From f708095be7357a9c23c454aa49dcb60c43f1359e Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Thu, 19 Dec 2019 16:31:24 +1300 Subject: [PATCH 1/2] test upgradedns: ensure lmdb lock files linked Add tests to check that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. Changes to python/samba/tests/__init__.py adding run_command manually copied from commit b27817d491794a292278832e3f59f955f418a6cb BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett (cherry picked from commit f0cebbe4dd0317e2abfcbe252977383e6f37f3bd) --- python/samba/tests/__init__.py | 16 +++++ python/samba/tests/samba_upgradedns_lmdb.py | 75 +++++++++++++++++++++ selftest/knownfail.d/bug-14199 | 1 + source4/selftest/tests.py | 2 + 4 files changed, 94 insertions(+) create mode 100644 python/samba/tests/samba_upgradedns_lmdb.py create mode 100644 selftest/knownfail.d/bug-14199 diff --git a/python/samba/tests/__init__.py b/python/samba/tests/__init__.py index 15824bd410a..ef0fdabbfa2 100644 --- a/python/samba/tests/__init__.py +++ b/python/samba/tests/__init__.py @@ -447,6 +447,22 @@ class BlackboxTestCase(TestCaseInTempDir): if retcode: raise BlackboxProcessError(retcode, line, stdoutdata, stderrdata) return stdoutdata + # + # Run a command without checking the return code, returns the tuple + # (ret, stdout, stderr) + # where ret is the return code + # stdout is a string containing the commands stdout + # stderr is a string containing the commands stderr + def run_command(self, line): + line = self._make_cmdline(line) + use_shell = not isinstance(line, list) + p = subprocess.Popen(line, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + shell=use_shell) + stdoutdata, stderrdata = p.communicate() + retcode = p.returncode + return (retcode, stdoutdata.decode('UTF8'), stderrdata.decode('UTF8')) # Generate a random password that can be safely passed on the command line # i.e. it does not contain any shell meta characters. diff --git a/python/samba/tests/samba_upgradedns_lmdb.py b/python/samba/tests/samba_upgradedns_lmdb.py new file mode 100644 index 00000000000..048993152e2 --- /dev/null +++ b/python/samba/tests/samba_upgradedns_lmdb.py @@ -0,0 +1,75 @@ +# Unix SMB/CIFS implementation. +# Copyright (C) Catalyst IT Ltd. 2019 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +from samba.tests.samba_tool.base import SambaToolCmdTest +import os +import shutil + + +class UpgradeDnsLmdbTestCase(SambaToolCmdTest): + """ + Tests for dns upgrade on a lmdb backend + """ + + def setUp(self): + super(UpgradeDnsLmdbTestCase, self).setUp() + self.tempsambadir = os.path.join(self.tempdir, "samba") + os.mkdir(self.tempsambadir) + + # provision a domain + # + # returns the tuple (ret, stdout, stderr) + def provision(self): + command = ( + "samba-tool " + "domain provision " + "--realm=foo.example.com " + "--domain=FOO " + "--targetdir=%s " + "--backend-store=mdb " + "--use-ntvfs " % self.tempsambadir) + return self.run_command(command) + + # upgrade a domains dns to BIND9 + # + # returns the tuple (ret, stdout, stderr) + def upgrade_dns(self): + command = ( + "samba_upgradedns " + "--dns-backend=BIND9_DLZ " + "--configfile %s/etc/smb.conf" % self.tempsambadir) + return self.run_command(command) + + def tearDown(self): + super(UpgradeDnsLmdbTestCase, self).tearDown() + shutil.rmtree(self.tempsambadir) + + def test_lmdb_lock_files_linked_on_upgrade_to_bind9_dlz(self): + """ + Ensure that links are created for the lock files as well as the + data files + """ + self.provision() + self.upgrade_dns() + directory = ("%s/bind-dns/dns/sam.ldb.d" % self.tempsambadir) + for filename in os.listdir(directory): + if filename.endswith(".ldb") and "DNSZONES" in filename: + lock_file = ("%s/%s-lock" % (directory, filename)) + self.assertTrue( + os.path.isfile(lock_file), + msg=("Lock file %s/%s-lock for %s, does not exist" % + (directory, filename, filename))) diff --git a/selftest/knownfail.d/bug-14199 b/selftest/knownfail.d/bug-14199 new file mode 100644 index 00000000000..f9508910b79 --- /dev/null +++ b/selftest/knownfail.d/bug-14199 @@ -0,0 +1 @@ +^samba.tests.samba_upgradedns_lmdb.samba.tests.samba_upgradedns_lmdb. diff --git a/source4/selftest/tests.py b/source4/selftest/tests.py index e1e395339df..ed4f2fc623e 100755 --- a/source4/selftest/tests.py +++ b/source4/selftest/tests.py @@ -689,6 +689,8 @@ planpythontestsuite("none", "samba.tests.samba_tool.provision_password_check", planpythontestsuite("none", "samba.tests.samba_tool.help", py3_compatible=True) planpythontestsuite("ad_dc_ntvfs:local", "samba.tests.samba_tool.passwordsettings", py3_compatible=True) +planpythontestsuite("none", "samba.tests.samba_upgradedns_lmdb") + # Run these against chgdcpass to share the runtime load planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.sites", py3_compatible=True) planpythontestsuite("chgdcpass:local", "samba.tests.samba_tool.dnscmd", py3_compatible=True) -- 2.17.1 From e941a5a33f63fb2fc3243729dd575f910bf281ef Mon Sep 17 00:00:00 2001 From: Gary Lockyer Date: Thu, 19 Dec 2019 16:31:46 +1300 Subject: [PATCH 2/2] upgradedns: ensure lmdb lock files linked Ensure that the '-lock' files for the dns partitions as well as the data files are linked when running samba_dnsupgrade --dns-backend=BIND9_DLZ failure to create these links can cause corruption of the corresponding data file. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14199 Signed-off-by: Gary Lockyer Reviewed-by: Andrew Bartlett (cherry picked from commit 0bd479140c18ab79479ced4f25f366744c3afe18) --- python/samba/provision/sambadns.py | 10 ++++++++++ selftest/knownfail.d/bug-14199 | 1 - 2 files changed, 10 insertions(+), 1 deletion(-) delete mode 100644 selftest/knownfail.d/bug-14199 diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py index 9b245608c63..239c99ff0b9 100644 --- a/python/samba/provision/sambadns.py +++ b/python/samba/provision/sambadns.py @@ -858,9 +858,19 @@ def create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid): os.path.join(dns_samldb_dir, metadata_file)) os.link(os.path.join(private_dir, domainzone_file), os.path.join(dns_dir, domainzone_file)) + if backend_store == "mdb": + # If the file is an lmdb data file need to link the + # lock file as well + os.link(os.path.join(private_dir, domainzone_file + "-lock"), + os.path.join(dns_dir, domainzone_file + "-lock")) if forestzone_file: os.link(os.path.join(private_dir, forestzone_file), os.path.join(dns_dir, forestzone_file)) + if backend_store == "mdb": + # If the database file is an lmdb data file need to link the + # lock file as well + os.link(os.path.join(private_dir, forestzone_file + "-lock"), + os.path.join(dns_dir, forestzone_file + "-lock")) except OSError: logger.error( "Failed to setup database for BIND, AD based DNS cannot be used") diff --git a/selftest/knownfail.d/bug-14199 b/selftest/knownfail.d/bug-14199 deleted file mode 100644 index f9508910b79..00000000000 --- a/selftest/knownfail.d/bug-14199 +++ /dev/null @@ -1 +0,0 @@ -^samba.tests.samba_upgradedns_lmdb.samba.tests.samba_upgradedns_lmdb. -- 2.17.1