From df8e9c128716c89f5a1d58f032e3d641e033c8b0 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 16 Aug 2012 13:46:02 +1000 Subject: s3-selftest: Add a seperate test for ACL tests using vfstest This does not check for consistency or correctness yet, that will be done with python unit tests. The purpose of this test is to ensure that the vfstest wrapper doesn't crash. Andrew Bartlett Autobuild-User(master): Andrew Bartlett Autobuild-Date(master): Thu Aug 16 09:32:25 CEST 2012 on sn-devel-104 --- selftest/knownfail | 1 + source3/script/tests/vfstest-acl/run.sh | 52 ++++++++++++++++++++++++++++ source3/script/tests/vfstest-acl/vfstest.cmd | 6 ++++ source3/selftest/tests.py | 2 +- source3/torture/cmd_vfs.c | 45 ++++++++++++++++++------ 5 files changed, 95 insertions(+), 11 deletions(-) create mode 100755 source3/script/tests/vfstest-acl/run.sh create mode 100644 source3/script/tests/vfstest-acl/vfstest.cmd diff --git a/selftest/knownfail b/selftest/knownfail index dbd2616201..da3d93c908 100644 --- a/selftest/knownfail +++ b/selftest/knownfail @@ -46,6 +46,7 @@ # these show that we still have some differences between our system # with our internal iconv because it passes except when we bypass our # internal iconv modules +^samba.vfstest.acl.vfstest\(s3dc:local\) #until we get the fake_acls module into selftest ^samba4.local.convert_string_handle.system.iconv.gd_ascii ^samba4.local.convert_string_handle.system.iconv.gd_iso8859_cp850 ^samba4..*base.delete.*.deltest17 diff --git a/source3/script/tests/vfstest-acl/run.sh b/source3/script/tests/vfstest-acl/run.sh new file mode 100755 index 0000000000..ea7a4cbb28 --- /dev/null +++ b/source3/script/tests/vfstest-acl/run.sh @@ -0,0 +1,52 @@ +#!/bin/sh +if [ $# -lt 2 ]; then +cat </dev/null 2>&1 + + if [ $? = 0 ] ; then + # got ACCESS_DENIED .. fail + echo vfstest got NT_STATUS_ACCESS_DENIED + false + else + true + fi +} + +testit "vfstest" test_vfstest || failed=`expr $failed + 1` + +exit $failed diff --git a/source3/script/tests/vfstest-acl/vfstest.cmd b/source3/script/tests/vfstest-acl/vfstest.cmd new file mode 100644 index 0000000000..19f5fd6900 --- /dev/null +++ b/source3/script/tests/vfstest-acl/vfstest.cmd @@ -0,0 +1,6 @@ +connect +open x RC 0700 +get_nt_acl x +set_nt_acl x G:DAD:P(A;OICI;0x001f01ff;;;BA)(A;OICI;0x001200a9;;;SO)(A;OICI;0x001f01ff;;;SY)(A;OICI;0x001200a9;;;AU) +get_nt_acl x +sys_acl_get_file x 0 diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index 84e8d1e93d..00ecd6c373 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -156,8 +156,8 @@ tests=["--ping", "--separator", "--allocate-gid"] plantestsuite("samba.vfstest.stream_depot", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/stream-depot/run.sh"), binpath("vfstest"), "$PREFIX", configuration]) - plantestsuite("samba.vfstest.xattr-tdb-1", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/xattr-tdb-1/run.sh"), binpath("vfstest"), "$PREFIX", configuration]) +plantestsuite("samba.vfstest.acl", "s3dc:local", [os.path.join(samba3srcdir, "script/tests/vfstest-acl/run.sh"), binpath("vfstest"), "$PREFIX", configuration]) for options in ["--option=clientusespnego=no", " --option=clientntlmv2auth=no --option=clientlanmanauth=yes --max-protocol=LANMAN2", ""]: env = "s3dc" diff --git a/source3/torture/cmd_vfs.c b/source3/torture/cmd_vfs.c index 86373b7464..9c19f2f6d2 100644 --- a/source3/torture/cmd_vfs.c +++ b/source3/torture/cmd_vfs.c @@ -1461,14 +1461,13 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int a flags = O_RDWR; - fsp = SMB_MALLOC_P(struct files_struct); + fsp = talloc_zero(vfs, struct files_struct); if (fsp == NULL) { return NT_STATUS_NO_MEMORY; } - fsp->fh = SMB_MALLOC_P(struct fd_handle); + fsp->fh = talloc_zero(fsp, struct fd_handle); if (fsp->fh == NULL) { - SAFE_FREE(fsp->fsp_name); - SAFE_FREE(fsp); + TALLOC_FREE(fsp); return NT_STATUS_NO_MEMORY; } fsp->conn = vfs->conn; @@ -1476,7 +1475,7 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int a status = create_synthetic_smb_fname_split(NULL, argv[1], NULL, &smb_fname); if (!NT_STATUS_IS_OK(status)) { - SAFE_FREE(fsp); + TALLOC_FREE(fsp); return status; } @@ -1485,12 +1484,40 @@ static NTSTATUS cmd_set_nt_acl(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int a fsp->fh->fd = SMB_VFS_OPEN(vfs->conn, smb_fname, fsp, flags, mode); if (fsp->fh->fd == -1) { printf("open: error=%d (%s)\n", errno, strerror(errno)); - SAFE_FREE(fsp->fh); - SAFE_FREE(fsp); + TALLOC_FREE(fsp); TALLOC_FREE(smb_fname); return NT_STATUS_UNSUCCESSFUL; } + ret = SMB_VFS_FSTAT(fsp, &smb_fname->st); + if (ret == -1) { + /* If we have an fd, this stat should succeed. */ + DEBUG(0,("Error doing fstat on open file %s " + "(%s)\n", + smb_fname_str_dbg(smb_fname), + strerror(errno) )); + status = map_nt_error_from_unix(errno); + } else if (S_ISDIR(smb_fname->st.st_ex_mode)) { + errno = EISDIR; + status = NT_STATUS_FILE_IS_A_DIRECTORY; + } + + if (!NT_STATUS_IS_OK(status)) { + goto out; + } + + fsp->file_id = vfs_file_id_from_sbuf(vfs->conn, &smb_fname->st); + fsp->vuid = UID_FIELD_INVALID; + fsp->file_pid = 0; + fsp->can_lock = True; + fsp->can_read = True; + fsp->can_write = True; + fsp->print_file = NULL; + fsp->modified = False; + fsp->sent_oplock_break = NO_BREAK_SENT; + fsp->is_directory = False; + + sd = sddl_decode(talloc_tos(), argv[2], get_global_sam_sid()); if (!sd) { printf("sddl_decode failed to parse %s as SDDL\n", argv[2]); @@ -1510,9 +1537,7 @@ out: if (ret == -1 ) printf("close: error=%d (%s)\n", errno, strerror(errno)); - TALLOC_FREE(fsp->fsp_name); - SAFE_FREE(fsp->fh); - SAFE_FREE(fsp); + TALLOC_FREE(fsp); return status; } -- cgit