| |
@@ -0,0 +1,163 @@
|
| |
+ #!/bin/bash
|
| |
+ # vim: set dictionary=/usr/share/rhts-library/dictionary.vim cpt=.,w,b,u,t,i,k:
|
| |
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| |
+ #
|
| |
+ # runtest.sh of /samba/domain-join
|
| |
+ # Description: test basic functionality as a domain member
|
| |
+ # Author: Ales Zelinka <azelinka@redhat.com>
|
| |
+ #
|
| |
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| |
+ #
|
| |
+ # Copyright (c) 2009 Red Hat, Inc.
|
| |
+ #
|
| |
+ # This copyrighted material is made available to anyone wishing
|
| |
+ # to use, modify, copy, or redistribute it subject to the terms
|
| |
+ # and conditions of the GNU General Public License version 2.
|
| |
+ #
|
| |
+ # This program is distributed in the hope that it will be
|
| |
+ # useful, but WITHOUT ANY WARRANTY; without even the implied
|
| |
+ # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
|
| |
+ # PURPOSE. See the GNU General Public License for more details.
|
| |
+ #
|
| |
+ # You should have received a copy of the GNU General Public
|
| |
+ # License along with this program; if not, write to the Free
|
| |
+ # Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
|
| |
+ # Boston, MA 02110-1301, USA.
|
| |
+ #
|
| |
+ # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
| |
+
|
| |
+ # Include rhts environment
|
| |
+ . /usr/bin/rhts-environment.sh
|
| |
+ . /usr/share/rhts-library/rhtslib.sh
|
| |
+
|
| |
+ PACKAGE="samba"
|
| |
+ rpm -q samba3x && PACKAGE="samba3x"
|
| |
+ TEST=/samba/domain-join
|
| |
+
|
| |
+ rlJournalStart
|
| |
+ rlPhaseStartSetup Setup
|
| |
+ rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
|
| |
+ rlRun "cp expect-script $TmpDir/"
|
| |
+ # if empty, use default win-config
|
| |
+ [ -z $WINCONFIG ] && WINCONFIG="domain-join"
|
| |
+ rlRun "cp ./win-config-${WINCONFIG}.sh $TmpDir/win-config.sh" 0 "Copy determined win-config into Tmp directory"
|
| |
+ rlRun "pushd $TmpDir"
|
| |
+ rlCheckRpm samba-winbind || rlAssertRpm $PACKAGE
|
| |
+ rlRun "rlImport samba/samba-bits"
|
| |
+ rlServiceStop smb smbd nmb nmbd winbindd winbind cups chronyd
|
| |
+
|
| |
+ rlLogInfo "samba-bits included"
|
| |
+
|
| |
+ rlRun "sb_get_config"
|
| |
+ sb_config_join
|
| |
+ #expect can't handle slash (defautl separator) in variable (it quotes it with curly braces)
|
| |
+ sb_config_add "global" "winbind enum users = yes"
|
| |
+ sb_config_add "global" "winbind separator = +"
|
| |
+ sb_config_add "global" "log level = 10"
|
| |
+ sb_config_add "global" "winbind request timeout = 120"
|
| |
+ # BZ#748407
|
| |
+ sb_config_add "global" "kerberos method = secrets and keytab"
|
| |
+ sb_share_add "zelshare" "${TmpDir}"
|
| |
+ rlRun "sb_useradd zelda zelda"
|
| |
+
|
| |
+ rlFileBackup /etc/pam.d/ /var/log/samba/ /root/.ssh/known_hosts
|
| |
+ rlFileBackup /var/lib/samba/browse.dat
|
| |
+
|
| |
+ rlAssertRpm "expect"
|
| |
+ rlRun "rm -rf /var/log/samba/log.*" 0 "removing samba logs"
|
| |
+ rlRun "sb_join"
|
| |
+
|
| |
+ #sleep 30
|
| |
+ #BZ#866570
|
| |
+ #rlIsRHEL 5 || rlRun "grep 'Joined.* dns domain' $JLOG" 0 "we talk about domain instead of realm in log (because realm can't be in lowercase)"
|
| |
+ rlServiceStart winbind nmb smb
|
| |
+ sb_wait_all
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ rlGetTestState && {
|
| |
+ rlPhaseStartTest "Testing-DomainIntegration-${WINCONFIG}"
|
| |
+ rlRun "authconfig --enablewinbindauth --enablemkhomedir --winbindtemplateshell=/bin/bash --enablewinbindoffline --update" 0 "authconfig-uring pam"
|
| |
+ sleep 20
|
| |
+ #service winbind start performed by authconfig yet
|
| |
+ # sb_tries "getent passwd $WORKGROUP+$PDC_LOGIN" 10 10
|
| |
+ sb_join_verify
|
| |
+
|
| |
+ rlRun "smbclient -L $PDC_NBNAME.$REALM -U $PDC_LOGIN%$PDC_PASSWORD" 0 "smbclient to PDC works"
|
| |
+
|
| |
+ rlRun "su \"$WORKGROUP+administrator\" -c whoami |grep administrator" 0 "winbind to pam integration works (online)"
|
| |
+ rlRun "expect expect-script $WORKGROUP+$PDC_LOGIN $PDC_PASSWORD | grep -i \"/home/$WORKGROUP/$PDC_LOGIN\"" 0 "windows user can ssh in"
|
| |
+ rlGetPhaseState || rlBundleLogs logs /var/log/samba/*
|
| |
+ #megaverbose desperation debugging disabled
|
| |
+ set +x
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ rlPhaseStartTest Testing-OfflineMode
|
| |
+ rlRun "rm -rf /var/log/samba/log.*" 0 "removing samba logs"
|
| |
+ rlRun "iptables -I OUTPUT -p udp ! --dport 53 -d $PDC_IP -j DROP" 0 "disabling all connections to PDC except for dns"
|
| |
+ rlRun "su \"$WORKGROUP+administrator\" -c whoami |grep administrator" 0 "winbind to pam integration works (offline)"
|
| |
+ rlGetPhaseState || rlBundleLogs logs /var/log/samba/*
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ rlPhaseStartTest Testing-OfflineMode-BZ#626407
|
| |
+ rlRun "rm -rf /var/log/samba/log.*" 0 "removing samba logs"
|
| |
+ rlRun "service winbind restart" 0 "restarting winbind to verify BZ#626407 fix"
|
| |
+ sb_wait_winbind
|
| |
+ rlRun "su \"$WORKGROUP+administrator\" -c whoami |grep administrator" 0 "still works even after winbind restart (didn't wipe out caches)"
|
| |
+ rlRun "iptables -D OUTPUT -p udp ! --dport 53 -d $PDC_IP -j DROP" 0 "enabling connections to PDC"
|
| |
+ rlGetPhaseState || rlBundleLogs logs /var/log/samba/*
|
| |
+ sb_leave
|
| |
+ rlServiceStop smb nmb winbind
|
| |
+ sleep 10
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ if rlIsRHEL ">=6.8"; then
|
| |
+ rlPhaseStartTest "Test net join not update dns"
|
| |
+ rlRun "net ads join -U${PDC_LOGIN}%${PDC_PASSWORD} --no-dns-updates"
|
| |
+ sleep 20
|
| |
+ rlRun "net ads leave -U${WORKGROUP}\\\\${PDC_LOGIN}%${PDC_PASSWORD}"
|
| |
+ rlPhaseEnd
|
| |
+ fi
|
| |
+
|
| |
+ if ! rlIsRHEL 5; then
|
| |
+ rlPhaseStartTest keytab-AES-BZ#748407
|
| |
+ klist -ke /etc/krb5.keytab
|
| |
+ rlRun "klist -ke /etc/krb5.keytab |grep -q '(aes.*)'" 0 "AES keys found in the keytab"
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ rlPhaseStartTest Testing-Join-Using-Kerberos-BZ#737808
|
| |
+ rlRun "REALM_UPPER=$(echo $REALM | tr '[:lower:]' '[:upper:]')"
|
| |
+ rlRun "kdestroy"
|
| |
+ cat > expect-script-kinit <<EOF2
|
| |
+ #!/usr/bin/expect
|
| |
+ spawn kinit $PDC_LOGIN@$REALM_UPPER
|
| |
+ expect "*?assword:*"
|
| |
+ send -- "$PDC_PASSWORD\r"
|
| |
+ expect eof
|
| |
+ EOF2
|
| |
+ rlRun "chmod +x expect-script-kinit"
|
| |
+ rlRun "./expect-script-kinit 2>&1 | tee expect-script-kinit.log"
|
| |
+ rlRun "klist"
|
| |
+ sleep 60
|
| |
+ rlRun "net ads join -k"
|
| |
+ rlRun "net ads testjoin -k"
|
| |
+ rlRun "net ads leave -k"
|
| |
+ rlRun "kdestroy"
|
| |
+ rlGetPhaseState || rlBundleLogs logs /var/log/samba/* expect-script-kinit.log
|
| |
+ rlPhaseEnd
|
| |
+ fi
|
| |
+ }
|
| |
+
|
| |
+ rlPhaseStartCleanup Cleanup
|
| |
+ rlFileRestore
|
| |
+ rlRun "[ \"$WORKGROUP/$PDC_LOGIN\" != '/' ] && rm -rf \"/home/$WORKGROUP/$PDC_LOGIN\"" 0 "removing administrator's homedir"
|
| |
+ rlServiceRestore cups chronyd
|
| |
+
|
| |
+ userdel -f zelda
|
| |
+ rm -rf /home/ZELGROUP
|
| |
+ rlRun "popd"
|
| |
+ rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
|
| |
+ rlPhaseEnd
|
| |
+
|
| |
+ rlJournalPrintText
|
| |
+ rlJournalEnd
|
| |
+
|
| |