summaryrefslogtreecommitdiffstats
path: root/nsswitch/tests/test_rfc2307_mapping.sh
diff options
context:
space:
mode:
Diffstat (limited to 'nsswitch/tests/test_rfc2307_mapping.sh')
-rwxr-xr-xnsswitch/tests/test_rfc2307_mapping.sh187
1 files changed, 187 insertions, 0 deletions
diff --git a/nsswitch/tests/test_rfc2307_mapping.sh b/nsswitch/tests/test_rfc2307_mapping.sh
new file mode 100755
index 0000000..8cd2e5d
--- /dev/null
+++ b/nsswitch/tests/test_rfc2307_mapping.sh
@@ -0,0 +1,187 @@
+#!/bin/sh
+# Blackbox test for wbinfo and rfc2307 mappings
+if [ $# -lt 4 ]; then
+ cat <<EOF
+Usage: test_rfc2307_mapping.sh DOMAIN USERNAME PASSWORD SERVER UID_RFC2307TEST GID_RFC2307TEST
+EOF
+ exit 1
+fi
+
+DOMAIN=$1
+USERNAME=$2
+PASSWORD=$3
+SERVER=$4
+UID_RFC2307TEST=$5
+GID_RFC2307TEST=$6
+shift 6
+
+failed=0
+samba4bindir="$BINDIR"
+wbinfo="$VALGRIND $samba4bindir/wbinfo"
+samba_tool="$VALGRIND $samba4bindir/samba-tool"
+if [ -f "$samba4bindir/ldbmodify" ]; then
+ ldbmodify="$samba4bindir/ldbmodify"
+else
+ # Using system ldbmodify
+ ldbmodify="ldbmodify"
+fi
+
+. $(dirname $0)/../../testprogs/blackbox/subunit.sh
+
+testfail()
+{
+ name="$1"
+ shift
+ cmdline="$*"
+ echo "test: $name"
+ $cmdline
+ status=$?
+ if [ x$status = x0 ]; then
+ echo "failure: $name"
+ else
+ echo "success: $name"
+ fi
+ return $status
+}
+
+knownfail()
+{
+ name="$1"
+ shift
+ cmdline="$*"
+ echo "test: $name"
+ $cmdline
+ status=$?
+ if [ x$status = x0 ]; then
+ echo "failure: $name [unexpected success]"
+ status=1
+ else
+ echo "knownfail: $name"
+ status=0
+ fi
+ return $status
+}
+
+# Create new testing account
+testit "user add" $PYTHON $samba_tool user create --given-name="rfc2307" --surname="Tester" --initial="UT" rfc2307_test_user testp@ssw0Rd $@
+
+#test creation of six different groups
+testit "group add" $PYTHON $samba_tool group add $CONFIG --group-scope='Domain' --group-type='Security' rfc2307_test_group $@
+
+# Create new testing group
+
+# Convert name to SID
+testit "wbinfo -n against $TARGET" $wbinfo -n "$DOMAIN/rfc2307_test_user" || failed=$(expr $failed + 1)
+user_sid=$($wbinfo -n "$DOMAIN/rfc2307_test_user" | cut -d " " -f1)
+echo "$DOMAIN/rfc2307_test_user resolved to $user_sid"
+
+testit "wbinfo -s $user_sid against $TARGET" $wbinfo -s $user_sid || failed=$(expr $failed + 1)
+user_name=$($wbinfo -s $user_sid | cut -d " " -f1 | tr a-z A-Z)
+echo "$user_sid resolved to $user_name"
+
+tested_name=$(echo $DOMAIN/rfc2307_test_user | tr a-z A-Z)
+
+# Now check that wbinfo works correctly (sid <=> name)
+echo "test: wbinfo -s check for sane mapping"
+if test x$user_name != x$tested_name; then
+ echo "$user_name does not match $tested_name"
+ echo "failure: wbinfo -s check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -s check for sane mapping"
+fi
+
+testit "wbinfo -n on the returned name against $TARGET" $wbinfo -n $user_name || failed=$(expr $failed + 1)
+test_sid=$($wbinfo -n $tested_name | cut -d " " -f1)
+
+echo "test: wbinfo -n check for sane mapping"
+if test x$user_sid != x$test_sid; then
+ echo "$user_sid does not match $test_sid"
+ echo "failure: wbinfo -n check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -n check for sane mapping"
+fi
+
+testit "wbinfo -n against $TARGET" $wbinfo -n "$DOMAIN/rfc2307_test_group" || failed=$(expr $failed + 1)
+group_sid=$($wbinfo -n "$DOMAIN/rfc2307_test_group" | cut -d " " -f1)
+echo "$DOMAIN/rfc2307_test_group resolved to $group_sid"
+
+# Then add a uidNumber to the group record using ldbmodify
+cat >$PREFIX/tmpldbmodify <<EOF
+dn: <SID=$user_sid>
+changetype: modify
+add: uidNumber
+uidNumber: $UID_RFC2307TEST
+EOF
+
+testit "modify gidNumber on group" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify -U$DOMAIN/$USERNAME%$PASSWORD $@ || failed=$(expr $failed + 1)
+
+# Then add a gidNumber to the group record using ldbmodify
+cat >$PREFIX/tmpldbmodify <<EOF
+dn: <SID=$group_sid>
+changetype: modify
+add: gidNumber
+gidNumber: $GID_RFC2307TEST
+EOF
+
+testit "modify gidNumber on group" $VALGRIND $ldbmodify -H ldap://$SERVER $PREFIX/tmpldbmodify -U$DOMAIN/$USERNAME%$PASSWORD $@ || failed=$(expr $failed + 1)
+
+rm -f $PREFIX/tmpldbmodify
+
+# Now check we get a correct SID for the UID
+
+testit "wbinfo -U against $TARGET" $wbinfo -U $UID_RFC2307TEST || failed=$(expr $failed + 1)
+
+echo "test: wbinfo -U check for sane mapping"
+sid_for_user=$($wbinfo -U $UID_RFC2307TEST)
+if test x"$sid_for_user" != x"$user_sid"; then
+ echo "uid $UID_RFC2307TEST mapped to $sid_for_user, not $user_sid"
+ echo "failure: wbinfo -U check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -U check for sane mapping"
+fi
+
+testit "wbinfo -G against $TARGET" $wbinfo -G $GID_RFC2307TEST || failed=$(expr $failed + 1)
+
+echo "test: wbinfo -G check for sane mapping"
+sid_for_group=$($wbinfo -G $GID_RFC2307TEST)
+if test x$sid_for_group != "x$group_sid"; then
+ echo "gid $GID_RFC2307TEST mapped to $sid_for_group, not $group_sid"
+ echo "failure: wbinfo -G check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -G check for sane mapping"
+fi
+
+# Now check we get the right UID from the SID
+testit "wbinfo -S against $TARGET" $wbinfo -S "$user_sid" || failed=$(expr $failed + 1)
+
+echo "test: wbinfo -S check for sane mapping"
+uid_for_user_sid=$($wbinfo -S $user_sid)
+if test 0$uid_for_user_sid -ne $UID_RFC2307TEST; then
+ echo "$user_sid mapped to $uid_for_sid, not $UID_RFC2307TEST"
+ echo "failure: wbinfo -S check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -S check for sane mapping"
+fi
+
+# Now check we get the right GID from the SID
+testit "wbinfo -Y" $wbinfo -Y "$group_sid" || failed=$(expr $failed + 1)
+
+echo "test: wbinfo -Y check for sane mapping"
+gid_for_user_sid=$($wbinfo -Y $group_sid)
+if test 0$gid_for_user_sid -ne $GID_RFC2307TEST; then
+ echo "$group_sid mapped to $gid_for_sid, not $GID_RFC2307TEST"
+ echo "failure: wbinfo -Y check for sane mapping"
+ failed=$(expr $failed + 1)
+else
+ echo "success: wbinfo -Y check for sane mapping"
+fi
+
+testit "group delete" $PYTHON $samba_tool group delete rfc2307_test_group $@
+testit "user delete" $PYTHON $samba_tool user delete rfc2307_test_user $@
+
+exit $failed