl(lp, self.tempf, direct_db_access=False) acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(acl, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setposixacl_group_getntacl_smbd(self): - random.seed() lp = LoadParm() - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS) s3conf = s3param.get_context() s4_passdb = passdb.PDB(s3conf.get("passdb backend")) (BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid) - group_SID = s4_passdb.gid_to_sid(os.stat(tempf).st_gid) - user_SID = s4_passdb.uid_to_sid(os.stat(tempf).st_uid) + group_SID = s4_passdb.gid_to_sid(os.stat(self.tempf).st_gid) + user_SID = s4_passdb.uid_to_sid(os.stat(self.tempf).st_uid) self.assertEquals(BA_type, idmap.ID_TYPE_BOTH) - smbd.set_simple_acl(tempf, 0640, BA_gid) - facl = getntacl(lp, tempf, direct_db_access=False) + smbd.set_simple_acl(self.tempf, 0640, BA_gid) + facl = getntacl(lp, self.tempf, direct_db_access=False) domsid = passdb.get_global_sam_sid() acl = "O:%sG:%sD:(A;;0x001f019f;;;%s)(A;;0x00120089;;;BA)(A;;0x00120089;;;%s)(A;;WO;;;WD)" % (user_SID, group_SID, user_SID, group_SID) anysid = security.dom_sid(security.SID_NT_SELF) self.assertEquals(acl, facl.as_sddl(anysid)) - smbd.unlink(tempf) def test_setposixacl_getposixacl(self): - random.seed() lp = LoadParm() - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") - smbd.set_simple_acl(tempf, 0640) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) + smbd.set_simple_acl(self.tempf, 0640) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) self.assertEquals(posix_acl.count, 4) self.assertEquals(posix_acl.acl[0].a_type, smb_acl.SMB_ACL_USER_OBJ) @@ -343,21 +247,16 @@ class PosixAclMappingTests(TestCase): self.assertEquals(posix_acl.acl[3].a_type, smb_acl.SMB_ACL_MASK) self.assertEquals(posix_acl.acl[3].a_perm, 6) - smbd.unlink(tempf) def test_setposixacl_group_getposixacl(self): - random.seed() lp = LoadParm() - path = os.environ['SELFTEST_PREFIX'] - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS) s3conf = s3param.get_context() s4_passdb = passdb.PDB(s3conf.get("passdb backend")) (BA_gid,BA_type) = s4_passdb.sid_to_id(BA_sid) self.assertEquals(BA_type, idmap.ID_TYPE_BOTH) - smbd.set_simple_acl(tempf, 0670, BA_gid) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) + smbd.set_simple_acl(self.tempf, 0670, BA_gid) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) self.assertEquals(posix_acl.count, 5) @@ -376,22 +275,16 @@ class PosixAclMappingTests(TestCase): self.assertEquals(posix_acl.acl[4].a_type, smb_acl.SMB_ACL_MASK) self.assertEquals(posix_acl.acl[4].a_perm, 6) - smbd.unlink(tempf) def test_setntacl_sysvol_check_getposixacl(self): - random.seed() lp = LoadParm() s3conf = s3param.get_context() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = provision.SYSVOL_ACL - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") domsid = passdb.get_global_sam_sid() - setntacl(lp,tempf,acl,str(domsid), use_ntvfs=False) - facl = getntacl(lp,tempf) + setntacl(lp, self.tempf,acl,str(domsid), use_ntvfs=False) + facl = getntacl(lp, self.tempf) self.assertEquals(facl.as_sddl(domsid),acl) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) LA_sid = security.dom_sid(str(domsid)+"-"+str(security.DOMAIN_RID_ADMINISTRATOR)) BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS) @@ -502,22 +395,17 @@ class PosixAclMappingTests(TestCase): # - smbd.unlink(tempf) def test_setntacl_policies_check_getposixacl(self): - random.seed() lp = LoadParm() s3conf = s3param.get_context() - path = None - path = os.environ['SELFTEST_PREFIX'] acl = provision.POLICIES_ACL - tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) - open(tempf, 'w').write("empty") + domsid = passdb.get_global_sam_sid() - setntacl(lp,tempf,acl,str(domsid), use_ntvfs=False) - facl = getntacl(lp,tempf) + setntacl(lp, self.tempf,acl,str(domsid), use_ntvfs=False) + facl = getntacl(lp, self.tempf) self.assertEquals(facl.as_sddl(domsid),acl) - posix_acl = smbd.get_sys_acl(tempf, smb_acl.SMB_ACL_TYPE_ACCESS) + posix_acl = smbd.get_sys_acl(self.tempf, smb_acl.SMB_ACL_TYPE_ACCESS) LA_sid = security.dom_sid(str(domsid)+"-"+str(security.DOMAIN_RID_ADMINISTRATOR)) BA_sid = security.dom_sid(security.SID_BUILTIN_ADMINISTRATORS) @@ -640,9 +528,13 @@ class PosixAclMappingTests(TestCase): # - smbd.unlink(tempf) - def setUp(self): super(PosixAclMappingTests, self).setUp() s3conf = s3param.get_context() s3conf.load(self.get_loadparm().configfile) + self.tempf = os.path.join(self.tempdir, "test") + open(self.tempf, 'w').write("empty") + + def tearDown(self): + smbd.unlink(self.tempf) + super(PosixAclMappingTests, self).tearDown() |