diff options
| -rwxr-xr-x | source4/lib/ldb/tests/python/acl.py | 2 | ||||
| -rwxr-xr-x | source4/lib/ldb/tests/python/ldap.py | 41 | ||||
| -rw-r--r-- | source4/scripting/python/samba/ms_schema.py | 26 | ||||
| -rw-r--r-- | source4/scripting/python/samba/tests/ntacls.py | 155 | ||||
| -rw-r--r-- | source4/scripting/python/samba/upgrade.py | 6 |
5 files changed, 106 insertions, 124 deletions
diff --git a/source4/lib/ldb/tests/python/acl.py b/source4/lib/ldb/tests/python/acl.py index e4c531af30..4f320ee668 100755 --- a/source4/lib/ldb/tests/python/acl.py +++ b/source4/lib/ldb/tests/python/acl.py @@ -86,7 +86,7 @@ class AclTests(unittest.TestCase): def modify_desc(self, object_dn, desc): """ Modify security descriptor using either SDDL string or security.descriptor object - """ + """ assert(isinstance(desc, str) or isinstance(desc, security.descriptor)) mod = """ dn: """ + object_dn + """ diff --git a/source4/lib/ldb/tests/python/ldap.py b/source4/lib/ldb/tests/python/ldap.py index 5e840308b3..8deb1a64e1 100755 --- a/source4/lib/ldb/tests/python/ldap.py +++ b/source4/lib/ldb/tests/python/ldap.py @@ -54,6 +54,7 @@ lp = sambaopts.get_loadparm() creds = credopts.get_credentials(lp) class BasicTests(unittest.TestCase): + def delete_force(self, ldb, dn): try: ldb.delete(dn) @@ -78,7 +79,7 @@ class BasicTests(unittest.TestCase): def find_domain_sid(self): res = self.ldb.search(base=self.base_dn, expression="(objectClass=*)", scope=SCOPE_BASE) - return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) + return ndr_unpack( security.dom_sid,res[0]["objectSid"][0]) def setUp(self): self.ldb = ldb @@ -971,24 +972,24 @@ objectClass: container "cn": "LDAPtestCOMPUTER3" }) - print "Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))"; + print "Testing ldb.search for (&(cn=ldaptestcomputer3)(objectClass=user))"; res = ldb.search(self.base_dn, expression="(&(cn=ldaptestcomputer3)(objectClass=user))"); self.assertEquals(len(res), 1, "Found only %d for (&(cn=ldaptestcomputer3)(objectClass=user))" % len(res)) - self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer3,CN=Computers," + self.base_dn)); - self.assertEquals(res[0]["cn"][0], "ldaptestcomputer3"); - self.assertEquals(res[0]["name"][0], "ldaptestcomputer3"); - self.assertEquals(res[0]["objectClass"][0], "top"); - self.assertEquals(res[0]["objectClass"][1], "person"); - self.assertEquals(res[0]["objectClass"][2], "organizationalPerson"); - self.assertEquals(res[0]["objectClass"][3], "user"); - self.assertEquals(res[0]["objectClass"][4], "computer"); + self.assertEquals(str(res[0].dn), ("CN=ldaptestcomputer3,CN=Computers," + self.base_dn)); + self.assertEquals(res[0]["cn"][0], "ldaptestcomputer3"); + self.assertEquals(res[0]["name"][0], "ldaptestcomputer3"); + self.assertEquals(res[0]["objectClass"][0], "top"); + self.assertEquals(res[0]["objectClass"][1], "person"); + self.assertEquals(res[0]["objectClass"][2], "organizationalPerson"); + self.assertEquals(res[0]["objectClass"][3], "user"); + self.assertEquals(res[0]["objectClass"][4], "computer"); self.assertTrue("objectGUID" in res[0]) self.assertTrue("whenCreated" in res[0]) - self.assertEquals(res[0]["objectCategory"][0], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)); - self.assertEquals(int(res[0]["primaryGroupID"][0]), 513); - self.assertEquals(int(res[0]["sAMAccountType"][0]), ATYPE_NORMAL_ACCOUNT); - self.assertEquals(int(res[0]["userAccountControl"][0]), UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD | UF_ACCOUNTDISABLE); + self.assertEquals(res[0]["objectCategory"][0], ("CN=Computer,CN=Schema,CN=Configuration," + self.base_dn)); + self.assertEquals(int(res[0]["primaryGroupID"][0]), 513); + self.assertEquals(int(res[0]["sAMAccountType"][0]), ATYPE_NORMAL_ACCOUNT); + self.assertEquals(int(res[0]["userAccountControl"][0]), UF_NORMAL_ACCOUNT | UF_PASSWD_NOTREQD | UF_ACCOUNTDISABLE); self.delete_force(self.ldb, "cn=ldaptestcomputer3,cn=computers," + self.base_dn) @@ -1224,24 +1225,24 @@ servicePrincipalName: host/ldaptest2computer29 self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3") self.assertEquals(str(res[0]["name"]), "ldaptestUSER3") - #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))" - res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))") + #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))" + res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))") self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=*))(objectClass=user))") self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn)) self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3") self.assertEquals(str(res[0]["name"]), "ldaptestUSER3") - #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))" - res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))") + #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))" + res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))") self.assertEquals(len(res), 1, "(&(&(cn=ldaptestuser3)(userAccountControl=546))(objectClass=user))") self.assertEquals(str(res[0].dn), ("CN=ldaptestUSER3,CN=Users," + self.base_dn)) self.assertEquals(str(res[0]["cn"]), "ldaptestUSER3") self.assertEquals(str(res[0]["name"]), "ldaptestUSER3") - #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))" - res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))") + #"Testing ldb.search for (&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))" + res = ldb.search(expression="(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))") self.assertEquals(len(res), 0, "(&(&(cn=ldaptestuser3)(userAccountControl=547))(objectClass=user))") # This is a Samba special, and does not exist in real AD diff --git a/source4/scripting/python/samba/ms_schema.py b/source4/scripting/python/samba/ms_schema.py index 9f5ebcf8cc..2c773bd005 100644 --- a/source4/scripting/python/samba/ms_schema.py +++ b/source4/scripting/python/samba/ms_schema.py @@ -34,19 +34,19 @@ bitFields["searchflags"] = { # ADTS: 2.2.10 bitFields["systemflags"] = { - 'FLAG_ATTR_NOT_REPLICATED': 31, 'FLAG_CR_NTDS_NC': 31, # NR - 'FLAG_ATTR_REQ_PARTIAL_SET_MEMBER': 30, 'FLAG_CR_NTDS_DOMAIN': 30, # PS - 'FLAG_ATTR_IS_CONSTRUCTED': 29, 'FLAG_CR_NTDS_NOT_GC_REPLICATED': 29, # CS - 'FLAG_ATTR_IS_OPERATIONAL': 28, # OP - 'FLAG_SCHEMA_BASE_OBJECT': 27, # BS - 'FLAG_ATTR_IS_RDN': 26, # RD - 'FLAG_DISALLOW_MOVE_ON_DELETE': 6, # DE - 'FLAG_DOMAIN_DISALLOW_MOVE': 5, # DM - 'FLAG_DOMAIN_DISALLOW_RENAME': 4, # DR - 'FLAG_CONFIG_ALLOW_LIMITED_MOVE': 3, # AL - 'FLAG_CONFIG_ALLOW_MOVE': 2, # AM - 'FLAG_CONFIG_ALLOW_RENAME': 1, # AR - 'FLAG_DISALLOW_DELETE': 0 # DD + 'FLAG_ATTR_NOT_REPLICATED': 31, 'FLAG_CR_NTDS_NC': 31, # NR + 'FLAG_ATTR_REQ_PARTIAL_SET_MEMBER': 30, 'FLAG_CR_NTDS_DOMAIN': 30, # PS + 'FLAG_ATTR_IS_CONSTRUCTED': 29, 'FLAG_CR_NTDS_NOT_GC_REPLICATED': 29, # CS + 'FLAG_ATTR_IS_OPERATIONAL': 28, # OP + 'FLAG_SCHEMA_BASE_OBJECT': 27, # BS + 'FLAG_ATTR_IS_RDN': 26, # RD + 'FLAG_DISALLOW_MOVE_ON_DELETE': 6, # DE + 'FLAG_DOMAIN_DISALLOW_MOVE': 5, # DM + 'FLAG_DOMAIN_DISALLOW_RENAME': 4, # DR + 'FLAG_CONFIG_ALLOW_LIMITED_MOVE': 3, # AL + 'FLAG_CONFIG_ALLOW_MOVE': 2, # AM + 'FLAG_CONFIG_ALLOW_RENAME': 1, # AR + 'FLAG_DISALLOW_DELETE': 0 # DD } # ADTS: 2.2.11 diff --git a/source4/scripting/python/samba/tests/ntacls.py b/source4/scripting/python/samba/tests/ntacls.py index 0add258a3e..c8476dbcc8 100644 --- a/source4/scripting/python/samba/tests/ntacls.py +++ b/source4/scripting/python/samba/tests/ntacls.py @@ -26,94 +26,75 @@ import os class NtaclsTests(TestCase): - def test_setntacl(self): - random.seed() - lp=LoadParm() - path=None - try: - path=os.environ['SELFTEST_PREFIX'] - except: - self.assertTrue(path!=None, "SELFTEST_PREFIX env not set") - acl="O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf=os.path.join(path,"pytests"+str(int(100000*random.random()))) - ntacl=xattr.NTACL() - ntacl.version = 1 - open(tempf, 'w').write("empty") - lp.set("posix:eadb",os.path.join(path,"eadbtest.tdb")) - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467") - os.unlink(tempf) + def test_setntacl(self): + random.seed() + lp = LoadParm() + path = os.environ['SELFTEST_PREFIX'] + acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" + tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) + ntacl = xattr.NTACL() + ntacl.version = 1 + open(tempf, 'w').write("empty") + lp.set("posix:eadb",os.path.join(path,"eadbtest.tdb")) + setntacl(lp, tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467") + os.unlink(tempf) - def test_setntacl_getntacl(self): - random.seed() - lp=LoadParm() - path=None - try: - path=os.environ['SELFTEST_PREFIX'] - except: - self.assertTrue(path!=None, "SELFTEST_PREFIX env not set") - acl="O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - tempf=os.path.join(path,"pytests"+str(int(100000*random.random()))) - ntacl=xattr.NTACL() - ntacl.version = 1 - open(tempf, 'w').write("empty") - lp.set("posix:eadb",os.path.join(path,"eadbtest.tdb")) - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467") - facl=getntacl(lp,tempf) - anysid=security.dom_sid(security.SID_NT_SELF) - self.assertEquals(facl.info.as_sddl(anysid),acl) - os.unlink(tempf) + def test_setntacl_getntacl(self): + random.seed() + lp = LoadParm() + path = None + path = os.environ['SELFTEST_PREFIX'] + acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" + tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) + ntacl = xattr.NTACL() + ntacl.version = 1 + open(tempf, 'w').write("empty") + lp.set("posix:eadb",os.path.join(path,"eadbtest.tdb")) + setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467") + facl = getntacl(lp,tempf) + anysid = security.dom_sid(security.SID_NT_SELF) + self.assertEquals(facl.info.as_sddl(anysid),acl) + os.unlink(tempf) - def test_setntacl_getntacl_param(self): - random.seed() - lp=LoadParm() - acl="O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - path=None - try: - path=os.environ['SELFTEST_PREFIX'] - except: - self.assertTrue(path!=None, "SELFTEST_PREFIX env not set") - tempf=os.path.join(path,"pytests"+str(int(100000*random.random()))) - ntacl=xattr.NTACL() - ntacl.version = 1 - open(tempf, 'w').write("empty") - setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467","tdb",os.path.join(path,"eadbtest.tdb")) - facl=getntacl(lp,tempf,"tdb",os.path.join(path,"eadbtest.tdb")) - domsid=security.dom_sid(security.SID_NT_SELF) - self.assertEquals(facl.info.as_sddl(domsid),acl) - os.unlink(tempf) + def test_setntacl_getntacl_param(self): + random.seed() + lp = LoadParm() + acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" + path = os.environ['SELFTEST_PREFIX'] + tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) + ntacl = xattr.NTACL() + ntacl.version = 1 + open(tempf, 'w').write("empty") + setntacl(lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467","tdb",os.path.join(path,"eadbtest.tdb")) + facl=getntacl(lp,tempf,"tdb",os.path.join(path,"eadbtest.tdb")) + domsid=security.dom_sid(security.SID_NT_SELF) + self.assertEquals(facl.info.as_sddl(domsid),acl) + os.unlink(tempf) - def test_setntacl_invalidbackend(self): - random.seed() - lp=LoadParm() - acl="O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - path=None - try: - path=os.environ['SELFTEST_PREFIX'] - except: - self.assertTrue(path!=None, "SELFTEST_PREFIX env not set") - tempf=os.path.join(path,"pytests"+str(int(100000*random.random()))) - ntacl=xattr.NTACL() - ntacl.version = 1 - open(tempf, 'w').write("empty") - self.assertRaises(XattrBackendError,setntacl,lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467","ttdb",os.path.join(path,"eadbtest.tdb")) - - def test_setntacl_forcenative(self): - if os.getuid() != 0: - random.seed() - lp=LoadParm() - acl="O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" - path=None - try: - path=os.environ['SELFTEST_PREFIX'] - except: - self.assertTrue(path!=None, "SELFTEST_PREFIX env not set") - tempf=os.path.join(path,"pytests"+str(int(100000*random.random()))) - ntacl=xattr.NTACL() - ntacl.version = 1 - open(tempf, 'w').write("empty") - lp.set("posix:eadb",os.path.join(path,"eadbtest.tdb")) - self.assertRaises(Exception,setntacl,lp,tempf,acl,"S-1-5-21-2212615479-2695158682-2101375467","native") - os.unlink(tempf) - else: - print "Running test as root, test skipped" + def test_setntacl_invalidbackend(self): + random.seed() + lp = LoadParm() + acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" + path = os.environ['SELFTEST_PREFIX'] + tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) + ntacl = xattr.NTACL() + ntacl.version = 1 + open(tempf, 'w').write("empty") + self.assertRaises(XattrBackendError, setntacl, lp, tempf, acl, "S-1-5-21-2212615479-2695158682-2101375467","ttdb", os.path.join(path,"eadbtest.tdb")) + def test_setntacl_forcenative(self): + if os.getuid() != 0: + random.seed() + lp = LoadParm() + acl = "O:S-1-5-21-2212615479-2695158682-2101375467-512G:S-1-5-21-2212615479-2695158682-2101375467-513D:(A;OICI;0x001f01ff;;;S-1-5-21-2212615479-2695158682-2101375467-512)" + path = os.environ['SELFTEST_PREFIX'] + tempf = os.path.join(path,"pytests"+str(int(100000*random.random()))) + ntacl = xattr.NTACL() + ntacl.version = 1 + open(tempf, 'w').write("empty") + lp.set("posix:eadb", os.path.join(path,"eadbtest.tdb")) + self.assertRaises(Exception, setntacl, lp, tempf ,acl, + "S-1-5-21-2212615479-2695158682-2101375467","native") + os.unlink(tempf) + else: + print "Running test as root, test skipped" diff --git a/source4/scripting/python/samba/upgrade.py b/source4/scripting/python/samba/upgrade.py index a2c78de4cf..b20cecf77d 100644 --- a/source4/scripting/python/samba/upgrade.py +++ b/source4/scripting/python/samba/upgrade.py @@ -1,8 +1,8 @@ #!/usr/bin/python # -# backend code for upgrading from Samba3 -# Copyright Jelmer Vernooij 2005-2007 -# Released under the GNU GPL v3 or later +# backend code for upgrading from Samba3 +# Copyright Jelmer Vernooij 2005-2007 +# Released under the GNU GPL v3 or later # """Support code for upgrading from Samba 3 to Samba 4.""" |