diff options
29 files changed, 1521 insertions, 119 deletions
diff --git a/testsuite/config/env.exp b/testsuite/config/env.exp deleted file mode 100644 index 503d058c3f..0000000000 --- a/testsuite/config/env.exp +++ /dev/null @@ -1,26 +0,0 @@ -# -# Load environment variables -# - -# Domain set through environment variable - -catch {set domain "$env(TEST_WORKGROUP)"} tmp - -if {[regexp "^can't read" $tmp]} { - error "Environment variable \$TEST_WORKGROUP not set" -} - -# NT user and server - -catch {set ntserver "$env(TEST_NTSERVER)"} tmp - -if {[regexp "^can't read" $tmp]} { - error "Environment variable \$TEST_NTSERVER not set" -} - -catch {set ntuser "$env(TEST_NTUSER)"} tmp - -if {[regexp "^can't read" $tmp]} { - error "Environment variable \$TEST_NTUSER not set" -} - diff --git a/testsuite/lib/compile.exp b/testsuite/lib/compile.exp index 6e79d431ea..070498d958 100644 --- a/testsuite/lib/compile.exp +++ b/testsuite/lib/compile.exp @@ -23,6 +23,7 @@ # Compile a program consisting of one .c file. For example # simple_compile "foo" will compile foo.c to the executable foo.exe +# Use a second argument to specify link libraries. proc simple_compile { args } { global srcdir @@ -31,8 +32,19 @@ proc simple_compile { args } { # Compile up program set program [lindex $args 0] - set output [target_compile "$srcdir/$subdir/$program.c" \ - "$srcdir/$subdir/$program" executable {additional_flags="-g"}] + set libs [lindex $args 1] + + if { $libs == "" } { + + set output [target_compile "$srcdir/$subdir/$program.c" \ + "$srcdir/$subdir/$program" executable \ + {additional_flags="-g"}] + } else { + + set output [target_compile "$srcdir/$subdir/$program.c" \ + "$srcdir/$subdir/$program" executable \ + [list libs=$libs additional_flags="-g"]] + } # Check for errors @@ -54,13 +66,14 @@ proc simple_make { args } { set suffix [lindex $args 0] set program [lindex $args 1] - set output [system "make -C $srcdir/$subdir -f Makefile.$suffix $program"] + set output [util_start "make" \ + "-C $srcdir/$subdir -f Makefile.$suffix $program"] # Check for errors if { [regexp "Error" $output] } { - perror "make $program" - puts $output - return -1 + perror "make $program" + puts $output + return -1 } } diff --git a/testsuite/config/default-nt-names.exp b/testsuite/lib/default-nt-names.exp index 4a868e71bc..5d01d2a5bb 100644 --- a/testsuite/config/default-nt-names.exp +++ b/testsuite/lib/default-nt-names.exp @@ -1,7 +1,10 @@ # -# A list of default domain/local users/groups +# A list of default domain/local users/groups. Unfortunately this is tied +# to the English language version of Windows NT. # +global domain + # Domain users and groups set domain_users [list "$domain/Administrator" "$domain/Guest"] diff --git a/testsuite/lib/nsswitch-config.exp b/testsuite/lib/nsswitch-config.exp new file mode 100644 index 0000000000..38342685df --- /dev/null +++ b/testsuite/lib/nsswitch-config.exp @@ -0,0 +1,21 @@ +# +# Load environment variables +# + +global tool + +if { [file exists "deja-$tool.tcl"] } { + source "deja-$tool.tcl" +} + +# Required options + +if { ![info exists WORKGROUP] } { + error "\$WORKGROUP not set in config file" +} + +if { ![info exists PDC] } { + error "\$PDC not set in config file" +} + +set domain $WORKGROUP diff --git a/testsuite/nsswitch/.cvsignore b/testsuite/nsswitch/.cvsignore new file mode 100644 index 0000000000..1c30875a88 --- /dev/null +++ b/testsuite/nsswitch/.cvsignore @@ -0,0 +1,12 @@ +initgroups +nss_winbind_syms +getgrent_r +getgrgid +getgrnam +getpwent_r +getpwnam +wbtorture +leaktest? +getpwuid +getent_pwent +getent_grent diff --git a/testsuite/nsswitch/Makefile.longarg b/testsuite/nsswitch/Makefile.longarg new file mode 100644 index 0000000000..6cc7ef8306 --- /dev/null +++ b/testsuite/nsswitch/Makefile.longarg @@ -0,0 +1,5 @@ +# +# Makefile for null tests +# + +longarg_getpwnam: longarg_getpwnam.o
\ No newline at end of file diff --git a/testsuite/nsswitch/bigfd.exp b/testsuite/nsswitch/bigfd.exp index bda1a6db6c..62fc9ea7f3 100644 --- a/testsuite/nsswitch/bigfd.exp +++ b/testsuite/nsswitch/bigfd.exp @@ -3,9 +3,10 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -pass "bigfd" +# Unimplemented - eek! + +untested "bigfd" return # Compile bigfd.c diff --git a/testsuite/nsswitch/envvar.exp b/testsuite/nsswitch/envvar.exp new file mode 100644 index 0000000000..134a8b37a8 --- /dev/null +++ b/testsuite/nsswitch/envvar.exp @@ -0,0 +1,282 @@ +# +# @(#) Test operation of WINBINDD_DOMAIN environment variable +# + +load_lib "util-defs.exp" +load_lib "$srcdir/lib/nsswitch-config.exp" + +# +# @(#) Test that there is at least one domain user and domain group +# @(#) in the output of getent passwd and getent group. +# + +# Get list of users and groups + +set user_list [util_start "getent passwd"] +set group_list [util_start "getent group"] + +verbose "user list is:\n$user_list" +verbose "group list is:\n$group_list" + +# Check for domain users + +set no_dom 0 + +if { ![regexp "$domain/" $user_list] } { + fail "no domain users in getent" + set no_dom 1 +} + +# Check for domain groups + +if { ![regexp "$domain/" $group_list] } { + fail "no domain groups in getent group" + set no_dom 1 +} + +if { $no_dom } { + return +} + +# +# @(#) Check for "leakage" between different domains using the +# @(#) WINBINDD_DOMAIN environment variable. +# + +verbose "Domain is $domain" + +set output [util_start "bin/wbinfo" "-m"] +verbose "Trusted domains are $output" +set trusted_domain_list [split $output "\n"] + +# Test simple inclusion by setting $WINBINDD_DOMAIN to each trusted domain +# in turn and checking there are no users/groups from other domains in the +# output of getent. + +set domain_list $trusted_domain_list +lappend domain_list $domain + +foreach { the_domain } $domain_list { + + set env(WINBINDD_DOMAIN) $the_domain + + set user_out [util_start "getent passwd"] + set group_out [util_start "getent group"] + + verbose "users in $the_domain:\n$user_out\n" + verbose "groups in $the_domain:\n$group_out\n" + + # Users + + set test_desc "users in WINBINDD_DOMAIN $the_domain" + set failed 0 + + foreach { user } [split $user_out "\n"] { + set user_name [lindex [split $user ":"] 0] + if { [regexp "/" $user_name] && ![regexp $the_domain $user_name]} { + set failed 1 + } + } + + if { $failed } { + fail $test_desc + } else { + pass $test_desc + } + + # Groups + + set test_desc "groups in WINBINDD_DOMAIN $the_domain" + set failed 0 + + foreach { group } [split $group_out "\n"] { + set group_name [lindex [split $group ":"] 0] + if { [regexp "/" $group_name] && ![regexp $the_domain $group_name]} { + set failed 1 + } + } + + if { $failed } { + fail $test_desc + } else { + pass $test_desc + } +} + +# +# @(#) Test inclusion of a dummy domain doesn't generate users/groups +# @(#) from that domain. +# + +set env(WINBINDD_DOMAIN) "asmithee" +set user_out [util_start "getent passwd"] +set group_out [util_start "getent group"] + +# Users + +set test_desc "users in different WINBINDD_DOMAIN" +if { [regexp $domain $user_out] } { + fail $test_desc +} else { + pass $test_desc +} + +# Groups + +set test_desc "groups in different WINBINDD_DOMAIN" +if { [regexp $domain $group_out] } { + fail $test_desc +} else { + pass $test_desc +} + +# +# @(#) Test comma separated inclusion of dummy domain doesn't generate +# @(#) users/groups in the dummy domain. +# + +foreach { the_domain } $domain_list { + set env(WINBINDD_DOMAIN) "$the_domain,asmithee" + set user_out [util_start "getent passwd"] + set group_out [util_start "getent group"] + + verbose "users in $the_domain:\n$user_out\n" + verbose "groups in $the_domain:\n$group_out\n" + + # Users + + set test_desc "users in comma separated WINBINDD_DOMAIN $the_domain" + set failed 0 + + foreach { user } [split $user_out "\n"] { + set user_name [lindex [split $user ":"] 0] + if { [regexp "/" $user_name] && ![regexp $the_domain $user_name]} { + set failed 1 + } + } + + if { $failed } { + fail $test_desc + } else { + pass $test_desc + } + + # Groups + + set test_desc "groups in comma separated WINBINDD_DOMAIN $the_domain" + set failed 0 + + foreach { group } [split $group_out "\n"] { + set group_name [lindex [split $group ":"] 0] + if { [regexp "/" $group_name] && ![regexp $the_domain $group_name]} { + set failed 1 + } + } + + if { $failed } { + fail $test_desc + } else { + pass $test_desc + } +} + +# +# @(#) Test two comma separated dummy domains do not generate any domain +# @(#) users or groups. +# + +foreach { the_domain } $domain_list { + + set env(WINBINDD_DOMAIN) "moose,asmithee" + set user_out [util_start "getent passwd"] + set group_out [util_start "getent group"] + + verbose "users in $the_domain:\n$user_out\n" + verbose "groups in $the_domain:\n$group_out\n" + + # Users + + set test_desc "users in comma separated invalid WINBINDD_DOMAIN" + if { [regexp $the_domain $user_out] } { + fail $test_desc + } else { + pass $test_desc + } + + # Groups + + set test_desc "groups in comma separated invalid WINBINDD_DOMAIN" + if { [regexp $the_domain $group_out] } { + fail $test_desc + } else { + pass $test_desc + } +} + +set env(WINBINDD_DOMAIN) "" + +# +# @(#) Test _NO_WINBINDD doesn't return any domain users or groups +# + +set env(_NO_WINBINDD) "1" +set user_out [util_start "getent passwd"] +set group_out [util_start "getent group"] + +verbose "users with _NO_WINBINDD:\n$user_out\n" +verbose "groups with _NO_WINBINDD:\n$group_out\n" + +foreach { the_domain } $domain_list { + + # Users + + set test_desc "users found with _NO_WINBINDD environment variable set" + if { [regexp $the_domain $user_out] } { + fail $test_desc + } else { + pass $test_desc + } + + # Groups + + set test_desc "groups found with _NO_WINBINDD environment variable set" + if { [regexp $the_domain $group_out] } { + fail $test_desc + } else { + pass $test_desc + } +} + +# Unset _NO_WINBINDD and make sure everything still works + +unset env(_NO_WINBINDD) + +set user_out [util_start "getent passwd"] +set group_out [util_start "getent group"] + +verbose "users with _NO_WINBINDD unset:\n$user_out\n" +verbose "groups with _NO_WINBINDD unset:\n$group_out\n" + +# Users + +set test_desc "no users found with _NO_WINBINDD environment variable set" +if { $user_out != $user_list } { + fail $test_desc +} else { + pass $test_desc +} + +# Groups + +set test_desc "no groups found with _NO_WINBINDD environment variable set" +if { $group_out != $group_list } { + fail $test_desc +} else { + pass $test_desc +} + +# Make sure we unset the environment vars so we don't cause subsequent tests +# any grief. + +catch { unset env(WINBINDD_DOMAIN) } tmp +catch { unset env(_NO_WINBINDD) } tmp diff --git a/testsuite/nsswitch/finger.exp b/testsuite/nsswitch/finger.exp index 8a57f1c809..ab3b28f58f 100644 --- a/testsuite/nsswitch/finger.exp +++ b/testsuite/nsswitch/finger.exp @@ -3,23 +3,37 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" -# Look up domain users using finger. This should test getpwnam() +set output [util_start "bin/wbinfo" "-u"] +if { [regexp "Error" $output] } { + fail "error running wbinfo" + return +} + +set user_list [split $output "\n"] + +# Look up all users using finger. This should test getpwnam() -foreach { user } $domain_users { - if {[util_test "finger" "-m $user" "" "no such user"] < 1} { +foreach { user } $user_list { + set output [util_start "finger" "-m $user" "" "no such user"] + verbose $output + + if { [regexp "no such user" $output] } { fail "finger -m $user" } else { pass "finger -m $user" } } +verbose "testing finger -m" + # Run finger without the -m to also test set/get/endpwent() -foreach { user } $domain_users { - if {[util_test "finger" "$user" "" "no such user"] < 1} { +foreach { user } $user_list { + set output [util_start "finger" "-m $user"] + verbose $output + + if { [regexp "no such user" $output] } { fail "finger $user" } else { pass "finger $user" diff --git a/testsuite/nsswitch/getent.c b/testsuite/nsswitch/getent.c new file mode 100644 index 0000000000..b4c4e50c6f --- /dev/null +++ b/testsuite/nsswitch/getent.c @@ -0,0 +1,151 @@ +/* Cut down version of getent which only returns passwd and group database + entries and seems to compile on most systems without too much fuss. + Original copyright notice below. */ + +/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc. + This file is part of the GNU C Library. + Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If not, + write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + +#include <stdio.h> +#include <pwd.h> +#include <grp.h> + +group_keys (int number, char *key[]) +{ + int result = 0; + int i; + + for (i = 0; i < number; ++i) + { + struct group *grp; + + if (isdigit (key[i][0])) + grp = getgrgid (atol (key[i])); + else + grp = getgrnam (key[i]); + + if (grp == NULL) + result = 2; + else + print_group (grp); + } + + return result; +} + +passwd_keys (int number, char *key[]) +{ + int result = 0; + int i; + + for (i = 0; i < number; ++i) + { + struct passwd *pwd; + + if (isdigit (key[i][0])) + pwd = getpwuid (atol (key[i])); + else + pwd = getpwnam (key[i]); + + if (pwd == NULL) + result = 2; + else + print_passwd (pwd); + } + + return result; +} + +print_group (struct group *grp) +{ + unsigned int i = 0; + + printf ("%s:%s:%ld:", grp->gr_name ? grp->gr_name : "", + grp->gr_passwd ? grp->gr_passwd : "", + (unsigned long)grp->gr_gid); + + while (grp->gr_mem[i] != NULL) + { + fputs (grp->gr_mem[i], stdout); + ++i; + if (grp->gr_mem[i] != NULL) + fputs (",", stdout); + } + fputs ("\n", stdout); +} + +print_passwd (struct passwd *pwd) +{ + printf ("%s:%s:%ld:%ld:%s:%s:%s\n", + pwd->pw_name ? pwd->pw_name : "", + pwd->pw_passwd ? pwd->pw_passwd : "", + (unsigned long)pwd->pw_uid, + (unsigned long)pwd->pw_gid, + pwd->pw_gecos ? pwd->pw_gecos : "", + pwd->pw_dir ? pwd->pw_dir : "", + pwd->pw_shell ? pwd->pw_shell : ""); +} + +int main(int argc, char **argv) +{ + switch(argv[1][0]) + { + case 'g': /* group */ + if (strcmp (argv[1], "group") == 0) + { + if (argc == 2) + { + struct group *grp; + + setgrent (); + while ((grp = getgrent()) != NULL) + print_group (grp); + endgrent (); + } + else + return group_keys (argc - 2, &argv[2]); + } + else + goto error; + break; + + case 'p': /* passwd, protocols */ + if (strcmp (argv[1], "passwd") == 0) + { + if (argc == 2) + { + struct passwd *pwd; + + setpwent (); + while ((pwd = getpwent()) != NULL) + print_passwd (pwd); + endpwent (); + } + else + return passwd_keys (argc - 2, &argv[2]); + } + else + goto error; + break; + default: + error: + fprintf (stderr, "Unknown database: %s\n", argv[1]); + return 1; + } + return 0; +} diff --git a/testsuite/nsswitch/getent.exp b/testsuite/nsswitch/getent.exp index fcd98670b8..72bf2ea1eb 100644 --- a/testsuite/nsswitch/getent.exp +++ b/testsuite/nsswitch/getent.exp @@ -3,35 +3,146 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib compile.exp +load_lib $srcdir/lib/nsswitch-config.exp # -# Test getent passwd +# @(#) Test getent passwd returns domain users # -set output [util_start "getent" "passwd" ""] +set wbinfo_output [util_start "bin/wbinfo" "-u"] +set getent_output [util_start "getent" "passwd" ""] -# Test output for domain users +if { ![regexp "$domain/" $getent_output] } { + fail "no domain users in getent passwd" + return +} + +if { [regexp "Error" $wbinfo_output] } { + fail "wbinfo -u failed" + return +} + +# +# @(#) Test each user in the output of wbinfo is also in the output of +# @(#) getent. +# + +# Test wbinfo user names are in getent user names + +foreach { user } [split $wbinfo_output "\n"] { + + verbose "looking for $user" + + set test_desc "getent passwd does not contain $user" + + if { ![regexp "$user" $getent_output] } { + fail $test_desc + } else { + pass $test_desc + } +} + +# Test getent user names are in wbinfo user names + +foreach { user } [split $getent_output "\n"] { + + set user_info [split $user ":"] + set username [lindex $user_info 0] + + if { [regexp {^[^/]+/} $username] } { + + set test_desc "wbinfo -u does not contain $username" + + if { ![regexp "$username" $wbinfo_output] } { + fail $test_desc + } else { + pass $test_desc + } + } else { + verbose "ignoring non-domain user $username" + } +} + +# +# @(#) Test each group in the output of wbinfo is also in the output of +# @(#) getent. +# + +set wbinfo_output [util_start "bin/wbinfo" "-g"] +set getent_output [util_start "getent" "group" ""] + +if { ![regexp "$domain/" $getent_output] } { + fail "no domain groups in getent passwd" + return +} + +if { [regexp "Error" $wbinfo_output] } { + fail "wbinfo -g failed" + return +} + +# Test wbinfo group names are in getent group names + +foreach { group } [split $wbinfo_output "\n"] { + + verbose "looking for $group" + + set test_desc "getent group does not contain $group" + + if { ![regexp "$group" $getent_output] } { + fail $test_desc + } else { + pass $test_desc + } +} + +# Test getent group names are in wbinfo group names + +foreach { group } [split $getent_output "\n"] { + + set group_info [split $group ":"] + set groupname [lindex $group_info 0] -foreach {user} $domain_users { - if {![regexp "$user" $output]} { - fail "getent passwd $user" + if { [regexp {^[^/]+/} $groupname] } { + + set test_desc "wbinfo -g does not contain $groupname" + + if { ![regexp "$groupname" $wbinfo_output] } { + fail $test_desc + } else { + pass $test_desc + } } else { - pass "getent passwd $user" + verbose "ignoring non-domain group $groupname" } } # -# Test getent group +# @(#) Test out of order and repeat calls of pwent functions +# @(#) Test out of order and repeat calls of grent functions # -set output [util_start "getent" "group" ""] +set getent_tests [list \ + { "out of order pwent operations" "getent_pwent" } \ + { "out of order grent operations" "getent_grent" } \ + ] + +# Compile and run each test -foreach {group} $domain_groups { - if {![regexp "$group" $output]} { - fail "getent group $group" +foreach { test } $getent_tests { + set test_desc [lindex $test 0] + set test_file [lindex $test 1] + + simple_compile $test_file + set output [util_start "$srcdir/$subdir/$test_file" ] + + if { [regexp "PASS" $output] } { + pass $test_desc + file delete "$srcdir/$subdir/$test_file" "$srcdir/$subdir/$test_file.o" } else { - pass "getent group $group" + fail $test_desc + puts $output } + } diff --git a/testsuite/nsswitch/getent_grent.c b/testsuite/nsswitch/getent_grent.c new file mode 100644 index 0000000000..782cc0c86b --- /dev/null +++ b/testsuite/nsswitch/getent_grent.c @@ -0,0 +1,101 @@ +/* Test out of order operations with {set,get,end}grent */ + +/* + Unix SMB/Netbios implementation. + Version 1.9. + Security context tests + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include <stdio.h> +#include <grp.h> + +int main (int argc, char **argv) +{ + struct group *gr; + int found = 0; + int num_users, i; + + /* Test getgrent() without setgrent() */ + + for (i = 0; i < 100; i++) { + gr = getgrent(); + + /* This is supposed to work */ + +#if 0 + if (gr != NULL) { + printf("FAIL: getgrent() with no setgrent()\n"); + return 1; + } +#endif + } + + /* Work out how many user till first domain group */ + + num_users = 0; + setgrent(); + + while (1) { + gr = getgrent(); + num_users++; + + if (gr == NULL) break; + + if (strchr(gr->gr_name, '/')) { + found = 1; + break; + } + + } + + if (!found) { + printf("FAIL: could not find any domain groups\n"); + return 1; + } + + /* Test stopping getgrent in the middle of a set of users */ + + endgrent(); + + /* Test setgrent() without any getgrent() calls */ + + setgrent(); + + for (i = 0; i < (num_users - 1); i++) { + getgrent(); + } + + endgrent(); + + /* Test lots of setgrent() calls */ + + for (i = 0; i < 100; i++) { + setgrent(); + } + + /* Test lots of endgrent() calls */ + + for (i = 0; i < 100; i++) { + endgrent(); + } + + /* Everything's cool */ + + printf("PASS\n"); + return 0; +} diff --git a/testsuite/nsswitch/getent_pwent.c b/testsuite/nsswitch/getent_pwent.c new file mode 100644 index 0000000000..96c804433a --- /dev/null +++ b/testsuite/nsswitch/getent_pwent.c @@ -0,0 +1,113 @@ +/* Test out of order operations with {set,get,end}pwent */ + +/* + Unix SMB/Netbios implementation. + Version 1.9. + Security context tests + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include <stdio.h> +#include <pwd.h> + +int main (int argc, char **argv) +{ + struct passwd *pw; + int found = 0; + int num_users, i; + + /* Test getpwent() without setpwent() */ + + for (i = 0; i < 100; i++) { + pw = getpwent(); + + /* This is supposed to work */ + +#if 0 + if (pw != NULL) { + printf("FAIL: getpwent() with no setpwent()\n"); + return 1; + } +#endif + } + + /* Work out how many user till first domain user */ + + num_users = 0; + setpwent(); + + while (1) { + pw = getpwent(); + num_users++; + + if (pw == NULL) break; + + if (strchr(pw->pw_name, '/')) { + found = 1; + break; + } + + } + + if (!found) { + printf("FAIL: could not find any domain users\n"); + return 1; + } + + /* Test stopping getpwent in the middle of a set of users */ + + endpwent(); + + /* Test setpwent() without any getpwent() calls */ + + setpwent(); + + for (i = 0; i < (num_users - 1); i++) { + getpwent(); + } + + endpwent(); + + /* Test lots of setpwent() calls */ + + setpwent(); + + for (i = 0; i < (num_users - 1); i++) { + getpwent(); + } + + for (i = 0; i < 100; i++) { + setpwent(); + } + + /* Test lots of endpwent() calls */ + + setpwent(); + + for (i = 0; i < (num_users - 1); i++) { + getpwent(); + } + + for (i = 0; i < 100; i++) { + endpwent(); + } + + /* Everything's cool */ + + printf("PASS\n"); + return 0; +} diff --git a/testsuite/nsswitch/getgrent_r.exp b/testsuite/nsswitch/getgrent_r.exp index d2dc47e252..c03237c2ad 100644 --- a/testsuite/nsswitch/getgrent_r.exp +++ b/testsuite/nsswitch/getgrent_r.exp @@ -3,8 +3,7 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib "$srcdir/lib/nsswitch-config.exp" # Compile getgrent_r.c diff --git a/testsuite/nsswitch/getgrgid.exp b/testsuite/nsswitch/getgrgid.exp index a6508b3cd5..c53749f262 100644 --- a/testsuite/nsswitch/getgrgid.exp +++ b/testsuite/nsswitch/getgrgid.exp @@ -3,25 +3,19 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib compile.exp -# Compile getpwuid.c +# Compile getgruid.c -set output [target_compile "$srcdir/$subdir/getgrgid.c" \ - "$srcdir/$subdir/getgrgid" executable {additional_flags="-g"}] +simple_compile "getgrgid" -if {$output != ""} { - perror "compile getgrgid" - puts $output - return -} - -# Get list of uids using getent +# Get list of gids using getent set output [util_start "getent" "group" ""] set got_entries 0 +verbose $output + foreach {line} [split $output "\n"] { # Process user @@ -29,7 +23,7 @@ foreach {line} [split $output "\n"] { set grp_entry [split $line ":"] set group [lindex $grp_entry 0] - if {[regexp "^($domain)/" $group]} { + if {[regexp {^[^/]+/} $group]} { set got_entries 1 @@ -40,6 +34,8 @@ foreach {line} [split $output "\n"] { # Test lookup of gid succeeds set output [util_start "$srcdir/$subdir/getgrgid" "$gid" ""] + verbose $output + if {[regexp "PASS:" $output]} { pass "getgrgid $gid ($group)" } else { diff --git a/testsuite/nsswitch/getgrnam.exp b/testsuite/nsswitch/getgrnam.exp index 2ba6ba0281..92c5b76742 100644 --- a/testsuite/nsswitch/getgrnam.exp +++ b/testsuite/nsswitch/getgrnam.exp @@ -1,26 +1,25 @@ # -# @(#) Test domain/local groups resolve using getgrnam() +# @(#) Test domain groups resolve using getgrnam() # -load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib "util-defs.exp" +load_lib "compile.exp" # Compile getgrnam.c -set output [target_compile "$srcdir/$subdir/getgrnam.c" \ - "$srcdir/$subdir/getgrnam" executable {additional_flags="-g"}] - -if {$output != ""} { - perror "compile getgrnam" - puts $output - return -} +simple_compile "getgrnam" # Test domain groups -foreach {group} $domain_groups { +set group_list [split [util_start "bin/wbinfo" "-g"] "\n"] + +verbose $group_list + +foreach {group} $group_list { set output [util_start "$srcdir/$subdir/getgrnam" "\"$group\"" ""] + + verbose $output + if {[regexp "PASS:" $output]} { pass "getgrnam $group" } else { diff --git a/testsuite/nsswitch/getpwent_r.exp b/testsuite/nsswitch/getpwent_r.exp index 9e6f915113..95c155d78c 100644 --- a/testsuite/nsswitch/getpwent_r.exp +++ b/testsuite/nsswitch/getpwent_r.exp @@ -3,8 +3,7 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib "$srcdir/lib/nsswitch-config.exp" # Compile getpwent_r.c diff --git a/testsuite/nsswitch/getpwnam.exp b/testsuite/nsswitch/getpwnam.exp index 49f61f1a5c..5f6b234339 100644 --- a/testsuite/nsswitch/getpwnam.exp +++ b/testsuite/nsswitch/getpwnam.exp @@ -1,26 +1,25 @@ # -# @(#) Test default domain users resolve using getpwnam() +# @(#) Test domain users resolve using getpwnam() # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" +load_lib "compile.exp" # Compile getpwnam.c -set output [target_compile "$srcdir/$subdir/getpwnam.c" \ - "$srcdir/$subdir/getpwnam" executable {additional_flags="-g"}] - -if {$output != ""} { - perror "compile getpwnam" - puts $output - return -} +simple_compile "getpwnam" # Test domain users -foreach {user} $domain_users { +set user_list [split [util_start "bin/wbinfo" "-u"] "\n"] + +verbose $user_list + +foreach { user } $user_list { set output [util_start "$srcdir/$subdir/getpwnam" "\"$user\"" ""] + + verbose $output + if {[regexp "PASS:" $output]} { pass "getpwnam $user" } else { diff --git a/testsuite/nsswitch/getpwuid.exp b/testsuite/nsswitch/getpwuid.exp index 48e7dcb2be..be6a01cb9e 100644 --- a/testsuite/nsswitch/getpwuid.exp +++ b/testsuite/nsswitch/getpwuid.exp @@ -3,8 +3,6 @@ # load_lib util-defs.exp -load_lib "$srcdir/config/env.exp" -load_lib "$srcdir/config/default-nt-names.exp" # Compile getpwuid.c @@ -22,6 +20,8 @@ if {$output != ""} { set output [util_start "getent" "passwd" ""] set got_entries 0 +verbose $output + foreach {line} [split $output "\n"] { # Process user @@ -29,7 +29,7 @@ foreach {line} [split $output "\n"] { set pwd_entry [split $line ":"] set user [lindex $pwd_entry 0] - if {[regexp "^($domain)/" $user]} { + if {[regexp {^[^/]+/} $user]} { set got_entries 1 @@ -41,10 +41,15 @@ foreach {line} [split $output "\n"] { # Test lookup of uid succeeds set output [util_start "$srcdir/$subdir/getpwuid" "$uid" ""] + + verbose $output + + set test_desc "getpwuid $uid ($user)" + if {[regexp "PASS:" $output]} { - pass "getpwuid $uid ($user)" + pass $test_desc } else { - fail "getpwuid $uid ($user)" + fail $test_desc } } } diff --git a/testsuite/nsswitch/groupmem_dom.exp b/testsuite/nsswitch/groupmem_dom.exp new file mode 100644 index 0000000000..3ba34bb810 --- /dev/null +++ b/testsuite/nsswitch/groupmem_dom.exp @@ -0,0 +1,33 @@ +# +# @(#) Test whether members of domain groups all have domain names +# + +load_lib util-defs.exp + +set group_list [split [util_start "getent group" ""] "\n"] +set failed 0 + +foreach { group } $group_list { + set group_entry [split $group ":"] + + set group_name [lindex $group_entry 0] + set group_members [split [lindex $group_entry 3] ","] + + if { [regexp {^[^/]+/} $group_name] } { + + verbose "group $group_name has members $group_members" + + foreach { user } $group_members { + if { ![regexp {^[^/]+/} $user] } { + fail "group $group has non-domain user $user" + set failed 1 + } + } + } else { + verbose "ignoring non-domain group $group_name" + } +} + +if { !$failed } { + pass "domain groups contain only domain members" +} diff --git a/testsuite/nsswitch/initgroups.c b/testsuite/nsswitch/initgroups.c new file mode 100644 index 0000000000..b7d9c50eaa --- /dev/null +++ b/testsuite/nsswitch/initgroups.c @@ -0,0 +1,42 @@ +#include <stdio.h> +#include <unistd.h> +#include <grp.h> +#include <pwd.h> +#include <sys/types.h> + +int main(int argc, char **argv) +{ + int result, ngroups, i; + gid_t *groups; + struct passwd *pw; + + if (!(pw = getpwnam(argv[1]))) { + printf("FAIL: no passwd entry for %s\n", argv[1]); + return 1; + } + + result = initgroups(argv[1], pw->pw_gid); + + if (result == -1) { + printf("FAIL"); + return 1; + } + + ngroups = getgroups(0, NULL); + + groups = (gid_t *)malloc(sizeof(gid_t) * ngroups); + ngroups = getgroups(ngroups, groups); + + printf("%s is a member of groups:\n", argv[1]); + + for (i = 0; i < ngroups; i++) { + struct group *grp; + + grp = getgrgid(groups[i]); + + printf("%d (%s)\n", groups[i], grp ? grp->gr_name : "?"); + } + + printf("PASS\n"); + return 0; +} diff --git a/testsuite/nsswitch/initgroups.exp b/testsuite/nsswitch/initgroups.exp new file mode 100644 index 0000000000..ab21bcc9e7 --- /dev/null +++ b/testsuite/nsswitch/initgroups.exp @@ -0,0 +1,37 @@ +# +# @(#) Test initgroups function +# + +load_lib util-defs.exp +load_lib compile.exp + +if { [util_start "id -u"] != 0 } { + set test_desc "must be userid 0 to run" + note $test_desc + untested $test_desc + return +} + +# Compile test program + +simple_compile "initgroups" + +# Test domain users + +set user_list [split [util_start "bin/wbinfo" "-u"] "\n"] + +verbose $user_list + +foreach { user } $user_list { + set output [util_start "$srcdir/$subdir/initgroups" "\"$user\"" ""] + + verbose $output + + set test_desc "initgroups $user" + + if { [regexp "PASS" $output] } { + pass $test_desc + } else { + fail $test_desc + } +} diff --git a/testsuite/nsswitch/longarg.exp b/testsuite/nsswitch/longarg.exp new file mode 100644 index 0000000000..e1d0eda9cc --- /dev/null +++ b/testsuite/nsswitch/longarg.exp @@ -0,0 +1,29 @@ +# +# @(#) Test handling of long arguments passed to various nss functions +# + +load_lib compile.exp +load_lib util-defs.exp + +# Run tests from C source files + +set longarg_tests [list \ + { "long arg to getpwnam()" "longarg_getpwnam" } \ + { "long arg to getgrnam()" "longarg_getgrnam" } \ + ] + +foreach { test } $longarg_tests { + set test_desc [lindex $test 0] + set test_file [lindex $test 1] + + simple_make "longarg" $test_file + set output [util_start "$srcdir/$subdir/$test_file" ] + + if { [regexp "PASS" $output] } { + pass $test_desc + file delete "$srcdir/$subdir/$test_file" "$srcdir/$subdir/$test_file.o" + } else { + fail $test_desc + puts $output + } +} diff --git a/testsuite/nsswitch/longarg_getgrnam.c b/testsuite/nsswitch/longarg_getgrnam.c new file mode 100644 index 0000000000..84083d2620 --- /dev/null +++ b/testsuite/nsswitch/longarg_getgrnam.c @@ -0,0 +1,42 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Security context tests + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <grp.h> +#include <sys/types.h> + +#include "longarg_utils.h" + +int main(void) +{ + struct group *grp; + char *domain = getenv("TEST_WORKGROUP"); + char long_name[65535]; + int failed = 0; + + sprintf(long_name, "%s/%s", domain, LONG_STRING); + + grp = getgrnam(long_name); + printf("%s\n", !grp ? "PASS" : "FAIL"); + + return grp == NULL; +} diff --git a/testsuite/nsswitch/longarg_getpwnam.c b/testsuite/nsswitch/longarg_getpwnam.c new file mode 100644 index 0000000000..f2a0a73ddc --- /dev/null +++ b/testsuite/nsswitch/longarg_getpwnam.c @@ -0,0 +1,42 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Security context tests + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include <stdio.h> +#include <stdlib.h> +#include <pwd.h> +#include <sys/types.h> + +#include "longarg_utils.h" + +int main(void) +{ + struct passwd *pwd; + char *domain = getenv("TEST_WORKGROUP"); + char long_name[65535]; + int failed = 0; + + sprintf(long_name, "%s/%s", domain, LONG_STRING); + + pwd = getpwnam(long_name); + printf("%s\n", !pwd ? "PASS" : "FAIL"); + + return pwd == NULL; +} diff --git a/testsuite/nsswitch/longarg_utils.h b/testsuite/nsswitch/longarg_utils.h new file mode 100644 index 0000000000..1f2f2a7065 --- /dev/null +++ b/testsuite/nsswitch/longarg_utils.h @@ -0,0 +1,27 @@ +/* + Unix SMB/Netbios implementation. + Version 1.9. + Security context tests + Copyright (C) Tim Potter 2000 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _LONGARG_UTILS_H +#define _LONGARG_UTILS_H + +#define LONG_STRING "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" + +#endif diff --git a/testsuite/nsswitch/nss_winbind_syms.c b/testsuite/nsswitch/nss_winbind_syms.c index 3df471ed99..29d1da9d49 100644 --- a/testsuite/nsswitch/nss_winbind_syms.c +++ b/testsuite/nsswitch/nss_winbind_syms.c @@ -18,6 +18,7 @@ static char *symlist[] = { "_nss_winbind_getpwuid_r", "_nss_winbind_setgrent", "_nss_winbind_setpwent", + "_nss_winbind_initgroups", NULL }; diff --git a/testsuite/nsswitch/nss_winbind_syms.exp b/testsuite/nsswitch/nss_winbind_syms.exp index a0cf4cf7fc..ab84cc5c75 100644 --- a/testsuite/nsswitch/nss_winbind_syms.exp +++ b/testsuite/nsswitch/nss_winbind_syms.exp @@ -14,33 +14,24 @@ # _nss_winbind_getpwuid_r # _nss_winbind_setgrent # _nss_winbind_setpwent +# _nss_winbind_initgroups # # This test also has the nice side-effect of showing any unresolved symbols # in the library. # load_lib util-defs.exp +load_lib compile.exp -# Compile nss_winbind_syms.c - -set output [target_compile "$srcdir/$subdir/nss_winbind_syms.c" \ - "$srcdir/$subdir/nss_winbind_syms" executable \ - {"libs=-ldl" "additional_flags=-g"}] - -if {$output != ""} { - perror "compile nss_winbind_syms.c" - puts $output - return -} - -# Run load-dl.c +simple_compile "nss_winbind_syms" "-ldl" set output [util_start "$srcdir/$subdir/nss_winbind_syms" \ "nsswitch/libnss_winbind.so"] -if {[regexp "FAIL:" $output]} { +verbose $output + +if { [regexp "FAIL:" $output] } { fail "run nss_winbind_syms" - puts $output return } diff --git a/testsuite/nsswitch/wbinfo.exp b/testsuite/nsswitch/wbinfo.exp new file mode 100644 index 0000000000..81ac14b78f --- /dev/null +++ b/testsuite/nsswitch/wbinfo.exp @@ -0,0 +1,360 @@ +# +# @(#) Test wbinfo client access to winbind daemon +# + +load_lib "util-defs.exp" +load_lib "$srcdir/lib/nsswitch-config.exp" +load_lib "$srcdir/lib/default-nt-names.exp" + +# Name types + +set SID_NAME_USER 1 +set SID_NAME_DOM_GRP 2 +set SID_NAME_DOMAIN 3 +set SID_NAME_ALIAS 4 +set SID_NAME_UNKNOWN 8 + +# Get list of users and groups + +set user_list [util_start "bin/wbinfo" "-u"] +set group_list [util_start "bin/wbinfo" "-g"] + +verbose "user list is:\n$user_list" +verbose "group list is:\n$group_list" + +set user_list [split $user_list "\n"] +set group_list [split $group_list "\n"] + +# +# @(#) Check list of users and groups contain default NT user and group +# @(#) names +# + +# Users + +foreach { user } $domain_users { + set test_desc "user $user in wbinfo domain users" + if {![regexp $user $user_list]} { + fail $test_desc + } else { + pass $test_desc + } +} + +# Groups + +foreach { group } $domain_groups { + set test_desc "group $group in wbinfo domain groups" + if {![regexp $group $group_list]} { + fail $test_desc + } else { + pass $test_desc + } +} + +# +# @(#) Lookup sids for all user and group names returned by wbinfo +# + +# Users + +foreach { user } $user_list { + set test_desc "get sid for user $user" + set output [util_start "bin/wbinfo" "-n \"$user\""] + + verbose $output + + # Split output into name and name_type + + set list [split $output " "] + set sid_type [lindex $list [expr [llength $list] - 1]] + set sid [join [lrange $list 0 [expr [llength $list] - 2]] " "] + + if { ![regexp "S-" $sid] } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "sid type for user $user" + if { $sid_type != $SID_NAME_USER } { + fail $test_desc + } else { + pass $test_desc + } + + lappend user_sid_list $sid +} + +# Groups + +foreach { group } $group_list { + set test_desc "get sid for group $group" + set output [util_start "bin/wbinfo" "-n \"$group\""] + + verbose $output + + # Split output into sid and sid type + + set list [split $output " "] + set sid_type [lindex $list [expr [llength $list] - 1]] + set sid [join [lrange $list 0 [expr [llength $list] - 2]] " "] + + if { ![regexp "S-" $sid] } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "sid type for group group" + if { $sid_type != $SID_NAME_DOM_GRP } { + fail $test_desc + } else { + pass $test_desc + } + + lappend group_sid_list $sid +} + +# +# @(#) Check reverse lookup of sids to names +# + +# Users + +set count 0 + +foreach { sid } $user_sid_list { + set test_desc "reverse user name lookup for sid $sid" + set output [util_start "bin/wbinfo" "-s $sid"] + + verbose $output + + # Split output into name and name_type + + set list [split $output " "] + set name_type [lindex $list [expr [llength $list] - 1]] + set name [join [lrange $list 0 [expr [llength $list] - 2]] " "] + + if { $name != [lindex $user_list $count] } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "reverse user name type lookup for sid $sid" + + if { $name_type != 1 } { + fail $test_desc + } else { + pass $test_desc + } + + incr count +} + +# Groups + +set count 0 + +foreach { sid } $group_sid_list { + set test_desc "reverse group name lookup for sid $sid" + set output [util_start "bin/wbinfo" "-s $sid"] + + verbose $output + + # Split output into name and name_type + + set list [split $output " "] + set name_type [lindex $list [expr [llength $list] - 1]] + set name [join [lrange $list 0 [expr [llength $list] - 2]] " "] + + if { $name != [lindex $group_list $count] } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "reverse group name type lookup for sid $sid" + + if { $name_type != 2 } { + fail $test_desc + } else { + pass $test_desc + } + + incr count +} + +# +# @(#) Cross-check the output of wbinfo -n, getent passwd/group and +# @(#) wbinfo -S +# + +# Get mapped list of uids from winbindd + +set output [util_start "getent" "passwd"] +set user_list [split $output "\n"] + +foreach { user_entry } $user_list { + if { [regexp $domain $user_entry] } { + set field_list [split $user_entry ":"] + set name_output [util_start "bin/wbinfo" \ + "-n \"[lindex $field_list 0]\""] + set list [split $name_output " "] + set name_type [lindex $list [expr [llength $list] - 1]] + set name [join [lrange $list 0 [expr [llength $list] - 2]] " "] + set username_uid_sid [lappend username_uid_sid [list \ + [lindex $field_list 0] \ + [lindex $field_list 2] \ + $name]] + } +} + +# Get mapped list of gids from winbindd + +set output [util_start "getent" "group"] +set group_list [split $output "\n"] + +foreach { group_entry } $group_list { + if { [regexp $domain $group_entry] } { + set field_list [split $group_entry ":"] + set groupname_gid_sid [lappend groupname_gid_sid [list \ + [lindex $field_list 0] \ + [lindex $field_list 2] \ + [util_start "bin/wbinfo" "-n \"[lindex $field_list 0]\""]]] + } +} + +# OK, now we have enough info to cross-check the uid/gid -> sid and +# sid -> uid/gid functions + +foreach { user } $username_uid_sid { + set sid [util_start "bin/wbinfo" "-U [lindex $user 1]"] + set uid [util_start "bin/wbinfo" "-S [lindex $user 2]"] + + set test_desc "lookup sid by uid [lindex $user 1]" + + if { $sid != [lindex $user 2] } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "lookup uid by sid [lindex $user 2]" + + if { $uid != [lindex $user 1] } { + fail $test_desc + } else { + pass $test_desc + } +} + +foreach { group } $groupname_gid_sid { + set sid [util_start "bin/wbinfo" "-G [lindex $group 1]"] + set gid [util_start "bin/wbinfo" "-Y [lindex $group 2]"] + + set test_desc "lookup sid by gid [lindex $group 1]" + + if { $sid != [lindex [split [lindex $group 2] " "] 0] || + [lindex [split [lindex $group 2] " " ] 1] != 2 } { + fail $test_desc + } else { + pass $test_desc + } + + set test_desc "lookup gid by sid [lindex $group 2]" + + if { $gid != [lindex $group 1] } { + fail $test_desc + } else { + pass $test_desc + } +} + +# Check exit codes + +proc check_errcode { args } { + global errorCode + set test_desc [lindex $args 0] + set cmd [lindex $args 1] + set result [lindex $args 2] + + set errorCode "" + verbose "Spawning $cmd" + catch "exec $cmd" output + set exit_code [lindex $errorCode 2] + if { $exit_code == "" } { set exit_code 0 } + + if { $exit_code == $result } { + verbose "process returned correct exit code $exit_code" + pass $test_desc + } else { + verbose "process returned bad exit code $exit_code instead of $result" + fail $test_desc + } +} + +set gooduser_name [lindex $user_list 0] +set gooduser_sid [util_start "bin/wbinfo" "-n $gooduser_name"] + +set goodgroup_name [lindex $group_list 0] +set goodgroup_sid [util_start "bin/wbinfo" "-n $goodgroup_name"] + +# Some conditions not tested: +# - bad list users/groups +# - good uid/gid to sid + +set errcode_tests [list \ + { "no arg" "bin/wbinfo" 1 } \ + { "invalid arg" "bin/wbinfo -@" 1 } \ + { "list users" "bin/wbinfo -u" 0 } \ + { "list groups" "bin/wbinfo -g" 0 } \ + { "good name to sid" "bin/wbinfo -n $gooduser_name" 0 } \ + { "bad name to sid" "bin/wbinfo -n asmithee" 0 } \ + { "good sid to name" "bin/wbinfo -s $gooduser_sid" 0 } \ + { "bad sid to name" "bin/wbinfo -s S-1234" 1 } \ + { "bad uid to sid" "bin/wbinfo -U 0" 1 } \ + { "bad gid to sid" "bin/wbinfo -G 0" 1} \ + { "good sid to uid" "bin/wbinfo -S $gooduser_sid" 0 } \ + { "bad sid to uid" "bin/wbinfo -S S-1234" 1 } \ + { "good sid to gid" "bin/wbinfo -Y $goodgroup_sid" 0 } \ + { "bad sid to gid" "bin/wbinfo -Y S-1234" 1 } \ + ] + +foreach { test } $errcode_tests { + check_errcode [lindex $test 0] [lindex $test 1] [lindex $test 2] +} + +# Test enumerate trusted domains + +set test_desc "enumerate trusted domains" +set output [util_start "bin/wbinfo" "-m"] + +verbose $output + +foreach { the_domain } $output { + if { $the_domain == $domain} { + fail "own domain appears in trusted list" + } +} + +if {[regexp "Usage" $output] || [regexp "Could not" $output]} { + fail $test_desc +} else { + pass $test_desc +} + +# Test check machine account + +set test_desc "check machine account" +set output [util_start "bin/wbinfo" "-t"] + +verbose $output + +if {[regexp "Usage" $output] || [regexp "Could not" $output] || \ + ![regexp "(good|bad)" $output]} { + fail $test_desc +} else { + pass $test_desc +} |